diff options
Diffstat (limited to 'pkgs/tools')
51 files changed, 405 insertions, 252 deletions
diff --git a/pkgs/tools/admin/qovery-cli/default.nix b/pkgs/tools/admin/qovery-cli/default.nix index 966809e4256a..2b45bcf5853e 100644 --- a/pkgs/tools/admin/qovery-cli/default.nix +++ b/pkgs/tools/admin/qovery-cli/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "qovery-cli"; - version = "0.75.3"; + version = "0.75.5"; src = fetchFromGitHub { owner = "Qovery"; repo = "qovery-cli"; rev = "refs/tags/v${version}"; - hash = "sha256-+7rjr6CbUFeEqAfCGooY5dyeP+V5eRlwm3UQeJln6as="; + hash = "sha256-dmdyKMmIi09AG7deI20cYukUuT6485B5xNhpHk14zC8="; }; - vendorHash = "sha256-gIqLyGc4ik7cv2U4WS3Wy8BnIpK5NdjWSH0Z58AiVPE="; + vendorHash = "sha256-R1CAB42moobsYuXNTtZXNLcCpSp8jfSt2FQi5fRnEdI="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/admin/scalr-cli/default.nix b/pkgs/tools/admin/scalr-cli/default.nix index 7adbaf7f6689..8c05709c27b6 100644 --- a/pkgs/tools/admin/scalr-cli/default.nix +++ b/pkgs/tools/admin/scalr-cli/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "scalr-cli"; - version = "0.15.3"; + version = "0.15.4"; src = fetchFromGitHub { owner = "Scalr"; repo = "scalr-cli"; rev = "v${version}"; - hash = "sha256-ciretC6z2NcLffSkK78DFIUqbRHgVTA7OEyNk6qdAgI="; + hash = "sha256-Z+V+qD9vXlWGJg/fgjfici1Sa4NZhsQXkY8uBiee0aQ="; }; - vendorHash = "sha256-zyshSluHq5f+DQV4K7qxHNsZ4nKzL8J5A25rdg9fHeM="; + vendorHash = "sha256-mfxdodwZXzmGzh3Tk8WnjW74YXRlAzImGLqzKM5OkGw="; ldflags = [ "-s" "-w" diff --git a/pkgs/tools/admin/stripe-cli/default.nix b/pkgs/tools/admin/stripe-cli/default.nix index 3fc6a6dba776..3dcf7d855715 100644 --- a/pkgs/tools/admin/stripe-cli/default.nix +++ b/pkgs/tools/admin/stripe-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "stripe-cli"; - version = "1.18.0"; + version = "1.19.1"; src = fetchFromGitHub { owner = "stripe"; repo = pname; rev = "v${version}"; - hash = "sha256-1AdR0PHAhrMbeCD5zNsU9JoXInQD+qUIYfveBD60wR0="; + hash = "sha256-4xyJZKFkijgemNwGC8pi7zF9MgtwgSKIvDRZ8jJ2h8o="; }; vendorHash = "sha256-DYA6cu2KzEBZ4wsT7wjcdY1endQQOZlj2aOwu6iGLew="; diff --git a/pkgs/tools/admin/trivy/default.nix b/pkgs/tools/admin/trivy/default.nix index 8e8bbfa78e92..1af050640726 100644 --- a/pkgs/tools/admin/trivy/default.nix +++ b/pkgs/tools/admin/trivy/default.nix @@ -1,6 +1,9 @@ { lib +, stdenv +, buildPackages , buildGoModule , fetchFromGitHub +, installShellFiles , testers , trivy }: @@ -29,9 +32,22 @@ buildGoModule rec { "-X=github.com/aquasecurity/trivy/pkg/version.ver=v${version}" ]; + nativeBuildInputs = [ installShellFiles ]; + # Tests require network access doCheck = false; + postInstall = + let + trivy = if stdenv.buildPlatform.canExecute stdenv.hostPlatform then placeholder "out" else buildPackages.trivy; + in + '' + installShellCompletion --cmd trivy \ + --bash <(${trivy}/bin/trivy completion bash) \ + --fish <(${trivy}/bin/trivy completion fish) \ + --zsh <(${trivy}/bin/trivy completion zsh) + ''; + doInstallCheck = true; passthru.tests.version = testers.testVersion { @@ -51,6 +67,7 @@ buildGoModule rec { vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn, etc.). ''; + mainProgram = "trivy"; license = licenses.asl20; maintainers = with maintainers; [ fab jk ]; }; diff --git a/pkgs/tools/graphics/didder/default.nix b/pkgs/tools/graphics/didder/default.nix deleted file mode 100644 index 10e97e356daf..000000000000 --- a/pkgs/tools/graphics/didder/default.nix +++ /dev/null @@ -1,34 +0,0 @@ -{ lib, buildGoModule, fetchFromGitHub, pandoc }: - -buildGoModule rec { - pname = "didder"; - version = "1.2.0"; - - src = fetchFromGitHub { - owner = "makew0rld"; - repo = pname; - rev = "v${version}"; - hash = "sha256-S1j2TdV0XCrSc7Ua+SdY3JJoWgnFuAMGhUinTKO2Xh4="; - }; - - vendorHash = "sha256-TEp1YrQquqdEMVvZaNsEB1H/DZsTYmRL257RjQF2JqM="; - - nativeBuildInputs = [ pandoc ]; - - postBuild = '' - make man - ''; - - postInstall = '' - mkdir -p $out/share/man/man1 - gzip -c didder.1 > $out/share/man/man1/didder.1.gz - ''; - - meta = src.meta // { - description = - "An extensive, fast, and accurate command-line image dithering tool"; - license = lib.licenses.gpl3; - maintainers = with lib.maintainers; [ ehmry ]; - mainProgram = "didder"; - }; -} diff --git a/pkgs/tools/graphics/netpbm/default.nix b/pkgs/tools/graphics/netpbm/default.nix index 105169c5e030..79194304dc62 100644 --- a/pkgs/tools/graphics/netpbm/default.nix +++ b/pkgs/tools/graphics/netpbm/default.nix @@ -20,14 +20,14 @@ stdenv.mkDerivation { # Determine version and revision from: # https://sourceforge.net/p/netpbm/code/HEAD/log/?path=/advanced pname = "netpbm"; - version = "11.4.4"; + version = "11.4.5"; outputs = [ "bin" "out" "dev" ]; src = fetchsvn { url = "https://svn.code.sf.net/p/netpbm/code/advanced"; - rev = "4784"; - sha256 = "GoO32AWu2s/s1IzehPynCJctc1F98dQhz5cQSXQhu2A="; + rev = "4800"; + sha256 = "ftMw2N63iEsf8GPuuXLe/hw+LN0lAUKyhk7wGZMboHY="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/graphics/resvg/default.nix b/pkgs/tools/graphics/resvg/default.nix index 539e3faebfdc..734ac97fdc73 100644 --- a/pkgs/tools/graphics/resvg/default.nix +++ b/pkgs/tools/graphics/resvg/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "resvg"; - version = "0.36.0"; + version = "0.37.0"; src = fetchFromGitHub { owner = "RazrFalcon"; repo = pname; rev = "v${version}"; - hash = "sha256-KxEeC9E1XG5ascIWzSAoNXtdJyPiEsXcQGebmhs/qkE="; + hash = "sha256-IRIyxQk0BqFufZafq7klUHAW1lculqbcH67kf3jtjwo="; }; - cargoHash = "sha256-iiPtf1xEBB80Cs31uUEbxG9YgKItdZCNGS6TTgrj4uM="; + cargoHash = "sha256-yKQRjY+aEXU5C3LhAyavtX8PazbAvAHQ7fykmK7LAQ8="; cargoBuildFlags = [ "--package=resvg" diff --git a/pkgs/tools/misc/boxxy/default.nix b/pkgs/tools/misc/boxxy/default.nix index 52a0b94abeda..ac723e959022 100644 --- a/pkgs/tools/misc/boxxy/default.nix +++ b/pkgs/tools/misc/boxxy/default.nix @@ -8,16 +8,16 @@ rustPlatform.buildRustPackage rec { pname = "boxxy"; - version = "0.8.3"; + version = "0.8.4"; src = fetchFromGitHub { owner = "queer"; repo = "boxxy"; rev = "v${version}"; - hash = "sha256-BxI2Ju1I1IytCjx6vUoIy1jzebSeRmoObDEtN/sBEDg="; + hash = "sha256-euIecFMDktL0gDkso83T1qZfVdfYAAC+WBMsfZaarAQ="; }; - cargoHash = "sha256-ZEQsCm13MoFtpIjjtD5UANH5zrPDX4IjEmqJLwnftps="; + cargoHash = "sha256-8aIuMRjZHLlP3x+C9S9WX21/i98RAUvGGwzptzCpRR4="; nativeBuildInputs = [ pkg-config diff --git a/pkgs/tools/misc/broot/default.nix b/pkgs/tools/misc/broot/default.nix index 1b5f53385d51..9053ca87fd78 100644 --- a/pkgs/tools/misc/broot/default.nix +++ b/pkgs/tools/misc/broot/default.nix @@ -8,6 +8,7 @@ , libgit2 , oniguruma , libiconv +, Foundation , Security , xorg , zlib @@ -35,6 +36,7 @@ rustPlatform.buildRustPackage rec { ]; buildInputs = [ libgit2 oniguruma xorg.libxcb ] ++ lib.optionals stdenv.isDarwin [ + Foundation libiconv Security zlib diff --git a/pkgs/tools/misc/faketty/default.nix b/pkgs/tools/misc/faketty/default.nix index 4515f83d1f83..815eb5a631c9 100644 --- a/pkgs/tools/misc/faketty/default.nix +++ b/pkgs/tools/misc/faketty/default.nix @@ -2,14 +2,14 @@ rustPlatform.buildRustPackage rec { pname = "faketty"; - version = "1.0.13"; + version = "1.0.14"; src = fetchCrate { inherit pname version; - hash = "sha256-jV5b6mB81Nz0Q+Toj5DTQq2QcM+EoQ7jRYV/OXgtemA="; + hash = "sha256-oma8Vmp1AMmEGyZG8i/ztiyYH0RrLZ/l/vXgPJs+5o0="; }; - cargoHash = "sha256-9t1Km/ZXzxyO72CaWM81fWGcFkri7F+wMAVom0GV/YM="; + cargoHash = "sha256-+gojthIR5WMSjN1gCUyN0cKHWYBKBezsckVZJD7JncM="; postPatch = '' patchShebangs tests/test.sh diff --git a/pkgs/tools/misc/google-cloud-sql-proxy/default.nix b/pkgs/tools/misc/google-cloud-sql-proxy/default.nix index de5f49aca256..4b4cb64181bb 100644 --- a/pkgs/tools/misc/google-cloud-sql-proxy/default.nix +++ b/pkgs/tools/misc/google-cloud-sql-proxy/default.nix @@ -5,18 +5,18 @@ buildGoModule rec { pname = "google-cloud-sql-proxy"; - version = "2.7.2"; + version = "2.8.1"; src = fetchFromGitHub { owner = "GoogleCloudPlatform"; repo = "cloud-sql-proxy"; rev = "v${version}"; - hash = "sha256-mfPh9cdsn9Jq9a1gkF5f/24inxuwcITrp7KfSfp0pMQ="; + hash = "sha256-7BkzDfAXc06pEDz2gHwlJ2HKmWWkqbVwyre8NrQHY6M="; }; subPackages = [ "." ]; - vendorHash = "sha256-GfvEurTX5r2ZIOwaDJA4ncd8SNMusoqXuhcMGYvaVwQ="; + vendorHash = "sha256-9xe/4yMkCSD7Tfm3CWvN940odeT67HPGbBAimNOGgIc="; preCheck = '' buildFlagsArray+="-short" diff --git a/pkgs/tools/misc/grub/default.nix b/pkgs/tools/misc/grub/default.nix index 727c6ae073e6..8f1ff2625d36 100644 --- a/pkgs/tools/misc/grub/default.nix +++ b/pkgs/tools/misc/grub/default.nix @@ -49,8 +49,8 @@ let src = fetchFromSavannah { repo = "grub"; - rev = "grub-2.12-rc1"; - hash = "sha256-DrNFzi2o7ZUfL3bMdG63xivZIjcTgv8RODJz7hLJ3WY="; + rev = "grub-2.12"; + hash = "sha256-lathsBb2f7urh8R86ihpTdwo3h1hAHnRiHd5gCLVpBc="; }; # HACK: the translations are stored on a different server, @@ -61,7 +61,7 @@ let outputHashAlgo = "sha256"; outputHashMode = "recursive"; - outputHash = "sha256-XpQ4tu5eNRARdbg95LOjqp+2RCVRj1qZWe+Sc0O5zNg="; + outputHash = "sha256-XzW2e7Xe7Pi297eV/fD2B/6uONEz9UjL2EHDCY0huTA="; } '' mkdir -p po @@ -77,46 +77,12 @@ assert !(efiSupport && xenSupport); stdenv.mkDerivation rec { pname = "grub"; - version = "2.12-rc1"; + version = "2.12"; inherit src; patches = [ ./fix-bash-completion.patch ./add-hidden-menu-entries.patch - - # Revert upstream commit that breaks reading XFS filesystems - # FIXME: remove when fixed upstream - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=ef7850c757fb3dd2462a512cfa0ff19c89fcc0b1"; - revert = true; - hash = "sha256-p8Kcv9d7ri4eJU6Fgqyzdj0hV5MHSe50AF02FPDJx2Y="; - }) - - # Fixes for NTFS bugs (CVE-2023-4692 and CVE-2023-4693) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=43651027d24e62a7a463254165e1e46e42aecdea"; - hash = "sha256-/oudbfL8Ph7ZsgsFUI0YIddji+7okFRG12E/rDsgvNM="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=0ed2458cc4eff6d9a9199527e2a0b6d445802f94"; - hash = "sha256-6EhLzVapN2n62Lgo+PnB4SRvDkYWFkrKNinCvArRUXk="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7e5f031a6a6a3decc2360a7b0c71abbe598e7354"; - hash = "sha256-R2vmVGidm1ZFxopt/71y2816z2i/vvPrthZE52oc4CI="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=7a5a116739fa6d8a625da7d6b9272c9a2462f967"; - hash = "sha256-T1LglEcUl9GXQjJ6Y4fKuFyFAujNRbcAb9KoNkl6jXs="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=1fe82c41e070385e273d7bb1cfb482627a3c28e8"; - hash = "sha256-x/V7bmRaNxo8NNOUwVti59n9ST/2yTJ/blWjk3omdqE="; - }) - (fetchpatch { - url = "https://git.savannah.gnu.org/cgit/grub.git/patch/?id=e58b870ff926415e23fc386af41ff81b2f588763"; - hash = "sha256-a0faNQafL+uRIglnILkLj64ROWxqmczQTQSu3VdklSk="; - }) ]; postPatch = if kbdcompSupport then '' diff --git a/pkgs/tools/misc/moar/default.nix b/pkgs/tools/misc/moar/default.nix index c4508d442478..232972d35ac0 100644 --- a/pkgs/tools/misc/moar/default.nix +++ b/pkgs/tools/misc/moar/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "moar"; - version = "1.18.5"; + version = "1.18.6"; src = fetchFromGitHub { owner = "walles"; repo = pname; rev = "v${version}"; - hash = "sha256-3s95PjuHIQ0qeTtVOXqsrWFrCeuUUaaA9Lgab4ATetg="; + hash = "sha256-QQapWDTJkP0YuyNR8J1N2IEETG1BfkdWv40SPD/JKYg="; }; vendorHash = "sha256-x6BeU6JDayCOi8T8+NvXZe59QmTaO9RAYwSiFlDPL/c="; diff --git a/pkgs/tools/misc/mongodb-compass/default.nix b/pkgs/tools/misc/mongodb-compass/default.nix index cc5858c16fb7..6c1c2b81f90c 100644 --- a/pkgs/tools/misc/mongodb-compass/default.nix +++ b/pkgs/tools/misc/mongodb-compass/default.nix @@ -33,7 +33,7 @@ xorg, }: let - version = "1.40.4"; + version = "1.41.0"; rpath = lib.makeLibraryPath [ alsa-lib @@ -82,7 +82,7 @@ let if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { url = "https://downloads.mongodb.com/compass/mongodb-compass_${version}_amd64.deb"; - sha256 = "sha256-PETvcHlR11hdi/KirPXKkH4mrLUyVpyQDtxf3SMx9tw="; + sha256 = "sha256-uVIN2oSpaRSeJK1bhjzMqSMmnQm+1i6xsw1RWjmsvGY="; } else throw "MongoDB compass is not supported on ${stdenv.hostPlatform.system}"; diff --git a/pkgs/tools/misc/plantuml-server/default.nix b/pkgs/tools/misc/plantuml-server/default.nix index dc7fe1627a1c..689a502efde1 100644 --- a/pkgs/tools/misc/plantuml-server/default.nix +++ b/pkgs/tools/misc/plantuml-server/default.nix @@ -1,14 +1,14 @@ { lib, stdenv, fetchurl, nixosTests }: let - version = "1.2023.12"; + version = "1.2023.13"; in stdenv.mkDerivation rec { pname = "plantuml-server"; inherit version; src = fetchurl { url = "https://github.com/plantuml/plantuml-server/releases/download/v${version}/plantuml-v${version}.war"; - sha256 = "sha256-RHlv0kVJvAInLAd70001OTcJuh3Qg2C9o+//zR37zxc="; + sha256 = "sha256-8MfInkDJ57Usm4KTESwEig/X9xfoxXTf+oA9F3bgMT0="; }; dontUnpack = true; diff --git a/pkgs/tools/misc/pubs/default.nix b/pkgs/tools/misc/pubs/default.nix index 4c52b9b239b4..b02aeb8aefb6 100644 --- a/pkgs/tools/misc/pubs/default.nix +++ b/pkgs/tools/misc/pubs/default.nix @@ -7,11 +7,12 @@ python3.pkgs.buildPythonApplication rec { pname = "pubs"; version = "0.9.0"; + pyproject = true; src = fetchFromGitHub { owner = "pubs"; repo = "pubs"; - rev = "v${version}"; + rev = "refs/tags/v${version}"; hash = "sha256-U/9MLqfXrzYVGttFSafw4pYDy26WgdsJMCxciZzO1pw="; }; @@ -28,22 +29,26 @@ python3.pkgs.buildPythonApplication rec { }) ]; + nativeBuildInputs = with python3.pkgs; [ + setuptools + ]; + propagatedBuildInputs = with python3.pkgs; [ - pyyaml + argcomplete + beautifulsoup4 bibtexparser - python-dateutil - six - requests configobj - beautifulsoup4 feedparser - argcomplete + python-dateutil + pyyaml + requests + six ]; nativeCheckInputs = with python3.pkgs; [ - pyfakefs - mock ddt + mock + pyfakefs pytestCheckHook ]; @@ -57,11 +62,18 @@ python3.pkgs.buildPythonApplication rec { disabledTests = [ # https://github.com/pubs/pubs/issues/276 "test_readme" + # AssertionError: Lists differ: ['Ini[112 chars]d to... + "test_add_non_standard" + ]; + + pythonImportsCheck = [ + "pubs" ]; meta = with lib; { description = "Command-line bibliography manager"; homepage = "https://github.com/pubs/pubs"; + changelog = "https://github.com/pubs/pubs/blob/v${version}/changelog.md"; license = licenses.lgpl3Only; maintainers = with maintainers; [ gebner dotlambda ]; }; diff --git a/pkgs/tools/misc/rpi-imager/default.nix b/pkgs/tools/misc/rpi-imager/default.nix index 455113c45e68..cadea00d9016 100644 --- a/pkgs/tools/misc/rpi-imager/default.nix +++ b/pkgs/tools/misc/rpi-imager/default.nix @@ -21,13 +21,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "rpi-imager"; - version = "1.8.3"; + version = "1.8.4"; src = fetchFromGitHub { owner = "raspberrypi"; repo = finalAttrs.pname; rev = "refs/tags/v${finalAttrs.version}"; - sha256 = "sha256-+8jSKYy3w+S7BP7q+K5UYXa8Fp6uNEya47ssYkVCHH4="; + sha256 = "sha256-ZuS/fhPpVlLSdaD+t+qIw6fdEbi7c82X+BxcgWlPntg="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/misc/star-history/default.nix b/pkgs/tools/misc/star-history/default.nix index 113280617cb0..3395cacf4ef3 100644 --- a/pkgs/tools/misc/star-history/default.nix +++ b/pkgs/tools/misc/star-history/default.nix @@ -1,27 +1,27 @@ { lib , rustPlatform +, darwin , fetchCrate , pkg-config , openssl , stdenv -, Security }: rustPlatform.buildRustPackage rec { pname = "star-history"; - version = "1.0.15"; + version = "1.0.16"; src = fetchCrate { inherit pname version; - sha256 = "sha256-9/r01j/47rbgmXQy9qVOeY1E3LDMe9A/1SOB2l9zpJU="; + sha256 = "sha256-ChUZf8aohDOmNKPgn9+i0NNZ4rKJsXQPK6IMqWf0NQc="; }; - cargoSha256 = "sha256-kUpGBtgircX8/fACed4WO7rHTCah+3BFuQQV/A5pivg="; + cargoHash = "sha256-RsBWmEe4D+m3hxE1ryQ5aZb2uDax519qjQoIK7xStPw="; nativeBuildInputs = [ pkg-config ]; buildInputs = [ openssl ] ++ lib.optionals stdenv.isDarwin [ - Security + darwin.apple_sdk.frameworks.SystemConfiguration ]; meta = with lib; { diff --git a/pkgs/tools/misc/tldr/default.nix b/pkgs/tools/misc/tldr/default.nix index 3d9655f114dc..0d4df99a952d 100644 --- a/pkgs/tools/misc/tldr/default.nix +++ b/pkgs/tools/misc/tldr/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "tldr"; - version = "1.6.0"; + version = "1.6.1"; src = fetchFromGitHub { owner = "tldr-pages"; repo = "tldr-c-client"; rev = "v${version}"; - sha256 = "sha256-9pBMo+t/44tuT/CisS0w60KaKXjPfNTMr2v6Ftjaf1k="; + sha256 = "sha256-1L9frURnzfq0XvPBs8D+hBikybAw8qkb0DyZZtkZleY="; }; buildInputs = [ curl libzip ]; diff --git a/pkgs/tools/networking/netassert/default.nix b/pkgs/tools/networking/netassert/default.nix index ac7f2f3630d5..1351c255e943 100644 --- a/pkgs/tools/networking/netassert/default.nix +++ b/pkgs/tools/networking/netassert/default.nix @@ -5,15 +5,15 @@ buildGoModule rec { pname = "netassert"; - version = "2.0.2"; + version = "2.0.3"; src = fetchFromGitHub { owner = "controlplaneio"; repo = "netassert"; rev = "v${version}"; - hash = "sha256-UWiPjLvMuEc12HJ5ZiwKGeD0hh/y9j4P6FKu0uynUGA="; + hash = "sha256-mRKjo0AfnM+XTl7sQoGDyQoquXpD3xPJ6i3/3Dj2rhE="; }; - vendorHash = "sha256-nDnSJOfEn9KieDwdNeIGFcI4m8rVU+Yaxwa+dKyNSHM="; + vendorHash = "sha256-9mvSfAd1m95eRwljGG68+tjiFObgt1EuakjwFfn9Obo="; ldflags = [ "-s" diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix index 28bda2203ffc..5b5eaee20dc7 100644 --- a/pkgs/tools/networking/netbird/default.nix +++ b/pkgs/tools/networking/netbird/default.nix @@ -31,16 +31,16 @@ let in buildGoModule rec { pname = "netbird"; - version = "0.24.4"; + version = "0.25.2"; src = fetchFromGitHub { owner = "netbirdio"; repo = pname; rev = "v${version}"; - hash = "sha256-m3LGxRUo1ModiSS1O1e5B513hRe42WuBo7GWYf/oaHA="; + hash = "sha256-308t/yaFFabFC9nr1eN/SMF+uBBnpGaaWiWD0wm/dtI="; }; - vendorHash = "sha256-lto71mayUJGDiKPSoKJD2DmIJikhv6sjEGsW4Ls1UUM="; + vendorHash = "sha256-3jjCAsqbD5HUM8972jGBxCiewSLh2aIRE68rpV03KqQ="; nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config; diff --git a/pkgs/tools/networking/onetun/default.nix b/pkgs/tools/networking/onetun/default.nix index 46b040f513ea..ca07db7583a4 100644 --- a/pkgs/tools/networking/onetun/default.nix +++ b/pkgs/tools/networking/onetun/default.nix @@ -7,16 +7,16 @@ rustPlatform.buildRustPackage rec { pname = "onetun"; - version = "0.3.5"; + version = "0.3.6"; src = fetchFromGitHub { owner = "aramperes"; repo = pname; rev = "v${version}"; - sha256 = "sha256-svf30eFldfbhi8L44linHccGApYFuEWZOjzyqM+tjw4="; + sha256 = "sha256-NH3K/EGFtBcTAxGntneV86zd8eWSV4fFxvr76xtE/mw="; }; - cargoHash = "sha256-KcixaVNZEpGeMg/sh3dua3D7vqzlBvf+Zh3MKk6LJac="; + cargoHash = "sha256-ZpgcFzQLiOWyhjSI+WcLa0UFUw8zQWfqJkrVVpIexgM="; buildInputs = lib.optionals stdenv.isDarwin [ Security diff --git a/pkgs/tools/networking/openvpn/default.nix b/pkgs/tools/networking/openvpn/default.nix index 87cbd6881e27..6aedcbbcbb3e 100644 --- a/pkgs/tools/networking/openvpn/default.nix +++ b/pkgs/tools/networking/openvpn/default.nix @@ -3,6 +3,9 @@ , fetchurl , pkg-config , iproute2 +, libcap_ng +, libnl +, lz4 , lzo , openssl , pam @@ -11,12 +14,13 @@ , update-systemd-resolved , pkcs11Support ? false , pkcs11helper +, nixosTests }: let inherit (lib) versionOlder optional optionals optionalString; - generic = { version, sha256, extraBuildInputs ? [] }: + generic = { version, sha256, extraBuildInputs ? [ ] }: let withIpRoute = stdenv.isLinux && (versionOlder version "2.5.4"); in @@ -32,8 +36,8 @@ let nativeBuildInputs = [ pkg-config ]; - buildInputs = [ lzo ] - ++ optional stdenv.isLinux pam + buildInputs = [ lz4 lzo ] + ++ optionals stdenv.isLinux [ libcap_ng libnl pam ] ++ optional withIpRoute iproute2 ++ optional useSystemd systemd ++ optional pkcs11Support pkcs11helper @@ -72,9 +76,14 @@ let in { - openvpn = generic { - version = "2.5.8"; - sha256 = "1cixqm4gn2d1v8qkbww75j30fzvxz13gc7whcmz54i0x4fvibwx6"; + openvpn = (generic { + version = "2.6.8"; + sha256 = "sha256-Xt4VZcim2IAQD38jUxen7p7qg9UFLbVUfxOp52r3gF0="; extraBuildInputs = [ openssl ]; - }; + }).overrideAttrs + (_: { + passthru.tests = { + inherit (nixosTests) initrd-network-openvpn systemd-initrd-networkd-openvpn; + }; + }); } diff --git a/pkgs/tools/networking/rabtap/default.nix b/pkgs/tools/networking/rabtap/default.nix index 06aacddbcf6b..2e9fff0dd1e9 100644 --- a/pkgs/tools/networking/rabtap/default.nix +++ b/pkgs/tools/networking/rabtap/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "rabtap"; - version = "1.39.0"; + version = "1.39.1"; src = fetchFromGitHub { owner = "jandelgado"; repo = "rabtap"; rev = "v${version}"; - sha256 = "sha256-/inclOpKYlEGSEH390+GtRiHXotaH+VxqWVAWSf61Xs="; + sha256 = "sha256-R0OZNmOgklhiljsYTVoqpbMMMaPHICC/qVJNUgkUsfU="; }; vendorHash = "sha256-BrpDafEFDrH243zDHY9EtkVjPvwrmbJVu5TQMHHOWfA="; diff --git a/pkgs/tools/networking/sing-box/default.nix b/pkgs/tools/networking/sing-box/default.nix index cc826474d3eb..5ba7917de049 100644 --- a/pkgs/tools/networking/sing-box/default.nix +++ b/pkgs/tools/networking/sing-box/default.nix @@ -11,16 +11,16 @@ buildGoModule rec { pname = "sing-box"; - version = "1.7.5"; + version = "1.7.6"; src = fetchFromGitHub { owner = "SagerNet"; repo = pname; rev = "v${version}"; - hash = "sha256-6SWcepENdbkwv4qq4nuxSINAxXWZmLcj5NwJ3nBnKu8="; + hash = "sha256-ZrZ2mqf1/D4L+1SlTx3rwkmk9+RcqH/yuMZie6jtpmc="; }; - vendorHash = "sha256-8R3bVwziiC9n10dA8Zus7L0VyjWYKkdSszb44HqR8tE="; + vendorHash = "sha256-nIVm2+F+5rXTiode240zZXxIAQA4VkNynYnmdvSwEHw="; tags = [ "with_quic" diff --git a/pkgs/tools/package-management/harmonia/default.nix b/pkgs/tools/package-management/harmonia/default.nix index fd1ce1063245..9830570a07fd 100644 --- a/pkgs/tools/package-management/harmonia/default.nix +++ b/pkgs/tools/package-management/harmonia/default.nix @@ -2,36 +2,42 @@ , boost , fetchFromGitHub , libsodium -, nix +, nixVersions , pkg-config , rustPlatform +, stdenv , nix-update-script , nixosTests }: rustPlatform.buildRustPackage rec { pname = "harmonia"; - version = "0.7.3"; + version = "0.7.4"; src = fetchFromGitHub { owner = "nix-community"; repo = pname; rev = "refs/tags/${pname}-v${version}"; - hash = "sha256-XtnK54HvZMKZGSCrVD0FO5PQLMo3Vkj8ezUlsfqStq0="; + hash = "sha256-72JMrXmxw/FuGjqXXxMIGiAbUUOqXEERdQwch+s3iwU="; }; - cargoHash = "sha256-oQVHrfNPhslYk6APB/bhW+h+vk/gNTW/ZypoGGb5zPk="; + cargoHash = "sha256-Q5Y5v7mmJpfZFGRgurTcRBRtbApFRrwqOBHdZTJbyzc="; nativeBuildInputs = [ - pkg-config nix + pkg-config nixVersions.nix_2_19 ]; buildInputs = [ boost libsodium - nix + nixVersions.nix_2_19 ]; + # Workaround for https://github.com/NixOS/nixpkgs/issues/166205 + env = lib.optionalAttrs stdenv.cc.isClang { + NIX_LDFLAGS = "-l${stdenv.cc.libcxx.cxxabi.libName}"; + }; + passthru = { updateScript = nix-update-script { extraArgs = [ "--version-regex" "harmonia-v(.*)" ]; diff --git a/pkgs/tools/package-management/nfpm/default.nix b/pkgs/tools/package-management/nfpm/default.nix index f61d49f493b6..1ad4b0e97873 100644 --- a/pkgs/tools/package-management/nfpm/default.nix +++ b/pkgs/tools/package-management/nfpm/default.nix @@ -8,16 +8,16 @@ buildGoModule rec { pname = "nfpm"; - version = "2.34.0"; + version = "2.35.0"; src = fetchFromGitHub { owner = "goreleaser"; repo = pname; rev = "v${version}"; - hash = "sha256-O7qxJ2TE62XDYljqvNsO3ssD/YhfOLfy9zF0W++T0Hw="; + hash = "sha256-WYLXhRoB8+a5zhTs1qxJVrDjor5orCw6UJrqEt+fBBQ="; }; - vendorHash = "sha256-qihPtpygHoIfGf2wj+klDWwL4sTHqDxi1jxjv57vUx4="; + vendorHash = "sha256-P9jSQG6EyVGMZKtThy8Q7Y/pV7mbMl2eGrylea0VHRc="; ldflags = [ "-s" "-w" "-X main.version=${version}" ]; diff --git a/pkgs/tools/security/bitwarden/cli.nix b/pkgs/tools/security/bitwarden/cli.nix index 0ff814617429..b51dd1e9e8c2 100644 --- a/pkgs/tools/security/bitwarden/cli.nix +++ b/pkgs/tools/security/bitwarden/cli.nix @@ -10,18 +10,18 @@ buildNpmPackage rec { pname = "bitwarden-cli"; - version = "2023.12.0"; + version = "2023.12.1"; src = fetchFromGitHub { owner = "bitwarden"; repo = "clients"; rev = "cli-v${version}"; - hash = "sha256-WYhLKV3j3Ktite5u1H4fSku38hCCrMzKoxtjq6aT9yo="; + hash = "sha256-WHI1AfliJa1wAbN1Heto28WlM7uX51SSV4YndAZii1Y="; }; nodejs = nodejs_18; - npmDepsHash = "sha256-bnYpvHO9Pnob+MbrSshv03mSwXCADH/2xw33nLVKMdg="; + npmDepsHash = "sha256-18OaRCys+HaCZ5/ZLeugqW0jWKSQkfvnBGx8aVAdezQ="; nativeBuildInputs = [ python3 diff --git a/pkgs/tools/security/cloudfox/default.nix b/pkgs/tools/security/cloudfox/default.nix index df34f3e18bf7..e5e47ce56f4e 100644 --- a/pkgs/tools/security/cloudfox/default.nix +++ b/pkgs/tools/security/cloudfox/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "cloudfox"; - version = "1.12.2"; + version = "1.12.3"; src = fetchFromGitHub { owner = "BishopFox"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-r9YIJ+PRUA1stKTL39+/T+m1WMkocpjfzG8Y9knnFU4="; + hash = "sha256-V6zYEH2LACBcMY0ox8ZgqJGFLWFgCNR4l9Uo+hMgseE="; }; - vendorHash = "sha256-nSisRurpareGI4EHENayMhsYOKL1hE1wVw2Ueiqii4U="; + vendorHash = "sha256-PZW1rNX8TLW0SZ9A2eF5N12J9BPWgRZJeGIb042Tinc="; # Some tests are failing because of wrong filename/path doCheck = false; diff --git a/pkgs/tools/security/cnquery/default.nix b/pkgs/tools/security/cnquery/default.nix index 12a0ed8fb09a..b9e6769ea5ad 100644 --- a/pkgs/tools/security/cnquery/default.nix +++ b/pkgs/tools/security/cnquery/default.nix @@ -5,18 +5,18 @@ buildGoModule rec { pname = "cnquery"; - version = "9.11.0"; + version = "9.12.0"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnquery"; rev = "v${version}"; - hash = "sha256-3fyX6vz3lqnV07gu/H7qeIrLyNSbqhLpICJWqPTv7T0="; + hash = "sha256-d2S9qEm0jvXvpU7IHpurDJ7A21bvjuM3HrdRPaujzTU="; }; subPackages = [ "apps/cnquery" ]; - vendorHash = "sha256-7zZRX0LWDmO7LA0fIjAh8+5kK2dcAV/4HQmKdn9I3Mg="; + vendorHash = "sha256-vEJcdGgev9C/3vGx+SMmD9dLMau5Jyx2TjHiiQQ+16A="; meta = with lib; { description = "cloud-native, graph-based asset inventory"; diff --git a/pkgs/tools/security/cnspec/default.nix b/pkgs/tools/security/cnspec/default.nix index b0ca29f5ea0c..58250f5320a7 100644 --- a/pkgs/tools/security/cnspec/default.nix +++ b/pkgs/tools/security/cnspec/default.nix @@ -5,17 +5,17 @@ buildGoModule rec { pname = "cnspec"; - version = "9.12.0"; + version = "9.12.1"; src = fetchFromGitHub { owner = "mondoohq"; repo = "cnspec"; rev = "refs/tags/v${version}"; - hash = "sha256-bNSSU7UJBexnZ95fJM0Oa70jGbbM0ghNA0ePESRMjX0="; + hash = "sha256-U3iEiKIb9lTNM4GK75a8khsjeZzYaMafoBfdpNiiwHQ="; }; proxyVendor = true; - vendorHash = "sha256-9hjQBoZW6pnuo1YDegp+yxpvR4Ja+6BqOg5/fqwPRig="; + vendorHash = "sha256-RRE0DsBkpI9hvo7k04eIadOKO3YE0g0DDjFj40ya1ZM="; subPackages = [ "apps/cnspec" diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 73080cf05b23..0e2e74d0787f 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2023-12-19"; + version = "2023-12-22"; src = fetchFromGitLab { owner = "exploit-database"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-yIEu5JQ9sgf9HFP/pFZ/A2DG14c67imgfYRYL1+PiYA="; + hash = "sha256-NuukzG+l83YhIgVASLKCkE3FrS6+z8uURTxZyhT/RuA="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/grype/default.nix b/pkgs/tools/security/grype/default.nix index db955a1a2086..e3f43157f614 100644 --- a/pkgs/tools/security/grype/default.nix +++ b/pkgs/tools/security/grype/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "grype"; - version = "0.73.4"; + version = "0.73.5"; src = fetchFromGitHub { owner = "anchore"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-cYhgLMKj8fo49zr+NC7SARiyybCnqXf+DgB+6IkwkAw="; + hash = "sha256-a5Kna1axfA3uBHoTdT/B/6PA/Tr+w0bK6GeKcGIPRsQ="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -28,7 +28,7 @@ buildGoModule rec { proxyVendor = true; - vendorHash = "sha256-Zx8gJZVkobKjrGysrqYd6Hv2bGqEgOQ+EGSKDvOM33M="; + vendorHash = "sha256-eO0/kE0XPqsnoCBKxcwJjHoBhQlXlxVPcg6w1fHfWGs="; nativeBuildInputs = [ installShellFiles diff --git a/pkgs/tools/security/kube-bench/default.nix b/pkgs/tools/security/kube-bench/default.nix index e9094ce7103c..f4cb389eb16e 100644 --- a/pkgs/tools/security/kube-bench/default.nix +++ b/pkgs/tools/security/kube-bench/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "kube-bench"; - version = "0.6.19"; + version = "0.7.0"; src = fetchFromGitHub { owner = "aquasecurity"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-owpmQ/APTUu1V8au2UE48SIIZnVI93tlv5bhkS/2kgQ="; + hash = "sha256-yJJEWxz8EWdLi2rhw42QVdG9AcGO0OWnihg153hALNE="; }; - vendorHash = "sha256-dBN6Yi8HtS9LzXr08jhw1hqDwS8a4UqrYaRpM+RzvVM="; + vendorHash = "sha256-zKw6d3UWs2kb+DCXmLZ09Lw3m8wMhm9QJYkeXJYcFA8="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/security/metasploit/Gemfile b/pkgs/tools/security/metasploit/Gemfile index 3f64895d3673..3d10bb0bb51c 100644 --- a/pkgs/tools/security/metasploit/Gemfile +++ b/pkgs/tools/security/metasploit/Gemfile @@ -1,4 +1,4 @@ # frozen_string_literal: true source "https://rubygems.org" -gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.47" +gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.3.48" diff --git a/pkgs/tools/security/metasploit/Gemfile.lock b/pkgs/tools/security/metasploit/Gemfile.lock index 57f922329c23..899a80b10966 100644 --- a/pkgs/tools/security/metasploit/Gemfile.lock +++ b/pkgs/tools/security/metasploit/Gemfile.lock @@ -1,9 +1,9 @@ GIT remote: https://github.com/rapid7/metasploit-framework - revision: e9a1adf7e1a5edb3f76bd537fe6fa5c75435aec9 - ref: refs/tags/6.3.47 + revision: 261eca342915db81d67cdfe7f2ef7b3788fd508f + ref: refs/tags/6.3.48 specs: - metasploit-framework (6.3.47) + metasploit-framework (6.3.48) actionpack (~> 7.0.0) activerecord (~> 7.0.0) activesupport (~> 7.0.0) @@ -134,13 +134,13 @@ GEM arel-helpers (2.14.0) activerecord (>= 3.1.0, < 8) aws-eventstream (1.3.0) - aws-partitions (1.864.0) - aws-sdk-core (3.190.0) + aws-partitions (1.872.0) + aws-sdk-core (3.190.1) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) jmespath (~> 1, >= 1.6.1) - aws-sdk-ec2 (1.430.0) + aws-sdk-ec2 (1.431.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) aws-sdk-ec2instanceconnect (1.36.0) @@ -149,7 +149,7 @@ GEM aws-sdk-iam (1.92.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) - aws-sdk-kms (1.74.0) + aws-sdk-kms (1.75.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) aws-sdk-s3 (1.141.0) @@ -191,7 +191,7 @@ GEM eventmachine (1.2.7) faker (3.2.2) i18n (>= 1.8.11, < 2) - faraday (2.7.12) + faraday (2.8.1) base64 faraday-net_http (>= 2.0, < 3.1) ruby2_keywords (>= 0.0.4) @@ -219,7 +219,7 @@ GEM httpclient (2.8.3) i18n (1.14.1) concurrent-ruby (~> 1.0) - io-console (0.6.0) + io-console (0.7.1) irb (1.7.4) reline (>= 0.3.6) jmespath (1.6.2) @@ -274,7 +274,7 @@ GEM mustermann (3.0.0) ruby2_keywords (~> 0.0.1) nessus_rest (0.1.6) - net-imap (0.4.7) + net-imap (0.4.8) date net-protocol net-ldap (0.18.0) @@ -282,7 +282,7 @@ GEM timeout net-smtp (0.4.0) net-protocol - net-ssh (7.2.0) + net-ssh (7.2.1) network_interface (0.0.4) nexpose (7.3.0) nio4r (2.7.0) @@ -334,7 +334,7 @@ GEM rasn1 (0.12.1) strptime (~> 0.2.5) rb-readline (0.5.5) - recog (3.1.2) + recog (3.1.4) nokogiri redcarpet (3.6.0) reline (0.4.1) @@ -393,7 +393,7 @@ GEM ruby-mysql (4.1.0) ruby-rc4 (0.1.5) ruby2_keywords (0.0.5) - ruby_smb (3.3.0) + ruby_smb (3.3.1) bindata openssl-ccm openssl-cmac @@ -463,4 +463,4 @@ DEPENDENCIES metasploit-framework! BUNDLED WITH - 2.4.22 + 2.4.13 diff --git a/pkgs/tools/security/metasploit/default.nix b/pkgs/tools/security/metasploit/default.nix index 6c30b6a05f8a..935374a09ad4 100644 --- a/pkgs/tools/security/metasploit/default.nix +++ b/pkgs/tools/security/metasploit/default.nix @@ -15,13 +15,13 @@ let }; in stdenv.mkDerivation rec { pname = "metasploit-framework"; - version = "6.3.47"; + version = "6.3.48"; src = fetchFromGitHub { owner = "rapid7"; repo = "metasploit-framework"; rev = "refs/tags/${version}"; - hash = "sha256-I1BpYCS2wLrvAKwqKn0QDOf0SvdsmT58OtiBDXwJkh8="; + hash = "sha256-AY0k44/gYXP4h3SoRVF9aK2L2skZ03Azd5V9hSRDoHQ="; }; nativeBuildInputs = [ diff --git a/pkgs/tools/security/metasploit/gemset.nix b/pkgs/tools/security/metasploit/gemset.nix index f185105372f4..a439c6380641 100644 --- a/pkgs/tools/security/metasploit/gemset.nix +++ b/pkgs/tools/security/metasploit/gemset.nix @@ -104,30 +104,30 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "16n1d0bh3zy925y4f8flrnkfir2smsj0j31zslfaz6vf6cvi9qjs"; + sha256 = "1ddbcz8p3abbw8d8pn796z1ry1mbapl6ayhh37ziwal6bd047kvm"; type = "gem"; }; - version = "1.864.0"; + version = "1.872.0"; }; aws-sdk-core = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19nglxz49nlzgsvnivb3bdm17vxjn1ng2br8659xv48nzjrmyid3"; + sha256 = "1ansagfl5irx1y6b9xf4xpi9j6q6k5pbd2aw80hn0p4m3ycafamh"; type = "gem"; }; - version = "3.190.0"; + version = "3.190.1"; }; aws-sdk-ec2 = { groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zyazx97nskgl9xzspg2q1rji02p2jv789v8qd1qz6hknz0z6r5f"; + sha256 = "04lg4g6aivkf6zvvcc1clw0dqdlpkn3c87kiz5mfc7m2jr0m0ljx"; type = "gem"; }; - version = "1.430.0"; + version = "1.431.0"; }; aws-sdk-ec2instanceconnect = { groups = ["default"]; @@ -154,10 +154,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1isrj19kzy9sb7a76a1c2n5x0d9lg1h2n7fp7cn13xjis0hpnlxj"; + sha256 = "1qzxqfgrhnl5rdc39a1gl2pgrdxgnsj12zycpxnsx8lg6arfmnr1"; type = "gem"; }; - version = "1.74.0"; + version = "1.75.0"; }; aws-sdk-s3 = { groups = ["default"]; @@ -404,10 +404,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19w1lzipnxs6vy3y0pw1mf956f768ppzgfrnlpwgrpnjjv9xqf7d"; + sha256 = "19p45ryrvxff6ggdj4fq76dk7wlkfgrh474c3kwzdsjx3xpdq8x8"; type = "gem"; }; - version = "2.7.12"; + version = "2.8.1"; }; faraday-net_http = { groups = ["default"]; @@ -554,10 +554,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0dikardh14c72gd9ypwh8dim41wvqmzfzf35mincaj5yals9m7ff"; + sha256 = "1fmwbcapyhla84xhwj3gfws6rb4lw3928ybz6g3lr372dgxakzx5"; type = "gem"; }; - version = "0.6.0"; + version = "0.7.1"; }; irb = { groups = ["default"]; @@ -664,12 +664,12 @@ platforms = []; source = { fetchSubmodules = false; - rev = "e9a1adf7e1a5edb3f76bd537fe6fa5c75435aec9"; - sha256 = "07wj15y0v0fq79y3x6bcyx5g9rqc21yjlamc03pvmh5n4ih6jl13"; + rev = "261eca342915db81d67cdfe7f2ef7b3788fd508f"; + sha256 = "0x508cj8azcmfwrp1lqrr7d8pbb8gm8lba3lhzw76qg0izij9381"; type = "git"; url = "https://github.com/rapid7/metasploit-framework"; }; - version = "6.3.47"; + version = "6.3.48"; }; metasploit-model = { groups = ["default"]; @@ -796,10 +796,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0541lfqaz46h8s3fks11vsd1iqzmgjjw3c0jp9agg92zblwj0axs"; + sha256 = "1wnmxcrpv7zaf8wli5nvfnz5ybmw7f3r06s05p3d96idc61193mv"; type = "gem"; }; - version = "0.4.7"; + version = "0.4.8"; }; net-ldap = { groups = ["default"]; @@ -836,10 +836,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1jyj6j7w9zpj2zhp4dyhdjiwsn9rqwksj7s7fzpnn7rx2xvz2a1a"; + sha256 = "1i01340c4i144vvn3x54lc2rb77ch829qipl1rh6rqwm3yxzml9w"; type = "gem"; }; - version = "7.2.0"; + version = "7.2.1"; }; network_interface = { groups = ["default"]; @@ -1107,10 +1107,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "15633qvzbgsigx55dxb9b07xh0spwr9njd5y2f454kc5zrrapp1a"; + sha256 = "1a9m9ngmcgvgzg8m8ahdhjvfm65k6hp8r7dqmrsh3zcphim4x71k"; type = "gem"; }; - version = "3.1.2"; + version = "3.1.4"; }; redcarpet = { groups = ["default"]; @@ -1377,10 +1377,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1xfjl89a46xg1w98ywa2byf23jmhh3xyj4r501hgc7vma1i5gw3v"; + sha256 = "04m366ldi33h79k7f35dvyhq0jyh762v8360zf8ss5jbax3bzlkk"; type = "gem"; }; - version = "3.3.0"; + version = "3.3.1"; }; rubyntlm = { groups = ["default"]; diff --git a/pkgs/tools/security/nuclei/default.nix b/pkgs/tools/security/nuclei/default.nix index d5bccc8dd8cd..c0c0fdef6fb9 100644 --- a/pkgs/tools/security/nuclei/default.nix +++ b/pkgs/tools/security/nuclei/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "nuclei"; - version = "3.1.2"; + version = "3.1.3"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-mQzZohEwalTXeNEPfLk5TqT2R7p4DAiyK5HlQmX+dwI="; + hash = "sha256-XTKJq7bq6iNzZ4LnxQxqzbNDdNh0ixFclB3kniNvg2I="; }; - vendorHash = "sha256-Os3Vx18H0e+yd0/BeDf3MbnPdIZGNPhzrRfu7Dky5to="; + vendorHash = "sha256-C/CDMj+R7p0wkjHSQX6GMRDU1PEDHi8574JS/A2zrzk="; subPackages = [ "cmd/nuclei/" diff --git a/pkgs/tools/security/rekor/default.nix b/pkgs/tools/security/rekor/default.nix index d8a48cf65abc..afc07a63d603 100644 --- a/pkgs/tools/security/rekor/default.nix +++ b/pkgs/tools/security/rekor/default.nix @@ -4,13 +4,13 @@ let generic = { pname, packageToBuild, description }: buildGoModule rec { inherit pname; - version = "1.3.3"; + version = "1.3.4"; src = fetchFromGitHub { owner = "sigstore"; repo = "rekor"; rev = "v${version}"; - hash = "sha256-CFavEtv6wL6jiUayjyU27OkdToXIM4EP7v5ONFdAJ5w="; + hash = "sha256-vU/qxCMCC2XWH79Z7cGhMlqMeQOMghTPDfROWdusKX4="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -23,7 +23,7 @@ let ''; }; - vendorHash = "sha256-BLK8IJWL2sZ5bdnJU48/XhplSGUOL8gE7pY8rL+rVFk="; + vendorHash = "sha256-qhBbzYYayRktBQi9HtzuxBIlSdNIOD/agCFFNEvlcBc="; nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/tools/security/theharvester/default.nix b/pkgs/tools/security/theharvester/default.nix index 528003664697..7628e14e3d0f 100644 --- a/pkgs/tools/security/theharvester/default.nix +++ b/pkgs/tools/security/theharvester/default.nix @@ -5,16 +5,20 @@ python3.pkgs.buildPythonApplication rec { pname = "theharvester"; - version = "4.4.4"; - format = "setuptools"; + version = "4.5.0"; + pyproject = true; src = fetchFromGitHub { owner = "laramies"; repo = pname; rev = "refs/tags/${version}"; - hash = "sha256-L0WbPZE2alregOvWc+0nuMvsD17ayCw3JtahGhf4B1o="; + hash = "sha256-tnCiI4bte2RSWSkEL2rwFz6WFjfRMMFiEBOvv3QMyos="; }; + nativeBuildInputs = with python3.pkgs; [ + poetry-core + ]; + propagatedBuildInputs = with python3.pkgs; [ aiodns aiofiles diff --git a/pkgs/tools/security/vaultwarden/webvault.nix b/pkgs/tools/security/vaultwarden/webvault.nix index 52f153b6a30d..3981366448be 100644 --- a/pkgs/tools/security/vaultwarden/webvault.nix +++ b/pkgs/tools/security/vaultwarden/webvault.nix @@ -7,13 +7,13 @@ }: let - version = "2023.10.0"; + version = "2023.12.0"; bw_web_builds = fetchFromGitHub { owner = "dani-garcia"; repo = "bw_web_builds"; rev = "v${version}"; - hash = "sha256-5vfmMJIGKyZlTQDi/t1YKAALbW/6BFAcWODfkypk/eA="; + hash = "sha256-S98Yqi0PEpMF+enP/J3x/kPEe0VhErY8BNphOXmsijg="; }; in buildNpmPackage rec { pname = "vaultwarden-webvault"; @@ -23,10 +23,10 @@ in buildNpmPackage rec { owner = "bitwarden"; repo = "clients"; rev = "web-v${lib.removeSuffix "b" version}"; - hash = "sha256-egXToXWfb9XV7JuCRBYJO4p/e+WOwMncPKz0oBgeALQ="; + hash = "sha256-eAwj7cWR/ojAMAvYg2/vtNWYTwVBCOnBJPy9mC5Td40="; }; - npmDepsHash = "sha256-iO8ZozVl1vOOqowQARnRJWSFUFnau46+dKfcMSkyU3o="; + npmDepsHash = "sha256-VW1pGG/pc2tdSs5+HfypZv9fnQu04qkoFBTJxaYvBZo="; postPatch = '' ln -s ${bw_web_builds}/{patches,resources} .. diff --git a/pkgs/tools/security/witness/default.nix b/pkgs/tools/security/witness/default.nix index d16f74940d3b..42e6455ae7dd 100644 --- a/pkgs/tools/security/witness/default.nix +++ b/pkgs/tools/security/witness/default.nix @@ -1,17 +1,24 @@ -{ lib, buildGoModule, fetchFromGitHub, installShellFiles }: +{ lib +, buildGoModule +, fetchFromGitHub +, installShellFiles + +# testing +, testers +, witness +}: buildGoModule rec { pname = "witness"; - version = "0.1.14"; + version = "0.2.0"; src = fetchFromGitHub { - owner = "testifysec"; - repo = pname; + owner = "in-toto"; + repo = "witness"; rev = "v${version}"; - sha256 = "sha256-TUEbFkrS0OztTiY0OXiZsqraq3TINtC/DQEyCGPNXpE="; + sha256 = "sha256-U+dcaPi9Drg4I2SZlZPaR3Ryb+Dz27nyPI2XJPG/LWc="; }; - proxyVendor = true; - vendorHash = "sha256-L2NaEt64mgFZVta/F8/uUQ4djlra59JPcHJLGbFCQJs="; + vendorHash = "sha256-pjcyAGdR8TsU9YBy5zd6u575vDKPwy8s85TXUsuxZiU="; nativeBuildInputs = [ installShellFiles ]; @@ -21,7 +28,7 @@ buildGoModule rec { ldflags = [ "-s" "-w" - "-X github.com/testifysec/witness/cmd.Version=v${version}" + "-X github.com/in-toto/witness/cmd.Version=v${version}" ]; # Feed in all tests for testing @@ -38,13 +45,11 @@ buildGoModule rec { --zsh <($out/bin/witness completion zsh) ''; - doInstallCheck = true; - installCheckPhase = '' - runHook preInstallCheck - $out/bin/witness --help - $out/bin/witness version | grep "v${version}" - runHook postInstallCheck - ''; + passthru.tests.version = testers.testVersion { + package = witness; + command = "witness version"; + version = "v${version}"; + }; meta = with lib; { description = "A pluggable framework for software supply chain security. Witness prevents tampering of build materials and verifies the integrity of the build process from source to target"; @@ -57,6 +62,7 @@ buildGoModule rec { PKI distribution system will mitigate against many software supply chain attack vectors and can be used as a framework for automated governance. ''; + mainProgram = "witness"; homepage = "https://github.com/testifysec/witness"; changelog = "https://github.com/testifysec/witness/releases/tag/v${version}"; license = licenses.asl20; diff --git a/pkgs/tools/system/kanata/default.nix b/pkgs/tools/system/kanata/default.nix index 6e86812ece44..706382d3dd04 100644 --- a/pkgs/tools/system/kanata/default.nix +++ b/pkgs/tools/system/kanata/default.nix @@ -6,16 +6,16 @@ rustPlatform.buildRustPackage rec { pname = "kanata"; - version = "1.4.0"; + version = "1.5.0"; src = fetchFromGitHub { owner = "jtroo"; repo = pname; rev = "v${version}"; - sha256 = "sha256-Tenh2LARajYAFHJ5gddeozY7rfySSvqFhudc/7b9cGg="; + sha256 = "sha256-ci/0Ksmi0uNHIvpZlihWvGeNabzmk+k3fUeuMDVpFeE="; }; - cargoHash = "sha256-oJVGZhKJVK8q5lgK+G+KhVupOF05u37B7Nmv4rrI28I="; + cargoHash = "sha256-IzgVF6SHJjOB48VehQ5taD5iWQXFKLcVBWTEl3ArkGQ="; buildFeatures = lib.optional withCmd "cmd"; diff --git a/pkgs/tools/text/ugrep/default.nix b/pkgs/tools/text/ugrep/default.nix index c1c4cef126ea..224d358ecb51 100644 --- a/pkgs/tools/text/ugrep/default.nix +++ b/pkgs/tools/text/ugrep/default.nix @@ -14,13 +14,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "ugrep"; - version = "4.3.6"; + version = "4.4.1"; src = fetchFromGitHub { owner = "Genivia"; repo = "ugrep"; rev = "v${finalAttrs.version}"; - hash = "sha256-eCOSUtSPIRaoc7pIyQAftcwG3P8321qk6GPbeDNNevI="; + hash = "sha256-Bbt20XE+PNIxl2qDzxpIh4yjU93JgXF4gn1kb4bvdBw="; }; buildInputs = [ diff --git a/pkgs/tools/typesetting/tectonic/biber.nix b/pkgs/tools/typesetting/tectonic/biber.nix new file mode 100644 index 000000000000..9798c1471667 --- /dev/null +++ b/pkgs/tools/typesetting/tectonic/biber.nix @@ -0,0 +1,54 @@ +/* + This package, `biber-for-tectonic`, provides a compatible version of `biber` + as an optional runtime dependency of `tectonic`. + + The development of tectonic is slowing down recently, such that its `biber` + dependency has been lagging behind the one in the nixpkgs `texlive` bundle. + See: + + https://github.com/tectonic-typesetting/tectonic/discussions/1122 + + It is now feasible to track the biber dependency in nixpkgs, as the + version bump is not very frequent, and it would provide a more complete + user experience of tectonic in nixpkgs. +*/ + +{ lib +, fetchFromGitHub +, fetchpatch +, biber +}: + +let version = "2.17"; in ( + biber.override { + /* + It is necessary to first override the `version` data here, which is + passed to `buildPerlModule`, and then to `mkDerivation`. + + If we simply do `biber.overrideAttrs` the resulting package `name` + would be incorrect, since it has already been preprocessed by + `buildPerlModule`. + */ + texlive.pkgs.biber.texsource = { + inherit version; + inherit (biber) pname meta; + }; + } +).overrideAttrs (prevAttrs: { + src = fetchFromGitHub { + owner = "plk"; + repo = "biber"; + rev = "v${version}"; + hash = "sha256-Tt2sN2b2NGxcWyZDj5uXNGC8phJwFRiyH72n3yhFCi0="; + }; + patches = [ + # Perl>=5.36.0 compatibility + (fetchpatch { + url = "https://patch-diff.githubusercontent.com/raw/plk/biber/pull/411.patch"; + hash = "sha256-osgldRVfe3jnMSOMnAMQSB0Ymc1s7J6KtM2ig3c93SE="; + }) + ]; + meta = prevAttrs.meta // { + maintainers = with lib.maintainers; [ doronbehar bryango ]; + }; +}) diff --git a/pkgs/tools/typesetting/tectonic/default.nix b/pkgs/tools/typesetting/tectonic/default.nix index 607e71cfbb44..6b98a5db6343 100644 --- a/pkgs/tools/typesetting/tectonic/default.nix +++ b/pkgs/tools/typesetting/tectonic/default.nix @@ -1,3 +1,11 @@ +/* + This file provides the `tectonic-unwrapped` package. On the other hand, + the `tectonic` package is defined in `./wrapper.nix`, by wrapping + - [`tectonic-unwrapped`](./default.nix) i.e. this package, and + - [`biber-for-tectonic`](./biber.nix), + which provides a compatible version of `biber`. +*/ + { lib , stdenv , fetchFromGitHub @@ -25,7 +33,7 @@ rustPlatform.buildRustPackage rec { cargoHash = "sha256-1WjZbmZFPB1+QYpjqq5Y+fDkMZNmWJYIxmMFWg7Tiac="; - nativeBuildInputs = [ pkg-config makeBinaryWrapper ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ icu fontconfig harfbuzz openssl ] ++ lib.optionals stdenv.isDarwin (with darwin.apple_sdk.frameworks; [ ApplicationServices Cocoa Foundation ]); @@ -33,13 +41,14 @@ rustPlatform.buildRustPackage rec { # workaround for https://github.com/NixOS/nixpkgs/issues/166205 NIX_LDFLAGS = lib.optionalString (stdenv.cc.isClang && stdenv.cc.libcxx != null) " -l${stdenv.cc.libcxx.cxxabi.libName}"; - postInstall = lib.optionalString stdenv.isLinux '' + postInstall = '' + # Makes it possible to automatically use the V2 CLI API + ln -s $out/bin/tectonic $out/bin/nextonic + '' + lib.optionalString stdenv.isLinux '' substituteInPlace dist/appimage/tectonic.desktop \ --replace Exec=tectonic Exec=$out/bin/tectonic install -D dist/appimage/tectonic.desktop -t $out/share/applications/ install -D dist/appimage/tectonic.svg -t $out/share/icons/hicolor/scalable/apps/ - - ln -s $out/bin/tectonic $out/bin/nextonic ''; doCheck = true; @@ -50,6 +59,6 @@ rustPlatform.buildRustPackage rec { changelog = "https://github.com/tectonic-typesetting/tectonic/blob/tectonic@${version}/CHANGELOG.md"; license = with licenses; [ mit ]; mainProgram = "tectonic"; - maintainers = with maintainers; [ lluchs doronbehar ]; + maintainers = with maintainers; [ lluchs doronbehar bryango ]; }; } diff --git a/pkgs/tools/typesetting/tectonic/wrapper.nix b/pkgs/tools/typesetting/tectonic/wrapper.nix new file mode 100644 index 000000000000..5a4dc47e37a2 --- /dev/null +++ b/pkgs/tools/typesetting/tectonic/wrapper.nix @@ -0,0 +1,56 @@ +{ lib +, symlinkJoin +, tectonic-unwrapped +, biber-for-tectonic +, makeWrapper +}: + +symlinkJoin { + name = "${tectonic-unwrapped.pname}-wrapped-${tectonic-unwrapped.version}"; + paths = [ tectonic-unwrapped ]; + + nativeBuildInputs = [ makeWrapper ]; + + passthru = { + unwrapped = tectonic-unwrapped; + biber = biber-for-tectonic; + }; + + # Replace the unwrapped tectonic with the one wrapping it with biber + postBuild = '' + rm $out/bin/{tectonic,nextonic} + '' + # Ideally, we would have liked to also pin the version of the online TeX + # bundle that Tectonic's developer distribute, so that the `biber` version + # and the `biblatex` version distributed from there are compatible. + # However, that is not currently possible, due to lack of upstream support + # for specifying this in runtime, there were 2 suggestions sent upstream + # that suggested a way of improving the situation: + # + # - https://github.com/tectonic-typesetting/tectonic/pull/1132 + # - https://github.com/tectonic-typesetting/tectonic/pull/1131 + # + # The 1st suggestion seems more promising as it'd allow us to simply use + # makeWrapper's --add-flags option. However, the PR linked above is not + # complete, and as of currently, upstream hasn't even reviewed it, or + # commented on the idea. + # + # Note also that upstream has announced that they will put less time and + # energy for the project: + # + # https://github.com/tectonic-typesetting/tectonic/discussions/1122 + # + # Hence, we can be rather confident that for the near future, the online + # TeX bundle won't be updated and hence the biblatex distributed there + # won't require a higher version of biber. + + '' + makeWrapper ${lib.getBin tectonic-unwrapped}/bin/tectonic $out/bin/tectonic \ + --prefix PATH : "${lib.getBin biber-for-tectonic}/bin" + ln -s $out/bin/tectonic $out/bin/nextonic + ''; + + meta = tectonic-unwrapped.meta // { + description = "Tectonic TeX/LaTeX engine, wrapped with a compatible biber"; + maintainers = with lib.maintainers; [ doronbehar bryango ]; + }; +} diff --git a/pkgs/tools/virtualization/cri-tools/default.nix b/pkgs/tools/virtualization/cri-tools/default.nix index b57ce3abb168..70991742e789 100644 --- a/pkgs/tools/virtualization/cri-tools/default.nix +++ b/pkgs/tools/virtualization/cri-tools/default.nix @@ -6,13 +6,13 @@ buildGoModule rec { pname = "cri-tools"; - version = "1.28.0"; + version = "1.29.0"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "v${version}"; - sha256 = "sha256-inw4bPeObMlwtgFLR/8+tqRKTkcViZeEFZ1MOm0HYI4="; + sha256 = "sha256-64vjN0tm6P+nXjrNPeTviXOQdibuH7YbQm/LjYLxatM="; }; vendorHash = null; diff --git a/pkgs/tools/virtualization/mininet/default.nix b/pkgs/tools/virtualization/mininet/default.nix index c33389861dd0..3d7339bf56b6 100644 --- a/pkgs/tools/virtualization/mininet/default.nix +++ b/pkgs/tools/virtualization/mininet/default.nix @@ -1,11 +1,38 @@ { stdenv, lib, fetchFromGitHub +, runCommand , which , python3 , help2man +, makeWrapper +, ethtool +, inetutils +, iperf +, iproute2 +, nettools +, socat }: let pyEnv = python3.withPackages(ps: [ ps.setuptools ]); + + telnet = runCommand "inetutils-telnet" + { } + '' + mkdir -p "$out/bin" + ln -s "${inetutils}"/bin/telnet "$out/bin" + ''; + + generatedPath = lib.makeSearchPath "bin" [ + iperf + ethtool + iproute2 + socat + # mn errors out without a telnet binary + # pkgs.inetutils brings an undesired ifconfig into PATH see #43105 + nettools + telnet + ]; + in stdenv.mkDerivation rec { pname = "mininet"; @@ -24,7 +51,7 @@ stdenv.mkDerivation rec { makeFlags = [ "PREFIX=$(out)" ]; pythonPath = [ python3.pkgs.setuptools ]; - nativeBuildInputs = [ help2man ]; + nativeBuildInputs = [ help2man makeWrapper python3.pkgs.wrapPython ]; propagatedBuildInputs = [ python3 which ]; @@ -33,7 +60,18 @@ stdenv.mkDerivation rec { preInstall = '' mkdir -p $out $py # without --root, install fails - ${pyEnv.interpreter} setup.py install --root="/" --prefix=$py + "${pyEnv.interpreter}" setup.py install \ + --root="/" \ + --prefix="$py" \ + --install-scripts="$out/bin" + ''; + + postFixup = '' + wrapPythonProgramsIn "$out/bin" "$py $pythonPath" + wrapProgram "$out/bin/mnexec" \ + --prefix PATH : "${generatedPath}" + wrapProgram "$out/bin/mn" \ + --prefix PATH : "${generatedPath}" ''; doCheck = false; diff --git a/pkgs/tools/virtualization/mkosi/default.nix b/pkgs/tools/virtualization/mkosi/default.nix index c996a5c1124c..bb823b516977 100644 --- a/pkgs/tools/virtualization/mkosi/default.nix +++ b/pkgs/tools/virtualization/mkosi/default.nix @@ -6,6 +6,10 @@ , bubblewrap , systemd , pandoc +, kmod +, gnutar +, util-linux +, cpio # Python packages , setuptools @@ -84,8 +88,12 @@ buildPythonApplication rec { ]; propagatedBuildInputs = [ - systemdForMkosi bubblewrap + cpio + gnutar + kmod + systemdForMkosi + util-linux ] ++ lib.optional withQemu [ qemu ]; |