diff options
Diffstat (limited to 'pkgs/tools')
52 files changed, 315 insertions, 244 deletions
diff --git a/pkgs/tools/X11/opentabletdriver/default.nix b/pkgs/tools/X11/opentabletdriver/default.nix index 82d9a6d65a31..9f39fb7fb5c0 100644 --- a/pkgs/tools/X11/opentabletdriver/default.nix +++ b/pkgs/tools/X11/opentabletdriver/default.nix @@ -1,7 +1,6 @@ { lib , buildDotnetModule , fetchFromGitHub -, fetchurl , gtk3 , libX11 , libXrandr @@ -13,24 +12,24 @@ , makeDesktopItem , nixosTests , wrapGAppsHook -, dpkg +, jq +, coreutils }: buildDotnetModule rec { pname = "OpenTabletDriver"; - version = "0.6.3.0"; + version = "0.6.4.0"; src = fetchFromGitHub { owner = "OpenTabletDriver"; repo = "OpenTabletDriver"; rev = "v${version}"; - hash = "sha256-v41qYNBgOXcFnDOJpQYitql1IZP3p8b3may5Pr04dbg="; + hash = "sha256-zK+feU96JOXjmkTndM9VyUid3z+MZFxJGH+MXaB6kzk="; }; - debPkg = fetchurl { - url = "https://github.com/OpenTabletDriver/OpenTabletDriver/releases/download/v${version}/OpenTabletDriver.deb"; - hash = "sha256-zWSJlkn7K/meTycWNTinC0hp0JubF22dJNOJeEIfGtI="; - }; + patches = [ + ./remove-git-from-generate-rules.patch + ]; dotnetInstallFlags = [ "--framework=net6.0" ]; @@ -42,7 +41,8 @@ buildDotnetModule rec { nativeBuildInputs = [ copyDesktopItems wrapGAppsHook - dpkg + # Dependency of generate-rules.sh + jq ]; runtimeDeps = [ @@ -76,8 +76,14 @@ buildDotnetModule rec { "OpenTabletDriver.Tests.ConfigurationTest.Configurations_DeviceIdentifier_IsNotConflicting" # Depends on processor load "OpenTabletDriver.Tests.TimerTests.TimerAccuracy" + # Can't find Configurations directory + "OpenTabletDriver.Tests.ConfigurationTest.Configurations_Verify_Configs_With_Schema" ]; + preBuild = '' + patchShebangs generate-rules.sh + ''; + postFixup = '' # Give a more "*nix" name to the binaries mv $out/bin/OpenTabletDriver.Console $out/bin/otd @@ -86,9 +92,10 @@ buildDotnetModule rec { install -Dm644 $src/OpenTabletDriver.UX/Assets/otd.png -t $out/share/pixmaps - # TODO: Ideally this should be build from OpenTabletDriver/OpenTabletDriver-udev instead - dpkg-deb --fsys-tarfile ${debPkg} | tar xf - ./usr/lib/udev/rules.d/99-opentabletdriver.rules - install -Dm644 ./usr/lib/udev/rules.d/99-opentabletdriver.rules -t $out/lib/udev/rules.d + mkdir -p $out/lib/udev/rules.d + ./generate-rules.sh \ + | sed 's@/usr/bin/env rm@${lib.getExe' coreutils "rm"}@' \ + > $out/lib/udev/rules.d/70-opentabletdriver.rules ''; desktopItems = [ @@ -113,7 +120,7 @@ buildDotnetModule rec { description = "Open source, cross-platform, user-mode tablet driver"; homepage = "https://github.com/OpenTabletDriver/OpenTabletDriver"; license = licenses.lgpl3Plus; - maintainers = with maintainers; [ thiagokokada ]; + maintainers = with maintainers; [ gepbird thiagokokada ]; platforms = [ "x86_64-linux" "aarch64-linux" ]; mainProgram = "otd"; }; diff --git a/pkgs/tools/X11/opentabletdriver/deps.nix b/pkgs/tools/X11/opentabletdriver/deps.nix index fe821bf70a9c..76674680d09c 100644 --- a/pkgs/tools/X11/opentabletdriver/deps.nix +++ b/pkgs/tools/X11/opentabletdriver/deps.nix @@ -40,7 +40,9 @@ (fetchNuGet { pname = "NETStandard.Library"; version = "1.6.1"; sha256 = "1z70wvsx2d847a2cjfii7b83pjfs34q05gb037fdjikv5kbagml8"; }) (fetchNuGet { pname = "Newtonsoft.Json"; version = "12.0.2"; sha256 = "0w2fbji1smd2y7x25qqibf1qrznmv4s6s0jvrbvr6alb7mfyqvh5"; }) (fetchNuGet { pname = "Newtonsoft.Json"; version = "13.0.1"; sha256 = "0fijg0w6iwap8gvzyjnndds0q4b8anwxxvik7y8vgq97dram4srb"; }) + (fetchNuGet { pname = "Newtonsoft.Json"; version = "13.0.3"; sha256 = "0xrwysmrn4midrjal8g2hr1bbg38iyisl0svamb11arqws4w2bw7"; }) (fetchNuGet { pname = "Newtonsoft.Json"; version = "9.0.1"; sha256 = "0mcy0i7pnfpqm4pcaiyzzji4g0c8i3a5gjz28rrr28110np8304r"; }) + (fetchNuGet { pname = "Newtonsoft.Json.Schema"; version = "3.0.15"; sha256 = "1nmc9zxpcyyf3f2ypxw6vnjwlw5sxjv13r65p2dy8xrx8jkgaslp"; }) (fetchNuGet { pname = "NuGet.Frameworks"; version = "5.0.0"; sha256 = "18ijvmj13cwjdrrm52c8fpq021531zaz4mj4b4zapxaqzzxf2qjr"; }) (fetchNuGet { pname = "Octokit"; version = "0.50.0"; sha256 = "1ignj5i6a1c19qqrw00wlr9fdjmwrxkxz7gdxj0x653w84gbv7qq"; }) (fetchNuGet { pname = "PangoSharp"; version = "3.24.24.34"; sha256 = "1r0h14cklglfpv1lhv93cxmzi2w7d5s03gzpq3j5dmrz43flg9zw"; }) @@ -109,6 +111,7 @@ (fetchNuGet { pname = "System.CommandLine"; version = "2.0.0-beta4.22272.1"; sha256 = "1iy5hwwgvx911g3yq65p4zsgpy08w4qz9j3h0igcf7yci44vw8yd"; }) (fetchNuGet { pname = "System.ComponentModel"; version = "4.3.0"; sha256 = "0986b10ww3nshy30x9sjyzm0jx339dkjxjj3401r3q0f6fx2wkcb"; }) (fetchNuGet { pname = "System.ComponentModel.Annotations"; version = "4.7.0"; sha256 = "06x1m46ddxj0ng28d7gry9gjkqdg2kp89jyf480g5gznyybbs49z"; }) + (fetchNuGet { pname = "System.ComponentModel.Annotations"; version = "5.0.0"; sha256 = "021h7x98lblq9avm1bgpa4i31c2kgsa7zn4sqhxf39g087ar756j"; }) (fetchNuGet { pname = "System.ComponentModel.Primitives"; version = "4.3.0"; sha256 = "1svfmcmgs0w0z9xdw2f2ps05rdxmkxxhf0l17xk9l1l8xfahkqr0"; }) (fetchNuGet { pname = "System.ComponentModel.TypeConverter"; version = "4.3.0"; sha256 = "17ng0p7v3nbrg3kycz10aqrrlw4lz9hzhws09pfh8gkwicyy481x"; }) (fetchNuGet { pname = "System.Console"; version = "4.3.0"; sha256 = "1flr7a9x920mr5cjsqmsy9wgnv3lvd0h1g521pdr1lkb2qycy7ay"; }) diff --git a/pkgs/tools/X11/opentabletdriver/remove-git-from-generate-rules.patch b/pkgs/tools/X11/opentabletdriver/remove-git-from-generate-rules.patch new file mode 100644 index 000000000000..6881cc777370 --- /dev/null +++ b/pkgs/tools/X11/opentabletdriver/remove-git-from-generate-rules.patch @@ -0,0 +1,22 @@ +diff --git a/generate-rules.sh b/generate-rules.sh +index ce6c3f3d..a0266612 100755 +--- a/generate-rules.sh ++++ b/generate-rules.sh +@@ -8,7 +8,7 @@ print_help() { + echo " -h, --help Print this help message" + } + +-for c in git jq tr awk sed; do ++for c in jq tr awk sed; do + command -v $c > /dev/null + if [[ $? > 0 ]]; then + echo "Error: Command $c not found in \$PATH." >&2 +@@ -23,7 +23,7 @@ tohex() { + shopt -s globstar + set -eu + +-OTD_CONFIGURATIONS="${OTD_CONFIGURATIONS:="$(git rev-parse --show-toplevel)/OpenTabletDriver.Configurations/Configurations"}" ++OTD_CONFIGURATIONS="${OTD_CONFIGURATIONS:="$src/OpenTabletDriver.Configurations/Configurations"}" + + while [ $# -gt 0 ]; do + case "$1" in diff --git a/pkgs/tools/admin/qovery-cli/default.nix b/pkgs/tools/admin/qovery-cli/default.nix index 966809e4256a..2b45bcf5853e 100644 --- a/pkgs/tools/admin/qovery-cli/default.nix +++ b/pkgs/tools/admin/qovery-cli/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "qovery-cli"; - version = "0.75.3"; + version = "0.75.5"; src = fetchFromGitHub { owner = "Qovery"; repo = "qovery-cli"; rev = "refs/tags/v${version}"; - hash = "sha256-+7rjr6CbUFeEqAfCGooY5dyeP+V5eRlwm3UQeJln6as="; + hash = "sha256-dmdyKMmIi09AG7deI20cYukUuT6485B5xNhpHk14zC8="; }; - vendorHash = "sha256-gIqLyGc4ik7cv2U4WS3Wy8BnIpK5NdjWSH0Z58AiVPE="; + vendorHash = "sha256-R1CAB42moobsYuXNTtZXNLcCpSp8jfSt2FQi5fRnEdI="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/admin/scaleway-cli/default.nix b/pkgs/tools/admin/scaleway-cli/default.nix index b27c95793ca2..c33f720ebad0 100644 --- a/pkgs/tools/admin/scaleway-cli/default.nix +++ b/pkgs/tools/admin/scaleway-cli/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "scaleway-cli"; - version = "2.25.0"; + version = "2.26.0"; src = fetchFromGitHub { owner = "scaleway"; repo = "scaleway-cli"; rev = "v${version}"; - sha256 = "sha256-wx/247ZNbdNdRiGLTfCig1JAjmXZX0aCHbOgelzMcyw="; + sha256 = "sha256-RfXNwuynlELT7gVWjlhjaX5nKuBJM+v6eAD/JCuRyck="; }; - vendorHash = "sha256-FftJsXM9sexRqBKrIeTdWh5Z0eYIK3acDNtptqqILD8="; + vendorHash = "sha256-hBfEQtuBkU2fKoCd78dpp+I19lTOycItqjlcA6KByLY="; ldflags = [ "-w" @@ -23,13 +23,39 @@ buildGoModule rec { "-X main.BuildDate=unknown" ]; - # some tests require network access to scaleway's API, failing when sandboxed - doCheck = false; + doCheck = true; + + # Some tests require access to scaleway's API, failing when sandboxed + preCheck = '' + substituteInPlace internal/core/bootstrap_test.go \ + --replace "TestInterruptError" "SkipInterruptError" + substituteInPlace internal/e2e/errors_test.go \ + --replace "TestStandardErrors" "SkipStandardErrors" + substituteInPlace internal/e2e/human_test.go \ + --replace "TestTestCommand" "SkipTestCommand" \ + --replace "TestHumanCreate" "SkipHumanCreate" \ + --replace "TestHumanList" "SkipHumanList" \ + --replace "TestHumanUpdate" "SkipHumanUpdate" \ + --replace "TestHumanGet" "SkipHumanGet" \ + --replace "TestHumanDelete" "SkipHumanDelete" + substituteInPlace internal/e2e/sdk_errors_test.go \ + --replace "TestSdkStandardErrors" "SkipSdkStandardErrors" + ''; + + doInstallCheck = true; + + installCheckPhase = '' + runHook preInstallCheck + + $out/bin/scw --help + + runHook postInstallCheck + ''; meta = with lib; { description = "Interact with Scaleway API from the command line"; homepage = "https://github.com/scaleway/scaleway-cli"; license = licenses.mit; - maintainers = with maintainers; [ nickhu techknowlogick ]; + maintainers = with maintainers; [ nickhu techknowlogick kashw2 ]; }; } diff --git a/pkgs/tools/admin/scalr-cli/default.nix b/pkgs/tools/admin/scalr-cli/default.nix index 7adbaf7f6689..8c05709c27b6 100644 --- a/pkgs/tools/admin/scalr-cli/default.nix +++ b/pkgs/tools/admin/scalr-cli/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "scalr-cli"; - version = "0.15.3"; + version = "0.15.4"; src = fetchFromGitHub { owner = "Scalr"; repo = "scalr-cli"; rev = "v${version}"; - hash = "sha256-ciretC6z2NcLffSkK78DFIUqbRHgVTA7OEyNk6qdAgI="; + hash = "sha256-Z+V+qD9vXlWGJg/fgjfici1Sa4NZhsQXkY8uBiee0aQ="; }; - vendorHash = "sha256-zyshSluHq5f+DQV4K7qxHNsZ4nKzL8J5A25rdg9fHeM="; + vendorHash = "sha256-mfxdodwZXzmGzh3Tk8WnjW74YXRlAzImGLqzKM5OkGw="; ldflags = [ "-s" "-w" diff --git a/pkgs/tools/admin/stripe-cli/default.nix b/pkgs/tools/admin/stripe-cli/default.nix index 3fc6a6dba776..3dcf7d855715 100644 --- a/pkgs/tools/admin/stripe-cli/default.nix +++ b/pkgs/tools/admin/stripe-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "stripe-cli"; - version = "1.18.0"; + version = "1.19.1"; src = fetchFromGitHub { owner = "stripe"; repo = pname; rev = "v${version}"; - hash = "sha256-1AdR0PHAhrMbeCD5zNsU9JoXInQD+qUIYfveBD60wR0="; + hash = "sha256-4xyJZKFkijgemNwGC8pi7zF9MgtwgSKIvDRZ8jJ2h8o="; }; vendorHash = "sha256-DYA6cu2KzEBZ4wsT7wjcdY1endQQOZlj2aOwu6iGLew="; diff --git a/pkgs/tools/admin/syft/default.nix b/pkgs/tools/admin/syft/default.nix index 32d46c15f332..802c7a46215b 100644 --- a/pkgs/tools/admin/syft/default.nix +++ b/pkgs/tools/admin/syft/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "syft"; - version = "0.98.0"; + version = "0.99.0"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "v${version}"; - hash = "sha256-9RHh5wMtJ0QUjrKBTp+4IGKmiNkiz3SWp08aT3DWHzA="; + hash = "sha256-1Fw/1OVSKW+sIfVD4rodtTwu7JUhIsLEvIpYP49SqKQ="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -22,7 +22,7 @@ buildGoModule rec { }; # hash mismatch with darwin proxyVendor = true; - vendorHash = "sha256-ht768PXHchgR4sxMDtQc1IEYpd0lflIe0aCQhX6ppZ4="; + vendorHash = "sha256-y6tw/umiEgwdoafa/CTg78naMWvr+DBOtXT/rMs1agQ="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/admin/trivy/default.nix b/pkgs/tools/admin/trivy/default.nix index 8e8bbfa78e92..1af050640726 100644 --- a/pkgs/tools/admin/trivy/default.nix +++ b/pkgs/tools/admin/trivy/default.nix @@ -1,6 +1,9 @@ { lib +, stdenv +, buildPackages , buildGoModule , fetchFromGitHub +, installShellFiles , testers , trivy }: @@ -29,9 +32,22 @@ buildGoModule rec { "-X=github.com/aquasecurity/trivy/pkg/version.ver=v${version}" ]; + nativeBuildInputs = [ installShellFiles ]; + # Tests require network access doCheck = false; + postInstall = + let + trivy = if stdenv.buildPlatform.canExecute stdenv.hostPlatform then placeholder "out" else buildPackages.trivy; + in + '' + installShellCompletion --cmd trivy \ + --bash <(${trivy}/bin/trivy completion bash) \ + --fish <(${trivy}/bin/trivy completion fish) \ + --zsh <(${trivy}/bin/trivy completion zsh) + ''; + doInstallCheck = true; passthru.tests.version = testers.testVersion { @@ -51,6 +67,7 @@ buildGoModule rec { vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). ''; + mainProgram = "trivy"; license = licenses.asl20; maintainers = with maintainers; [ fab jk ]; }; diff --git a/pkgs/tools/graphics/netpbm/default.nix b/pkgs/tools/graphics/netpbm/default.nix index 105169c5e030..79194304dc62 100644 --- a/pkgs/tools/graphics/netpbm/default.nix +++ b/pkgs/tools/graphics/netpbm/default.nix @@ -20,14 +20,14 @@ stdenv.mkDerivation { # Determine version and revision from: # https://sourceforge.net/p/netpbm/code/HEAD/log/?path=/advanced pname = "netpbm"; - version = "11.4.4"; + version = "11.4.5"; outputs = [ "bin" "out" "dev" ]; src = fetchsvn { url = "https://svn.code.sf.net/p/netpbm/code/advanced"; - rev = "4784"; - sha256 = "GoO32AWu2s/s1IzehPynCJctc1F98dQhz5cQSXQhu2A="; + rev = "4800"; + sha256 = "ftMw2N63iEsf8GPuuXLe/hw+LN0lAUKyhk7wGZMboHY="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/graphics/resvg/default.nix b/pkgs/tools/graphics/resvg/default.nix index 539e3faebfdc..734ac97fdc73 100644 --- a/pkgs/tools/graphics/resvg/default.nix +++ b/pkgs/tools/graphics/resvg/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "resvg"; - version = "0.36.0"; + version = "0.37.0"; src = fetchFromGitHub { owner = "RazrFalcon"; repo = pname; rev = "v${version}"; - hash = "sha256-KxEeC9E1XG5ascIWzSAoNXtdJyPiEsXcQGebmhs/qkE="; + hash = "sha256-IRIyxQk0BqFufZafq7klUHAW1lculqbcH67kf3jtjwo="; }; - cargoHash = "sha256-iiPtf1xEBB80Cs31uUEbxG9YgKItdZCNGS6TTgrj4uM="; + cargoHash = "sha256-yKQRjY+aEXU5C3LhAyavtX8PazbAvAHQ7fykmK7LAQ8="; cargoBuildFlags = [ "--package=resvg" diff --git a/pkgs/tools/graphics/vulkan-helper/default.nix b/pkgs/tools/graphics/vulkan-helper/default.nix index 404ce734b5b3..93e6d7be0f04 100644 --- a/pkgs/tools/graphics/vulkan-helper/default.nix +++ b/pkgs/tools/graphics/vulkan-helper/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "vulkan-helper"; - version = "unstable-2023-09-16"; + version = "unstable-2023-12-22"; src = fetchFromGitHub { owner = "imLinguin"; repo = "vulkan-helper-rs"; - rev = "d65b1a17a11ec20670c77d8da02e68d388ed0888"; - hash = "sha256-usbYNalA0r09LXR6eV2e/T1eMNV4LnhzYLzPJQ6XNKQ="; + rev = "04b290c92febcfd6293fcf4730ce3bba55cd9ce0"; + hash = "sha256-2pLHnTn0gJKz4gfrR6h85LHOaZPrhIGYzQeci4Dzz2E="; }; - cargoSha256 = "sha256-fgB0vlbOhzGV1Sj180GCuTGZlVpAUlBUMAfsrG2FiuA="; + cargoSha256 = "sha256-OXMz1qu4/LDeQbwe7shhn2Eee15xKmBpWSsP0IbjoGM="; nativeBuildInputs = [ addOpenGLRunpath diff --git a/pkgs/tools/inputmethods/ibus/default.nix b/pkgs/tools/inputmethods/ibus/default.nix index 5bbaa0629ed4..417b1be605d5 100644 --- a/pkgs/tools/inputmethods/ibus/default.nix +++ b/pkgs/tools/inputmethods/ibus/default.nix @@ -83,6 +83,11 @@ stdenv.mkDerivation rec { url = "https://github.com/ibus/ibus/commit/8f706d160631f1ffdbfa16543a38b9d5f91c16ad.patch"; hash = "sha256-YzS9TmUWW0OmheDeCeU00kFK2U2QEmKYMSRJAbu14ec="; }) + # fix missing key releases in Wine https://github.com/ibus/ibus/issues/2480 + (fetchpatch { + url = "https://github.com/ibus/ibus/commit/497f0c74230a65309e22ce5569060ce48310406b.patch"; + hash = "sha256-PAZcUxmzjChs1/K8hXgOcytyS4LYoNL1dtU6X5Tx8ic="; + }) ]; outputs = [ "out" "dev" "installedTests" ]; diff --git a/pkgs/tools/misc/boxxy/default.nix b/pkgs/tools/misc/boxxy/default.nix index 52a0b94abeda..ac723e959022 100644 --- a/pkgs/tools/misc/boxxy/default.nix +++ b/pkgs/tools/misc/boxxy/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage rec { pname = "boxxy"; - version = "0.8.3"; + version = "0.8.4"; src = fetchFromGitHub { owner = "queer"; repo = "boxxy"; rev = "v${version}"; - hash = "sha256-BxI2Ju1I1IytCjx6vUoIy1jzebSeRmoObDEtN/sBEDg="; + hash = "sha256-euIecFMDktL0gDkso83T1qZfVdfYAAC+WBMsfZaarAQ="; }; - cargoHash = "sha256-ZEQsCm13MoFtpIjjtD5UANH5zrPDX4IjEmqJLwnftps="; + cargoHash = "sha256-8aIuMRjZHLlP3x+C9S9WX21/i98RAUvGGwzptzCpRR4="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/tools/misc/broot/default.nix b/pkgs/tools/misc/broot/default.nix index 1b5f53385d51..9053ca87fd78 100644 --- a/pkgs/tools/misc/broot/default.nix +++ b/pkgs/tools/misc/broot/default.nix @@ -8,6 +8,7 @@ , libgit2 , oniguruma , libiconv +, Foundation , Security , xorg , zlib @@ -35,6 +36,7 @@ rustPlatform.buildRustPackage rec { ]; buildInputs = [ libgit2 oniguruma xorg.libxcb ] ++ lib.optionals stdenv.isDarwin [ + Foundation libiconv Security zlib diff --git a/pkgs/tools/misc/faketty/default.nix b/pkgs/tools/misc/faketty/default.nix index 4515f83d1f83..815eb5a631c9 100644 --- a/pkgs/tools/misc/faketty/default.nix +++ b/pkgs/tools/misc/faketty/default.nix @@ -2,14 +2,14 @@ rustPlatform.buildRustPackage rec { pname = "faketty"; - version = "1.0.13"; + version = "1.0.14"; src = fetchCrate { inherit pname version; - hash = "sha256-jV5b6mB81Nz0Q+Toj5DTQq2QcM+EoQ7jRYV/OXgtemA="; + hash = "sha256-oma8Vmp1AMmEGyZG8i/ztiyYH0RrLZ/l/vXgPJs+5o0="; }; - cargoHash = "sha256-9t1Km/ZXzxyO72CaWM81fWGcFkri7F+wMAVom0GV/YM="; + cargoHash = "sha256-+gojthIR5WMSjN1gCUyN0cKHWYBKBezsckVZJD7JncM="; postPatch = '' patchShebangs tests/test.sh diff --git a/pkgs/tools/misc/grub/default.nix b/pkgs/tools/misc/grub/default.nix index 727c6ae073e6..8f1ff2625d36 100644 --- a/pkgs/tools/misc/grub/default.nix +++ b/pkgs/tools/misc/grub/default.nix @@ -49,8 +49,8 @@ let src = fetchFromSavannah { repo = "grub"; - rev = "grub-2.12-rc1"; - hash = "sha256-DrNFzi2o7ZUfL3bMdG63xivZIjcTgv8RODJz7hLJ3WY="; + rev = "grub-2.12"; + hash = "sha256-lathsBb2f7urh8R86ihpTdwo3h1hAHnRiHd5gCLVpBc="; }; # HACK: the translations are stored on a different server, @@ -61,7 +61,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-XpQ4tu5eNRARdbg95LOjqp+2RCVRj1qZWe+Sc0O5zNg="; + outputHash = "sha256-XzW2e7Xe7Pi297eV/fD2B/6uONEz9UjL2EHDCY0huTA="; } '' mkdir -p po @@ -77,46 +77,12 @@ assert !(efiSupport && xenSupport); stdenv.mkDerivation rec { pname = "grub"; - version = "2.12-rc1"; + version = "2.12"; inherit src; patches = [ ./fix-bash-completion.patch ./add-hidden-menu-entries.patch - - # Revert upstream commit that breaks reading XFS filesystems - # FIXME: remove when fixed upstream - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ef7850c757fb3dd2462a512cfa0ff19c89fcc0b1"; - revert = true; - hash = "sha256-p8Kcv9d7ri4eJU6Fgqyzdj0hV5MHSe50AF02FPDJx2Y="; - }) - - # Fixes for NTFS bugs (CVE-2023-4692 and CVE-2023-4693) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=43651027d24e62a7a463254165e1e46e42aecdea"; - hash = "sha256-/oudbfL8Ph7ZsgsFUI0YIddji+7okFRG12E/rDsgvNM="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94"; - hash = "sha256-6EhLzVapN2n62Lgo+PnB4SRvDkYWFkrKNinCvArRUXk="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7e5f031a6a6a3decc2360a7b0c71abbe598e7354"; - hash = "sha256-R2vmVGidm1ZFxopt/71y2816z2i/vvPrthZE52oc4CI="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7a5a116739fa6d8a625da7d6b9272c9a2462f967"; - hash = "sha256-T1LglEcUl9GXQjJ6Y4fKuFyFAujNRbcAb9KoNkl6jXs="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1fe82c41e070385e273d7bb1cfb482627a3c28e8"; - hash = "sha256-x/V7bmRaNxo8NNOUwVti59n9ST/2yTJ/blWjk3omdqE="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=e58b870ff926415e23fc386af41ff81b2f588763"; - hash = "sha256-a0faNQafL+uRIglnILkLj64ROWxqmczQTQSu3VdklSk="; - }) ]; postPatch = if kbdcompSupport then '' diff --git a/pkgs/tools/misc/lesspipe/default.nix b/pkgs/tools/misc/lesspipe/default.nix index f478aaea0519..c7978485c7e4 100644 --- a/pkgs/tools/misc/lesspipe/default.nix +++ b/pkgs/tools/misc/lesspipe/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchFromGitHub, makeWrapper, perl, procps, file, gnused, bash }: +{ lib, stdenv, fetchFromGitHub, makeWrapper, perl, procps, file, gnused, bash, binutils }: stdenv.mkDerivation rec { pname = "lesspipe"; @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { postInstall = '' for f in lesspipe.sh lesscomplete; do - wrapProgram "$out/bin/$f" --prefix-each PATH : "${lib.makeBinPath [ file gnused procps ]}" + wrapProgram "$out/bin/$f" --prefix-each PATH : "${lib.makeBinPath [ binutils file gnused procps ]}" done ''; diff --git a/pkgs/tools/misc/moar/default.nix b/pkgs/tools/misc/moar/default.nix index c4508d442478..232972d35ac0 100644 --- a/pkgs/tools/misc/moar/default.nix +++ b/pkgs/tools/misc/moar/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "moar"; - version = "1.18.5"; + version = "1.18.6"; src = fetchFromGitHub { owner = "walles"; repo = pname; rev = "v${version}"; - hash = "sha256-3s95PjuHIQ0qeTtVOXqsrWFrCeuUUaaA9Lgab4ATetg="; + hash = "sha256-QQapWDTJkP0YuyNR8J1N2IEETG1BfkdWv40SPD/JKYg="; }; vendorHash = "sha256-x6BeU6JDayCOi8T8+NvXZe59QmTaO9RAYwSiFlDPL/c="; diff --git a/pkgs/tools/misc/mongodb-compass/default.nix b/pkgs/tools/misc/mongodb-compass/default.nix index cc5858c16fb7..6c1c2b81f90c 100644 --- a/pkgs/tools/misc/mongodb-compass/default.nix +++ b/pkgs/tools/misc/mongodb-compass/default.nix @@ -33,7 +33,7 @@ xorg, }: let - version = "1.40.4"; + version = "1.41.0"; rpath = lib.makeLibraryPath [ alsa-lib @@ -82,7 +82,7 @@ let if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { url = "https://downloads.mongodb.com/compass/mongodb-compass_${version}_amd64.deb"; - sha256 = "sha256-PETvcHlR11hdi/KirPXKkH4mrLUyVpyQDtxf3SMx9tw="; + sha256 = "sha256-uVIN2oSpaRSeJK1bhjzMqSMmnQm+1i6xsw1RWjmsvGY="; } else throw "MongoDB compass is not supported on ${stdenv.hostPlatform.system}"; diff --git a/pkgs/tools/misc/plantuml-server/default.nix b/pkgs/tools/misc/plantuml-server/default.nix index dc7fe1627a1c..689a502efde1 100644 --- a/pkgs/tools/misc/plantuml-server/default.nix +++ b/pkgs/tools/misc/plantuml-server/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchurl, nixosTests }: let - version = "1.2023.12"; + version = "1.2023.13"; in stdenv.mkDerivation rec { pname = "plantuml-server"; inherit version; src = fetchurl { url = "https://github.com/plantuml/plantuml-server/releases/download/v${version}/plantuml-v${version}.war"; - sha256 = "sha256-RHlv0kVJvAInLAd70001OTcJuh3Qg2C9o+//zR37zxc="; + sha256 = "sha256-8MfInkDJ57Usm4KTESwEig/X9xfoxXTf+oA9F3bgMT0="; }; dontUnpack = true; diff --git a/pkgs/tools/misc/rpi-imager/default.nix b/pkgs/tools/misc/rpi-imager/default.nix index 455113c45e68..cadea00d9016 100644 --- a/pkgs/tools/misc/rpi-imager/default.nix +++ b/pkgs/tools/misc/rpi-imager/default.nix @@ -21,13 +21,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "rpi-imager"; - version = "1.8.3"; + version = "1.8.4"; src = fetchFromGitHub { owner = "raspberrypi"; repo = finalAttrs.pname; rev = "refs/tags/v${finalAttrs.version}"; - sha256 = "sha256-+8jSKYy3w+S7BP7q+K5UYXa8Fp6uNEya47ssYkVCHH4="; + sha256 = "sha256-ZuS/fhPpVlLSdaD+t+qIw6fdEbi7c82X+BxcgWlPntg="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/misc/star-history/default.nix b/pkgs/tools/misc/star-history/default.nix index 113280617cb0..3395cacf4ef3 100644 --- a/pkgs/tools/misc/star-history/default.nix +++ b/pkgs/tools/misc/star-history/default.nix @@ -1,27 +1,27 @@ { lib , rustPlatform +, darwin , fetchCrate , pkg-config , openssl , stdenv -, Security }: rustPlatform.buildRustPackage rec { pname = "star-history"; - version = "1.0.15"; + version = "1.0.16"; src = fetchCrate { inherit pname version; - sha256 = "sha256-9/r01j/47rbgmXQy9qVOeY1E3LDMe9A/1SOB2l9zpJU="; + sha256 = "sha256-ChUZf8aohDOmNKPgn9+i0NNZ4rKJsXQPK6IMqWf0NQc="; }; - cargoSha256 = "sha256-kUpGBtgircX8/fACed4WO7rHTCah+3BFuQQV/A5pivg="; + cargoHash = "sha256-RsBWmEe4D+m3hxE1ryQ5aZb2uDax519qjQoIK7xStPw="; nativeBuildInputs = [ pkg-config ]; buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ - Security + darwin.apple_sdk.frameworks.SystemConfiguration ]; meta = with lib; { diff --git a/pkgs/tools/misc/tldr/default.nix b/pkgs/tools/misc/tldr/default.nix index 3d9655f114dc..0d4df99a952d 100644 --- a/pkgs/tools/misc/tldr/default.nix +++ b/pkgs/tools/misc/tldr/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "tldr"; - version = "1.6.0"; + version = "1.6.1"; src = fetchFromGitHub { owner = "tldr-pages"; repo = "tldr-c-client"; rev = "v${version}"; - sha256 = "sha256-9pBMo+t/44tuT/CisS0w60KaKXjPfNTMr2v6Ftjaf1k="; + sha256 = "sha256-1L9frURnzfq0XvPBs8D+hBikybAw8qkb0DyZZtkZleY="; }; buildInputs = [ curl libzip ]; diff --git a/pkgs/tools/misc/traefik-certs-dumper/default.nix b/pkgs/tools/misc/traefik-certs-dumper/default.nix index 18ed06c630ed..60cc47969afa 100644 --- a/pkgs/tools/misc/traefik-certs-dumper/default.nix +++ b/pkgs/tools/misc/traefik-certs-dumper/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "traefik-certs-dumper"; - version = "2.8.1"; + version = "2.8.3"; src = fetchFromGitHub { owner = "ldez"; repo = pname; rev = "v${version}"; - sha256 = "sha256-o5nTxTyLuKtWcJvcWZuVwK970DMJfEaJw8vDcShulr0="; + sha256 = "sha256-dSVtowebmDA0X/PtLKktvb1+FhQ+evMoxFBXIXqZujw="; }; - vendorHash = "sha256-rBSRZ7gKUx3tBXqhkTOmAyEx9pLw41/Bt3O+AiHqXpw="; + vendorHash = "sha256-a23kTtjIaMYs3+S9rYZ6ttyCyyK6Wm2wUZQw+In/hG4="; excludedPackages = "integrationtest"; meta = with lib; { diff --git a/pkgs/tools/networking/gen6dns/default.nix b/pkgs/tools/networking/gen6dns/default.nix index 6f020c2a6636..92d33d55da98 100644 --- a/pkgs/tools/networking/gen6dns/default.nix +++ b/pkgs/tools/networking/gen6dns/default.nix @@ -19,6 +19,10 @@ stdenv.mkDerivation rec { installManPage gen6dns.1 ''; + configureFlags = lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ + "ac_cv_func_malloc_0_nonnull=yes" + ]; + makeFlags = [ "INSTALL_DIR=$(out)/bin" ]; meta = with lib; { diff --git a/pkgs/tools/networking/netassert/default.nix b/pkgs/tools/networking/netassert/default.nix index ac7f2f3630d5..1351c255e943 100644 --- a/pkgs/tools/networking/netassert/default.nix +++ b/pkgs/tools/networking/netassert/default.nix @@ -5,15 +5,15 @@ buildGoModule rec { pname = "netassert"; - version = "2.0.2"; + version = "2.0.3"; src = fetchFromGitHub { owner = "controlplaneio"; repo = "netassert"; rev = "v${version}"; - hash = "sha256-UWiPjLvMuEc12HJ5ZiwKGeD0hh/y9j4P6FKu0uynUGA="; + hash = "sha256-mRKjo0AfnM+XTl7sQoGDyQoquXpD3xPJ6i3/3Dj2rhE="; }; - vendorHash = "sha256-nDnSJOfEn9KieDwdNeIGFcI4m8rVU+Yaxwa+dKyNSHM="; + vendorHash = "sha256-9mvSfAd1m95eRwljGG68+tjiFObgt1EuakjwFfn9Obo="; ldflags = [ "-s" diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix index 28bda2203ffc..5b5eaee20dc7 100644 --- a/pkgs/tools/networking/netbird/default.nix +++ b/pkgs/tools/networking/netbird/default.nix @@ -31,16 +31,16 @@ let in buildGoModule rec { pname = "netbird"; - version = "0.24.4"; + version = "0.25.2"; src = fetchFromGitHub { owner = "netbirdio"; repo = pname; rev = "v${version}"; - hash = "sha256-m3LGxRUo1ModiSS1O1e5B513hRe42WuBo7GWYf/oaHA="; + hash = "sha256-308t/yaFFabFC9nr1eN/SMF+uBBnpGaaWiWD0wm/dtI="; }; - vendorHash = "sha256-lto71mayUJGDiKPSoKJD2DmIJikhv6sjEGsW4Ls1UUM="; + vendorHash = "sha256-3jjCAsqbD5HUM8972jGBxCiewSLh2aIRE68rpV03KqQ="; nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config; diff --git a/pkgs/tools/networking/onetun/default.nix b/pkgs/tools/networking/onetun/default.nix index 46b040f513ea..ca07db7583a4 100644 --- a/pkgs/tools/networking/onetun/default.nix +++ b/pkgs/tools/networking/onetun/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "onetun"; - version = "0.3.5"; + version = "0.3.6"; src = fetchFromGitHub { owner = "aramperes"; repo = pname; rev = "v${version}"; - sha256 = "sha256-svf30eFldfbhi8L44linHccGApYFuEWZOjzyqM+tjw4="; + sha256 = "sha256-NH3K/EGFtBcTAxGntneV86zd8eWSV4fFxvr76xtE/mw="; }; - cargoHash = "sha256-KcixaVNZEpGeMg/sh3dua3D7vqzlBvf+Zh3MKk6LJac="; + cargoHash = "sha256-ZpgcFzQLiOWyhjSI+WcLa0UFUw8zQWfqJkrVVpIexgM="; buildInputs = lib.optionals stdenv.isDarwin [ Security diff --git a/pkgs/tools/networking/rabtap/default.nix b/pkgs/tools/networking/rabtap/default.nix index 06aacddbcf6b..2e9fff0dd1e9 100644 --- a/pkgs/tools/networking/rabtap/default.nix +++ b/pkgs/tools/networking/rabtap/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "rabtap"; - version = "1.39.0"; + version = "1.39.1"; src = fetchFromGitHub { owner = "jandelgado"; repo = "rabtap"; rev = "v${version}"; - sha256 = "sha256-/inclOpKYlEGSEH390+GtRiHXotaH+VxqWVAWSf61Xs="; + sha256 = "sha256-R0OZNmOgklhiljsYTVoqpbMMMaPHICC/qVJNUgkUsfU="; }; vendorHash = "sha256-BrpDafEFDrH243zDHY9EtkVjPvwrmbJVu5TQMHHOWfA="; diff --git a/pkgs/tools/networking/sing-box/default.nix b/pkgs/tools/networking/sing-box/default.nix index cc826474d3eb..5ba7917de049 100644 --- a/pkgs/tools/networking/sing-box/default.nix +++ b/pkgs/tools/networking/sing-box/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "sing-box"; - version = "1.7.5"; + version = "1.7.6"; src = fetchFromGitHub { owner = "SagerNet"; repo = pname; rev = "v${version}"; - hash = "sha256-6SWcepENdbkwv4qq4nuxSINAxXWZmLcj5NwJ3nBnKu8="; + hash = "sha256-ZrZ2mqf1/D4L+1SlTx3rwkmk9+RcqH/yuMZie6jtpmc="; }; - vendorHash = "sha256-8R3bVwziiC9n10dA8Zus7L0VyjWYKkdSszb44HqR8tE="; + vendorHash = "sha256-nIVm2+F+5rXTiode240zZXxIAQA4VkNynYnmdvSwEHw="; tags = [ "with_quic" diff --git a/pkgs/tools/networking/tun2socks/default.nix b/pkgs/tools/networking/tun2socks/default.nix index a1336a257fcb..9296b0df0068 100644 --- a/pkgs/tools/networking/tun2socks/default.nix +++ b/pkgs/tools/networking/tun2socks/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "tun2socks"; - version = "2.5.1"; + version = "2.5.2"; src = fetchFromGitHub { owner = "xjasonlyu"; repo = pname; rev = "v${version}"; - sha256 = "sha256-qRjVZF15CjFohv9PQO0bLAjS8ip//S7yncXOn9oS2XM="; + sha256 = "sha256-siAengVJXusQ5o9cTaADeRn5eW4IoCHkMMf6Bx8iWws="; }; vendorHash = "sha256-zeiOcn33PnyoseYb0wynkn7MfGp3rHEYBStY98C6aR8="; diff --git a/pkgs/tools/package-management/harmonia/default.nix b/pkgs/tools/package-management/harmonia/default.nix index 9c472f080b15..9830570a07fd 100644 --- a/pkgs/tools/package-management/harmonia/default.nix +++ b/pkgs/tools/package-management/harmonia/default.nix @@ -5,6 +5,7 @@ , nixVersions , pkg-config , rustPlatform +, stdenv , nix-update-script , nixosTests }: @@ -32,6 +33,11 @@ rustPlatform.buildRustPackage rec { nixVersions.nix_2_19 ]; + # Workaround for https://github.com/NixOS/nixpkgs/issues/166205 + env = lib.optionalAttrs stdenv.cc.isClang { + NIX_LDFLAGS = "-l${stdenv.cc.libcxx.cxxabi.libName}"; + }; + passthru = { updateScript = nix-update-script { extraArgs = [ "--version-regex" "harmonia-v(.*)" ]; diff --git a/pkgs/tools/security/bitwarden/cli.nix b/pkgs/tools/security/bitwarden/cli.nix index 0ff814617429..b51dd1e9e8c2 100644 --- a/pkgs/tools/security/bitwarden/cli.nix +++ b/pkgs/tools/security/bitwarden/cli.nix @@ -10,18 +10,18 @@ buildNpmPackage rec { pname = "bitwarden-cli"; - version = "2023.12.0"; + version = "2023.12.1"; src = fetchFromGitHub { owner = "bitwarden"; repo = "clients"; rev = "cli-v${version}"; - hash = "sha256-WYhLKV3j3Ktite5u1H4fSku38hCCrMzKoxtjq6aT9yo="; + hash = "sha256-WHI1AfliJa1wAbN1Heto28WlM7uX51SSV4YndAZii1Y="; }; nodejs = nodejs_18; - npmDepsHash = "sha256-bnYpvHO9Pnob+MbrSshv03mSwXCADH/2xw33nLVKMdg="; + npmDepsHash = "sha256-18OaRCys+HaCZ5/ZLeugqW0jWKSQkfvnBGx8aVAdezQ="; nativeBuildInputs = [ python3 diff --git a/pkgs/tools/security/cnspec/default.nix b/pkgs/tools/security/cnspec/default.nix index b0ca29f5ea0c..58250f5320a7 100644 --- a/pkgs/tools/security/cnspec/default.nix +++ b/pkgs/tools/security/cnspec/default.nix @@ -5,17 +5,17 @@ buildGoModule rec { pname = "cnspec"; - version = "9.12.0"; + version = "9.12.1"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-bNSSU7UJBexnZ95fJM0Oa70jGbbM0ghNA0ePESRMjX0="; + hash = "sha256-U3iEiKIb9lTNM4GK75a8khsjeZzYaMafoBfdpNiiwHQ="; }; proxyVendor = true; - vendorHash = "sha256-9hjQBoZW6pnuo1YDegp+yxpvR4Ja+6BqOg5/fqwPRig="; + vendorHash = "sha256-RRE0DsBkpI9hvo7k04eIadOKO3YE0g0DDjFj40ya1ZM="; subPackages = [ "apps/cnspec" diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 73080cf05b23..0e2e74d0787f 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-12-19"; + version = "2023-12-22"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-yIEu5JQ9sgf9HFP/pFZ/A2DG14c67imgfYRYL1+PiYA="; + hash = "sha256-NuukzG+l83YhIgVASLKCkE3FrS6+z8uURTxZyhT/RuA="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/grype/default.nix b/pkgs/tools/security/grype/default.nix index db955a1a2086..e3f43157f614 100644 --- a/pkgs/tools/security/grype/default.nix +++ b/pkgs/tools/security/grype/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "grype"; - version = "0.73.4"; + version = "0.73.5"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-cYhgLMKj8fo49zr+NC7SARiyybCnqXf+DgB+6IkwkAw="; + hash = "sha256-a5Kna1axfA3uBHoTdT/B/6PA/Tr+w0bK6GeKcGIPRsQ="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -28,7 +28,7 @@ buildGoModule rec { proxyVendor = true; - vendorHash = "sha256-Zx8gJZVkobKjrGysrqYd6Hv2bGqEgOQ+EGSKDvOM33M="; + vendorHash = "sha256-eO0/kE0XPqsnoCBKxcwJjHoBhQlXlxVPcg6w1fHfWGs="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/security/mbox/default.nix b/pkgs/tools/security/mbox/default.nix deleted file mode 100644 index a39d226aac57..000000000000 --- a/pkgs/tools/security/mbox/default.nix +++ /dev/null @@ -1,39 +0,0 @@ -{ lib, stdenv, fetchFromGitHub, openssl, which }: - -stdenv.mkDerivation { - pname = "mbox"; - version = "unstable-2014-05-26"; - - src = fetchFromGitHub { - owner = "tsgates"; - repo = "mbox"; - rev = "a131424b6cb577e1c916bd0e8ffb2084a5f73048"; - sha256 = "06qggqxnzcxnc34m6sbafxwr2p64x65m9zm5wp7pwyarcckhh2hd"; - }; - - buildInputs = [ openssl which ]; - - preConfigure = '' - cd src - cp {.,}configsbox.h - ''; - - doCheck = true; - checkPhase = '' - rm tests/test-*vim.sh tests/test-pip.sh - - patchShebangs ./; dontPatchShebags=1 - sed -i 's|^/bin/||' tests/test-fileops.sh - - ./testall.sh - ''; - - meta = with lib; { - description = "Lightweight sandboxing mechanism that any user can use without special privileges"; - homepage = "http://pdos.csail.mit.edu/mbox/"; - maintainers = with maintainers; [ ehmry ]; - license = licenses.bsd3; - platforms = [ "x86_64-linux" ]; - broken = true; - }; -} diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 3f64895d3673..3d10bb0bb51c 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.47" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.48" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 57f922329c23..899a80b10966 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: e9a1adf7e1a5edb3f76bd537fe6fa5c75435aec9 - ref: refs/tags/6.3.47 + revision: 261eca342915db81d67cdfe7f2ef7b3788fd508f + ref: refs/tags/6.3.48 specs: - metasploit-framework (6.3.47) + metasploit-framework (6.3.48) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -134,13 +134,13 @@ GEM arel-helpers (2.14.0) activerecord (>= 3.1.0, < 8) aws-eventstream (1.3.0) - aws-partitions (1.864.0) - aws-sdk-core (3.190.0) + aws-partitions (1.872.0) + aws-sdk-core (3.190.1) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) jmespath (~> 1, >= 1.6.1) - aws-sdk-ec2 (1.430.0) + aws-sdk-ec2 (1.431.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) aws-sdk-ec2instanceconnect (1.36.0) @@ -149,7 +149,7 @@ GEM aws-sdk-iam (1.92.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.74.0) + aws-sdk-kms (1.75.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) aws-sdk-s3 (1.141.0) @@ -191,7 +191,7 @@ GEM eventmachine (1.2.7) faker (3.2.2) i18n (>= 1.8.11, < 2) - faraday (2.7.12) + faraday (2.8.1) base64 faraday-net_http (>= 2.0, < 3.1) ruby2_keywords (>= 0.0.4) @@ -219,7 +219,7 @@ GEM httpclient (2.8.3) i18n (1.14.1) concurrent-ruby (~> 1.0) - io-console (0.6.0) + io-console (0.7.1) irb (1.7.4) reline (>= 0.3.6) jmespath (1.6.2) @@ -274,7 +274,7 @@ GEM mustermann (3.0.0) ruby2_keywords (~> 0.0.1) nessus_rest (0.1.6) - net-imap (0.4.7) + net-imap (0.4.8) date net-protocol net-ldap (0.18.0) @@ -282,7 +282,7 @@ GEM timeout net-smtp (0.4.0) net-protocol - net-ssh (7.2.0) + net-ssh (7.2.1) network_interface (0.0.4) nexpose (7.3.0) nio4r (2.7.0) @@ -334,7 +334,7 @@ GEM rasn1 (0.12.1) strptime (~> 0.2.5) rb-readline (0.5.5) - recog (3.1.2) + recog (3.1.4) nokogiri redcarpet (3.6.0) reline (0.4.1) @@ -393,7 +393,7 @@ GEM ruby-mysql (4.1.0) ruby-rc4 (0.1.5) ruby2_keywords (0.0.5) - ruby_smb (3.3.0) + ruby_smb (3.3.1) bindata openssl-ccm openssl-cmac @@ -463,4 +463,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 2.4.22 + 2.4.13 diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 6c30b6a05f8a..935374a09ad4 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.47"; + version = "6.3.48"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-I1BpYCS2wLrvAKwqKn0QDOf0SvdsmT58OtiBDXwJkh8="; + hash = "sha256-AY0k44/gYXP4h3SoRVF9aK2L2skZ03Azd5V9hSRDoHQ="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index f185105372f4..a439c6380641 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -104,30 +104,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16n1d0bh3zy925y4f8flrnkfir2smsj0j31zslfaz6vf6cvi9qjs"; + sha256 = "1ddbcz8p3abbw8d8pn796z1ry1mbapl6ayhh37ziwal6bd047kvm"; type = "gem"; }; - version = "1.864.0"; + version = "1.872.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19nglxz49nlzgsvnivb3bdm17vxjn1ng2br8659xv48nzjrmyid3"; + sha256 = "1ansagfl5irx1y6b9xf4xpi9j6q6k5pbd2aw80hn0p4m3ycafamh"; type = "gem"; }; - version = "3.190.0"; + version = "3.190.1"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zyazx97nskgl9xzspg2q1rji02p2jv789v8qd1qz6hknz0z6r5f"; + sha256 = "04lg4g6aivkf6zvvcc1clw0dqdlpkn3c87kiz5mfc7m2jr0m0ljx"; type = "gem"; }; - version = "1.430.0"; + version = "1.431.0"; }; aws-sdk-ec2instanceconnect = { groups = ["default"]; @@ -154,10 +154,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1isrj19kzy9sb7a76a1c2n5x0d9lg1h2n7fp7cn13xjis0hpnlxj"; + sha256 = "1qzxqfgrhnl5rdc39a1gl2pgrdxgnsj12zycpxnsx8lg6arfmnr1"; type = "gem"; }; - version = "1.74.0"; + version = "1.75.0"; }; aws-sdk-s3 = { groups = ["default"]; @@ -404,10 +404,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19w1lzipnxs6vy3y0pw1mf956f768ppzgfrnlpwgrpnjjv9xqf7d"; + sha256 = "19p45ryrvxff6ggdj4fq76dk7wlkfgrh474c3kwzdsjx3xpdq8x8"; type = "gem"; }; - version = "2.7.12"; + version = "2.8.1"; }; faraday-net_http = { groups = ["default"]; @@ -554,10 +554,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dikardh14c72gd9ypwh8dim41wvqmzfzf35mincaj5yals9m7ff"; + sha256 = "1fmwbcapyhla84xhwj3gfws6rb4lw3928ybz6g3lr372dgxakzx5"; type = "gem"; }; - version = "0.6.0"; + version = "0.7.1"; }; irb = { groups = ["default"]; @@ -664,12 +664,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "e9a1adf7e1a5edb3f76bd537fe6fa5c75435aec9"; - sha256 = "07wj15y0v0fq79y3x6bcyx5g9rqc21yjlamc03pvmh5n4ih6jl13"; + rev = "261eca342915db81d67cdfe7f2ef7b3788fd508f"; + sha256 = "0x508cj8azcmfwrp1lqrr7d8pbb8gm8lba3lhzw76qg0izij9381"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.47"; + version = "6.3.48"; }; metasploit-model = { groups = ["default"]; @@ -796,10 +796,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0541lfqaz46h8s3fks11vsd1iqzmgjjw3c0jp9agg92zblwj0axs"; + sha256 = "1wnmxcrpv7zaf8wli5nvfnz5ybmw7f3r06s05p3d96idc61193mv"; type = "gem"; }; - version = "0.4.7"; + version = "0.4.8"; }; net-ldap = { groups = ["default"]; @@ -836,10 +836,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jyj6j7w9zpj2zhp4dyhdjiwsn9rqwksj7s7fzpnn7rx2xvz2a1a"; + sha256 = "1i01340c4i144vvn3x54lc2rb77ch829qipl1rh6rqwm3yxzml9w"; type = "gem"; }; - version = "7.2.0"; + version = "7.2.1"; }; network_interface = { groups = ["default"]; @@ -1107,10 +1107,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15633qvzbgsigx55dxb9b07xh0spwr9njd5y2f454kc5zrrapp1a"; + sha256 = "1a9m9ngmcgvgzg8m8ahdhjvfm65k6hp8r7dqmrsh3zcphim4x71k"; type = "gem"; }; - version = "3.1.2"; + version = "3.1.4"; }; redcarpet = { groups = ["default"]; @@ -1377,10 +1377,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xfjl89a46xg1w98ywa2byf23jmhh3xyj4r501hgc7vma1i5gw3v"; + sha256 = "04m366ldi33h79k7f35dvyhq0jyh762v8360zf8ss5jbax3bzlkk"; type = "gem"; }; - version = "3.3.0"; + version = "3.3.1"; }; rubyntlm = { groups = ["default"]; diff --git a/pkgs/tools/security/rekor/default.nix b/pkgs/tools/security/rekor/default.nix index d8a48cf65abc..afc07a63d603 100644 --- a/pkgs/tools/security/rekor/default.nix +++ b/pkgs/tools/security/rekor/default.nix @@ -4,13 +4,13 @@ let generic = { pname, packageToBuild, description }: buildGoModule rec { inherit pname; - version = "1.3.3"; + version = "1.3.4"; src = fetchFromGitHub { owner = "sigstore"; repo = "rekor"; rev = "v${version}"; - hash = "sha256-CFavEtv6wL6jiUayjyU27OkdToXIM4EP7v5ONFdAJ5w="; + hash = "sha256-vU/qxCMCC2XWH79Z7cGhMlqMeQOMghTPDfROWdusKX4="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -23,7 +23,7 @@ let ''; }; - vendorHash = "sha256-BLK8IJWL2sZ5bdnJU48/XhplSGUOL8gE7pY8rL+rVFk="; + vendorHash = "sha256-qhBbzYYayRktBQi9HtzuxBIlSdNIOD/agCFFNEvlcBc="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/security/stoken/default.nix b/pkgs/tools/security/stoken/default.nix index 526caf44d679..455310c202b8 100644 --- a/pkgs/tools/security/stoken/default.nix +++ b/pkgs/tools/security/stoken/default.nix @@ -5,7 +5,7 @@ , pkg-config , libxml2 , nettle -, withGTK3 ? true +, withGTK3 ? !stdenv.hostPlatform.isStatic , gtk3 }: diff --git a/pkgs/tools/security/terrascan/default.nix b/pkgs/tools/security/terrascan/default.nix index 62f744fbaa56..91470205666b 100644 --- a/pkgs/tools/security/terrascan/default.nix +++ b/pkgs/tools/security/terrascan/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "terrascan"; - version = "1.18.9"; + version = "1.18.11"; src = fetchFromGitHub { owner = "accurics"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-2EI/6+DRheZaVlib5e3GAaMOK58xycaL3tyzrkwceE4="; + hash = "sha256-BICXMSkfGDXOqBH+4UlJmqkUSV+oZa1wg7c20EtJ3WI="; }; vendorHash = "sha256-9zD81p/UjH43B0aeqlItP9vrGMaT/zhVYv60ot153Gc="; diff --git a/pkgs/tools/security/threatest/default.nix b/pkgs/tools/security/threatest/default.nix index cfae26aaa034..faa5977986fc 100644 --- a/pkgs/tools/security/threatest/default.nix +++ b/pkgs/tools/security/threatest/default.nix @@ -6,17 +6,17 @@ buildGoModule rec { pname = "threatest"; - version = "1.2.4"; + version = "1.2.5"; src = fetchFromGitHub { owner = "DataDog"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-pCSSAEeVxi3/yK7B2g9ZZRU5TjdNd8qp+52Yc1HmxT8="; + hash = "sha256-rVRBrf/RTcHvKOLHNASzvij3fV+uQEuIVKb07CZ/cT0="; }; proxyVendor = true; - vendorHash = "sha256-nHA+UJP6gYWdbTKFcxw1gI6X2ueTUIsHVBIlaprPwsQ="; + vendorHash = "sha256-zwHcGy7wjy2yx7nMi88R+z+Is+YcqGRMK0czeBNlcdA="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/security/witness/default.nix b/pkgs/tools/security/witness/default.nix index d16f74940d3b..42e6455ae7dd 100644 --- a/pkgs/tools/security/witness/default.nix +++ b/pkgs/tools/security/witness/default.nix @@ -1,17 +1,24 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles + +# testing +, testers +, witness +}: buildGoModule rec { pname = "witness"; - version = "0.1.14"; + version = "0.2.0"; src = fetchFromGitHub { - owner = "testifysec"; - repo = pname; + owner = "in-toto"; + repo = "witness"; rev = "v${version}"; - sha256 = "sha256-TUEbFkrS0OztTiY0OXiZsqraq3TINtC/DQEyCGPNXpE="; + sha256 = "sha256-U+dcaPi9Drg4I2SZlZPaR3Ryb+Dz27nyPI2XJPG/LWc="; }; - proxyVendor = true; - vendorHash = "sha256-L2NaEt64mgFZVta/F8/uUQ4djlra59JPcHJLGbFCQJs="; + vendorHash = "sha256-pjcyAGdR8TsU9YBy5zd6u575vDKPwy8s85TXUsuxZiU="; nativeBuildInputs = [ installShellFiles ]; @@ -21,7 +28,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" - "-X github.com/testifysec/witness/cmd.Version=v${version}" + "-X github.com/in-toto/witness/cmd.Version=v${version}" ]; # Feed in all tests for testing @@ -38,13 +45,11 @@ buildGoModule rec { --zsh <($out/bin/witness completion zsh) ''; - doInstallCheck = true; - installCheckPhase = '' - runHook preInstallCheck - $out/bin/witness --help - $out/bin/witness version | grep "v${version}" - runHook postInstallCheck - ''; + passthru.tests.version = testers.testVersion { + package = witness; + command = "witness version"; + version = "v${version}"; + }; meta = with lib; { description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; @@ -57,6 +62,7 @@ buildGoModule rec { PKI distribution system will mitigate against many software supply chain attack vectors and can be used as a framework for automated governance. ''; + mainProgram = "witness"; homepage = "https://github.com/testifysec/witness"; changelog = "https://github.com/testifysec/witness/releases/tag/v${version}"; license = licenses.asl20; diff --git a/pkgs/tools/system/kanata/default.nix b/pkgs/tools/system/kanata/default.nix index 6e86812ece44..706382d3dd04 100644 --- a/pkgs/tools/system/kanata/default.nix +++ b/pkgs/tools/system/kanata/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "kanata"; - version = "1.4.0"; + version = "1.5.0"; src = fetchFromGitHub { owner = "jtroo"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Tenh2LARajYAFHJ5gddeozY7rfySSvqFhudc/7b9cGg="; + sha256 = "sha256-ci/0Ksmi0uNHIvpZlihWvGeNabzmk+k3fUeuMDVpFeE="; }; - cargoHash = "sha256-oJVGZhKJVK8q5lgK+G+KhVupOF05u37B7Nmv4rrI28I="; + cargoHash = "sha256-IzgVF6SHJjOB48VehQ5taD5iWQXFKLcVBWTEl3ArkGQ="; buildFeatures = lib.optional withCmd "cmd"; diff --git a/pkgs/tools/typesetting/sile/default.nix b/pkgs/tools/typesetting/sile/default.nix index f2005f491a17..b82704fc12b1 100644 --- a/pkgs/tools/typesetting/sile/default.nix +++ b/pkgs/tools/typesetting/sile/default.nix @@ -46,11 +46,11 @@ in stdenv.mkDerivation (finalAttrs: { pname = "sile"; - version = "0.14.13"; + version = "0.14.14"; src = fetchurl { url = "https://github.com/sile-typesetter/sile/releases/download/v${finalAttrs.version}/sile-${finalAttrs.version}.tar.xz"; - sha256 = "sha256-PU9Yfanmyr4nAQMQu/unBQSQCvV2hyo0i8lR0MnuFcA="; + sha256 = "sha256-xGcbD43yfJ6Ru7mU7R+NxfK1YXnIDwcYMjB++gcNqYg="; }; configureFlags = [ diff --git a/pkgs/tools/virtualization/cri-tools/default.nix b/pkgs/tools/virtualization/cri-tools/default.nix index b57ce3abb168..70991742e789 100644 --- a/pkgs/tools/virtualization/cri-tools/default.nix +++ b/pkgs/tools/virtualization/cri-tools/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "cri-tools"; - version = "1.28.0"; + version = "1.29.0"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "v${version}"; - sha256 = "sha256-inw4bPeObMlwtgFLR/8+tqRKTkcViZeEFZ1MOm0HYI4="; + sha256 = "sha256-64vjN0tm6P+nXjrNPeTviXOQdibuH7YbQm/LjYLxatM="; }; vendorHash = null; diff --git a/pkgs/tools/virtualization/mininet/default.nix b/pkgs/tools/virtualization/mininet/default.nix index c33389861dd0..3d7339bf56b6 100644 --- a/pkgs/tools/virtualization/mininet/default.nix +++ b/pkgs/tools/virtualization/mininet/default.nix @@ -1,11 +1,38 @@ { stdenv, lib, fetchFromGitHub +, runCommand , which , python3 , help2man +, makeWrapper +, ethtool +, inetutils +, iperf +, iproute2 +, nettools +, socat }: let pyEnv = python3.withPackages(ps: [ ps.setuptools ]); + + telnet = runCommand "inetutils-telnet" + { } + '' + mkdir -p "$out/bin" + ln -s "${inetutils}"/bin/telnet "$out/bin" + ''; + + generatedPath = lib.makeSearchPath "bin" [ + iperf + ethtool + iproute2 + socat + # mn errors out without a telnet binary + # pkgs.inetutils brings an undesired ifconfig into PATH see #43105 + nettools + telnet + ]; + in stdenv.mkDerivation rec { pname = "mininet"; @@ -24,7 +51,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" ]; pythonPath = [ python3.pkgs.setuptools ]; - nativeBuildInputs = [ help2man ]; + nativeBuildInputs = [ help2man makeWrapper python3.pkgs.wrapPython ]; propagatedBuildInputs = [ python3 which ]; @@ -33,7 +60,18 @@ stdenv.mkDerivation rec { preInstall = '' mkdir -p $out $py # without --root, install fails - ${pyEnv.interpreter} setup.py install --root="/" --prefix=$py + "${pyEnv.interpreter}" setup.py install \ + --root="/" \ + --prefix="$py" \ + --install-scripts="$out/bin" + ''; + + postFixup = '' + wrapPythonProgramsIn "$out/bin" "$py $pythonPath" + wrapProgram "$out/bin/mnexec" \ + --prefix PATH : "${generatedPath}" + wrapProgram "$out/bin/mn" \ + --prefix PATH : "${generatedPath}" ''; doCheck = false; diff --git a/pkgs/tools/virtualization/mkosi/default.nix b/pkgs/tools/virtualization/mkosi/default.nix index c996a5c1124c..bb823b516977 100644 --- a/pkgs/tools/virtualization/mkosi/default.nix +++ b/pkgs/tools/virtualization/mkosi/default.nix @@ -6,6 +6,10 @@ , bubblewrap , systemd , pandoc +, kmod +, gnutar +, util-linux +, cpio # Python packages , setuptools @@ -84,8 +88,12 @@ buildPythonApplication rec { ]; propagatedBuildInputs = [ - systemdForMkosi bubblewrap + cpio + gnutar + kmod + systemdForMkosi + util-linux ] ++ lib.optional withQemu [ qemu ]; |