diff options
Diffstat (limited to 'pkgs/development')
-rw-r--r-- | pkgs/development/haskell-modules/configuration-common.nix | 1 | ||||
-rw-r--r-- | pkgs/development/libraries/grpc/default.nix | 2 | ||||
-rw-r--r-- | pkgs/development/libraries/gsasl/default.nix | 2 | ||||
-rw-r--r-- | pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch | 13 | ||||
-rw-r--r-- | pkgs/development/libraries/libid3tag/default.nix | 5 | ||||
-rw-r--r-- | pkgs/development/r-modules/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/tools/jq/darwin-strptime-test.patch | 16 | ||||
-rw-r--r-- | pkgs/development/tools/jq/default.nix | 20 | ||||
-rw-r--r-- | pkgs/development/tools/pyre/default.nix | 55 | ||||
-rw-r--r-- | pkgs/development/tools/rust/cargo-asm/default.nix | 4 |
10 files changed, 54 insertions, 68 deletions
diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index 2c9d9d307ae3..56ffd6ee54ee 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -370,6 +370,7 @@ self: super: { safecopy = dontCheck super.safecopy; sai-shape-syb = dontCheck super.sai-shape-syb; scp-streams = dontCheck super.scp-streams; + sdl2 = dontCheck super.sdl2; # the test suite needs an x server sdl2-ttf = dontCheck super.sdl2-ttf; # as of version 0.2.1, the test suite requires user intervention separated = dontCheck super.separated; shadowsocks = dontCheck super.shadowsocks; diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index a21e2aacde2a..e568ea9eb650 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -26,6 +26,8 @@ stdenv.mkDerivation rec { rm -vf BUILD ''; + NIX_CFLAGS_COMPILE = "-Wno-error=unknown-warning-option"; + enableParallelBuilds = true; meta = with stdenv.lib; { diff --git a/pkgs/development/libraries/gsasl/default.nix b/pkgs/development/libraries/gsasl/default.nix index 71da2c716f84..a1df933149fd 100644 --- a/pkgs/development/libraries/gsasl/default.nix +++ b/pkgs/development/libraries/gsasl/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-gssapi-impl=mit" ]; - doCheck = true; + doCheck = !stdenv.hostPlatform.isDarwin; meta = { description = "GNU SASL, Simple Authentication and Security Layer library"; diff --git a/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch b/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch new file mode 100644 index 000000000000..b1f9d0978cec --- /dev/null +++ b/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch @@ -0,0 +1,13 @@ +Common subdirectories: libid3tag-0.15.1b/msvc++ and libid3tag-0.15.1b-patched/msvc++ +diff -uwp libid3tag-0.15.1b/utf16.c libid3tag-0.15.1b-patched/utf16.c +--- libid3tag-0.15.1b/utf16.c 2004-01-23 10:41:32.000000000 +0100 ++++ libid3tag-0.15.1b-patched/utf16.c 2018-11-01 13:12:00.866050641 +0100 +@@ -250,6 +250,8 @@ id3_ucs4_t *id3_utf16_deserialize(id3_by + id3_ucs4_t *ucs4; + + end = *ptr + (length & ~1); ++ if (end == *ptr) ++ return 0; + + utf16 = malloc((length / 2 + 1) * sizeof(*utf16)); + if (utf16 == 0) diff --git a/pkgs/development/libraries/libid3tag/default.nix b/pkgs/development/libraries/libid3tag/default.nix index 0289a5331f89..4b7d9bdc2e32 100644 --- a/pkgs/development/libraries/libid3tag/default.nix +++ b/pkgs/development/libraries/libid3tag/default.nix @@ -14,7 +14,10 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ zlib gperf ]; - patches = [ ./debian-patches.patch ]; + patches = [ + ./debian-patches.patch + ./CVE-2017-11550-and-CVE-2017-11551.patch + ]; preConfigure = '' configureFlagsArray+=( diff --git a/pkgs/development/r-modules/default.nix b/pkgs/development/r-modules/default.nix index f40c0fcb5592..428d6c60546e 100644 --- a/pkgs/development/r-modules/default.nix +++ b/pkgs/development/r-modules/default.nix @@ -942,6 +942,10 @@ let PKGCONFIG_LIBS = "-Wl,-rpath,${pkgs.openssl.out}/lib -L${pkgs.openssl.out}/lib -L${pkgs.cyrus_sasl.out}/lib -L${pkgs.zlib.out}/lib -lssl -lcrypto -lsasl2 -lz"; }); + ps = old.ps.overrideDerivation (attrs: { + preConfigure = "patchShebangs configure"; + }); + rlang = old.rlang.overrideDerivation (attrs: { preConfigure = "patchShebangs configure"; }); diff --git a/pkgs/development/tools/jq/darwin-strptime-test.patch b/pkgs/development/tools/jq/darwin-strptime-test.patch deleted file mode 100644 index 4ea83fc164a3..000000000000 --- a/pkgs/development/tools/jq/darwin-strptime-test.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/tests/jq.test b/tests/jq.test -index 4a4018b..f5aa7d5 100644 ---- a/src/tests/jq.test -+++ b/src/tests/jq.test -@@ -1144,9 +1144,9 @@ bsearch(4) - [1,2,3] - -4 - --[strptime("%Y-%m-%dT%H:%M:%SZ")|(.,mktime)] -+[strptime("%Y-%m-%dT%H:%M:%SZ")|mktime] - "2015-03-05T23:51:47Z" --[[2015,2,5,23,51,47,4,63],1425599507] -+[1425599507] - - strftime("%Y-%m-%dT%H:%M:%SZ") - [2015,2,5,23,51,47,4,63] diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index 712ec64bd416..b7b2b5066b9f 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -2,33 +2,17 @@ stdenv.mkDerivation rec { name = "jq-${version}"; - version="1.5"; + version="1.6"; src = fetchurl { url="https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; - sha256="0g29kyz4ykasdcrb0zmbrp2jqs9kv1wz9swx849i2d1ncknbzln4"; + sha256="1a76f46a652i2g333kfvrl6mp2w7whf6h1yly519izg4y967h9cn"; }; outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; buildInputs = [ oniguruma ]; - patches = [ - (fetchpatch { - name = "CVE-2015-8863.patch"; - url = https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd.diff; - sha256 = "18bjanzvklfzlzzd690y88725l7iwl4f6wnr429na5pfmircbpvh"; - }) - (fetchpatch { - name = "CVE-2016-4074.patch"; - url = https://patch-diff.githubusercontent.com/raw/stedolan/jq/pull/1214.diff; - sha256 = "1w8bapnyp56di6p9casbfczfn8258rw0z16grydavdjddfm280l9"; - }) - ] - ++ stdenv.lib.optional stdenv.isDarwin ./darwin-strptime-test.patch; - - patchFlags = [ "-p2" ]; # `src` subdir was introduced after v1.5 was released - configureFlags = [ "--bindir=\${bin}/bin" diff --git a/pkgs/development/tools/pyre/default.nix b/pkgs/development/tools/pyre/default.nix index 99e53610c01c..382e733cb98b 100644 --- a/pkgs/development/tools/pyre/default.nix +++ b/pkgs/development/tools/pyre/default.nix @@ -1,9 +1,15 @@ { stdenv, fetchFromGitHub, ocamlPackages, makeWrapper, writeScript -, dune, python3, rsync, fetchpatch }: +, dune, python3, rsync, fetchpatch, buck }: let # Manually set version - the setup script requires # hg and git + keeping the .git directory around. - pyre-version = "0.0.14"; + pyre-version = "0.0.17"; # also change typeshed revision below with $pyre-src/.typeshed-version + pyre-src = fetchFromGitHub { + owner = "facebook"; + repo = "pyre-check"; + rev = "v${pyre-version}"; + sha256 = "0y86a3g5xbgh0byksyx5jw7yq7w840x85dhz9inz6mkg5j06mcis"; + }; versionFile = writeScript "version.ml" '' cat > "./version.ml" <<EOF open Core @@ -20,12 +26,7 @@ let pyre-bin = stdenv.mkDerivation { name = "pyre-${pyre-version}"; - src = fetchFromGitHub { - owner = "facebook"; - repo = "pyre-check"; - rev = "v${pyre-version}"; - sha256 = "0c8xzaa3ljqb6llr041sydw0l4xqn7x21nw9vaymdxh35nx9bp2v"; - }; + src = pyre-src; nativeBuildInputs = [ makeWrapper ]; @@ -49,7 +50,6 @@ let export HOME=. # "external" because https://github.com/facebook/pyre-check/pull/8/files - cp Makefile.template Makefile sed "s/%VERSION%/external/" dune.in > dune cp ${versionFile} ./scripts/generate-version-number.sh @@ -77,20 +77,18 @@ let description = "A performant type-checker for Python 3"; homepage = https://pyre-check.org; license = licenses.mit; - platforms = with platforms; linux; + platforms = ocamlPackages.ocaml.meta.platforms; maintainers = with maintainers; [ teh ]; }; }; typeshed = stdenv.mkDerivation { name = "typeshed"; - # typeshed doesn't have versions, it seems to be synchronized with - # mypy relases. I'm assigning a random version here (same as pyre). version = pyre-version; src = fetchFromGitHub { owner = "python"; repo = "typeshed"; - rev = "a08c6ea"; - sha256 = "0wy8yh43vhyyc4g7iqnmlj66kz5in02y5qc0c4jdckhpa3mchaqk"; + rev = "bc3f9fe1d3c43b00c04cedb23e0eeebc9e1734b6"; + sha256 = "06b2kj4n49h4sgi8hn5kalmir8llhanfdc7f1924cxvrkj5ry94b"; }; phases = [ "unpackPhase" "installPhase" ]; installPhase = "cp -r $src $out"; @@ -98,19 +96,8 @@ typeshed = stdenv.mkDerivation { in python3.pkgs.buildPythonApplication rec { pname = "pyre-check"; version = pyre-version; - src = fetchFromGitHub { - owner = "facebook"; - repo = "pyre-check"; - rev = "v${pyre-version}"; - sha256 = "0ig7bx2kfn2kbxw74wysh5365yp5gyby42l9l29iclrzdghgk32l"; - }; - patches = [ - (fetchpatch { - url = "https://github.com/facebook/pyre-check/commit/b473d2ed9fc11e7c1cd0c7b8c42f521e5cdc2003.patch"; - sha256 = "05xvyp7j4n6z92bxf64rxfq5pvaadxgx1c8c5qziy75vdz72lkcy"; - }) - ./pyre-bdist-wheel.patch - ]; + src = pyre-src; + patches = [ ./pyre-bdist-wheel.patch ]; # The build-pypi-package script does some funky stuff with build # directories - easier to patch it a bit than to replace it @@ -119,15 +106,21 @@ in python3.pkgs.buildPythonApplication rec { mkdir ./build substituteInPlace scripts/build-pypi-package.sh \ --replace 'NIX_BINARY_FILE' '${pyre-bin}/bin/pyre.bin' \ - --replace 'BUILD_ROOT="$(mktemp -d)"' "BUILD_ROOT=$(pwd)/build" + --replace 'BUILD_ROOT="$(mktemp -d)"' "BUILD_ROOT=$PWD/build" + substituteInPlace client/buck.py \ + --replace '"buck"' '"${buck}/bin/buck"' + substituteInPlace client/tests/buck_test.py \ + --replace '"buck"' '"${buck}/bin/buck"' ''; - buildInputs = [ pyre-bin rsync ]; + buildInputs = [ pyre-bin ]; + nativeBuildInputs = [ rsync ]; # only required for build-pypi-package.sh propagatedBuildInputs = with python3.pkgs; [ docutils typeshed ]; buildPhase = '' bash scripts/build-pypi-package.sh --version ${pyre-version} --bundle-typeshed ${typeshed} cp -r build/dist dist ''; - - doCheck = false; # can't open file 'nix_run_setup': + checkPhase = '' + bash scripts/run-python-tests.sh + ''; } diff --git a/pkgs/development/tools/rust/cargo-asm/default.nix b/pkgs/development/tools/rust/cargo-asm/default.nix index ca793bf49080..246f5b18843c 100644 --- a/pkgs/development/tools/rust/cargo-asm/default.nix +++ b/pkgs/development/tools/rust/cargo-asm/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, rustPlatform }: +{ stdenv, fetchFromGitHub, rustPlatform, Security }: rustPlatform.buildRustPackage rec { name = "cargo-asm-${version}"; @@ -13,6 +13,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1m2j6i8hc8isdlj77gv9m6sk6q0x3bvzpva2k16g27i1ngy1989b"; + buildInputs = stdenv.lib.optional stdenv.isDarwin Security; + # Test checks against machine code output, which fails with some # LLVM/compiler versions. doCheck = false; |