diff options
Diffstat (limited to 'pkgs')
-rw-r--r-- | pkgs/applications/audio/cmusfm/default.nix | 36 | ||||
-rw-r--r-- | pkgs/build-support/setup-hooks/auto-patchelf.sh | 13 | ||||
-rw-r--r-- | pkgs/desktops/gnustep/libobjc2/default.nix | 1 | ||||
-rw-r--r-- | pkgs/development/haskell-modules/configuration-common.nix | 1 | ||||
-rw-r--r-- | pkgs/development/libraries/grpc/default.nix | 2 | ||||
-rw-r--r-- | pkgs/development/libraries/gsasl/default.nix | 2 | ||||
-rw-r--r-- | pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch | 13 | ||||
-rw-r--r-- | pkgs/development/libraries/libid3tag/default.nix | 5 | ||||
-rw-r--r-- | pkgs/development/r-modules/default.nix | 4 | ||||
-rw-r--r-- | pkgs/development/tools/jq/darwin-strptime-test.patch | 16 | ||||
-rw-r--r-- | pkgs/development/tools/jq/default.nix | 20 | ||||
-rw-r--r-- | pkgs/development/tools/pyre/default.nix | 55 | ||||
-rw-r--r-- | pkgs/development/tools/rust/cargo-asm/default.nix | 4 | ||||
-rw-r--r-- | pkgs/games/gemrb/default.nix | 5 | ||||
-rw-r--r-- | pkgs/tools/package-management/nix-du/default.nix | 14 | ||||
-rw-r--r-- | pkgs/top-level/all-packages.nix | 6 |
16 files changed, 116 insertions, 81 deletions
diff --git a/pkgs/applications/audio/cmusfm/default.nix b/pkgs/applications/audio/cmusfm/default.nix new file mode 100644 index 000000000000..e528e9699a73 --- /dev/null +++ b/pkgs/applications/audio/cmusfm/default.nix @@ -0,0 +1,36 @@ +{ stdenv, fetchFromGitHub, autoreconfHook, pkgconfig, curl, libnotify, gdk_pixbuf }: + +stdenv.mkDerivation rec { + version = "2018-10-11"; + name = "cmusfm-unstable-${version}"; + src = fetchFromGitHub { + owner = "Arkq"; + repo = "cmusfm"; + rev = "ad2fd0aad3f4f1a25add1b8c2f179e8859885873"; + sha256 = "0wpwdwgyrp64nvwc6shy0n387p31j6aw6cnmfi9x2y1jhl5hbv6b"; + }; + # building + configureFlags = [ "--enable-libnotify" ]; + nativeBuildInputs = [ autoreconfHook pkgconfig ]; + buildInputs = [ curl libnotify gdk_pixbuf ]; + + meta = with stdenv.lib; { + description = "Last.fm and Libre.fm standalone scrobbler for the cmus music player"; + longDescription = '' + Features: + + Listening now notification support + + Off-line played track cache for later submission + + POSIX ERE-based file name parser + + Desktop notification support (optionally) + + Customizable scrobbling service + + Small memory footprint + Configuration: + + run `cmusfm init` to generate configuration file under ~/.config/cmus/cmusfm.conf + + Inside cmus run `:set status_display_program=cmusfm` to set up cmusfm + ''; + homepage = https://github.com/Arkq/cmusfm/; + maintainers = with stdenv.lib.maintainers; [ CharlesHD ]; + license = licenses.gpl3Plus; + platforms = platforms.linux ++ platforms.darwin; + }; +} diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.sh b/pkgs/build-support/setup-hooks/auto-patchelf.sh index 7c165627f72e..d1ae317ff9a4 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.sh +++ b/pkgs/build-support/setup-hooks/auto-patchelf.sh @@ -7,7 +7,16 @@ gatherLibraries() { addEnvHooks "$targetOffset" gatherLibraries isExecutable() { - readelf -h "$1" 2> /dev/null | grep -q '^ *Type: *EXEC\>' + # For dynamically linked ELF files it would be enough to check just for the + # INTERP section. However, we won't catch statically linked executables as + # they only have an ELF type of EXEC but no INTERP. + # + # So what we do here is just check whether *either* the ELF type is EXEC + # *or* there is an INTERP section. This also catches position-independent + # executables, as they typically have an INTERP section but their ELF type + # is DYN. + LANG=C readelf -h -l "$1" 2> /dev/null \ + | grep -q '^ *Type: *EXEC\>\|^ *INTERP\>' } # We cache dependencies so that we don't need to search through all of them on @@ -157,7 +166,7 @@ autoPatchelf() { isELF "$file" || continue if isExecutable "$file"; then # Skip if the executable is statically linked. - readelf -l "$file" | grep -q "^ *INTERP\\>" || continue + LANG=C readelf -l "$file" | grep -q "^ *INTERP\\>" || continue fi autoPatchelfFile "$file" done < <(find "$prefix" -type f -print0) diff --git a/pkgs/desktops/gnustep/libobjc2/default.nix b/pkgs/desktops/gnustep/libobjc2/default.nix index a3e718187c7f..3aba235b3a79 100644 --- a/pkgs/desktops/gnustep/libobjc2/default.nix +++ b/pkgs/desktops/gnustep/libobjc2/default.nix @@ -24,5 +24,6 @@ stdenv.mkDerivation rec { license = licenses.mit; maintainers = with maintainers; [ ashalkhakov matthewbauer ]; platforms = platforms.unix; + badPlatforms = [ "aarch64-linux" ]; }; } diff --git a/pkgs/development/haskell-modules/configuration-common.nix b/pkgs/development/haskell-modules/configuration-common.nix index 2c9d9d307ae3..56ffd6ee54ee 100644 --- a/pkgs/development/haskell-modules/configuration-common.nix +++ b/pkgs/development/haskell-modules/configuration-common.nix @@ -370,6 +370,7 @@ self: super: { safecopy = dontCheck super.safecopy; sai-shape-syb = dontCheck super.sai-shape-syb; scp-streams = dontCheck super.scp-streams; + sdl2 = dontCheck super.sdl2; # the test suite needs an x server sdl2-ttf = dontCheck super.sdl2-ttf; # as of version 0.2.1, the test suite requires user intervention separated = dontCheck super.separated; shadowsocks = dontCheck super.shadowsocks; diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index a21e2aacde2a..e568ea9eb650 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -26,6 +26,8 @@ stdenv.mkDerivation rec { rm -vf BUILD ''; + NIX_CFLAGS_COMPILE = "-Wno-error=unknown-warning-option"; + enableParallelBuilds = true; meta = with stdenv.lib; { diff --git a/pkgs/development/libraries/gsasl/default.nix b/pkgs/development/libraries/gsasl/default.nix index 71da2c716f84..a1df933149fd 100644 --- a/pkgs/development/libraries/gsasl/default.nix +++ b/pkgs/development/libraries/gsasl/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { configureFlags = [ "--with-gssapi-impl=mit" ]; - doCheck = true; + doCheck = !stdenv.hostPlatform.isDarwin; meta = { description = "GNU SASL, Simple Authentication and Security Layer library"; diff --git a/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch b/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch new file mode 100644 index 000000000000..b1f9d0978cec --- /dev/null +++ b/pkgs/development/libraries/libid3tag/CVE-2017-11550-and-CVE-2017-11551.patch @@ -0,0 +1,13 @@ +Common subdirectories: libid3tag-0.15.1b/msvc++ and libid3tag-0.15.1b-patched/msvc++ +diff -uwp libid3tag-0.15.1b/utf16.c libid3tag-0.15.1b-patched/utf16.c +--- libid3tag-0.15.1b/utf16.c 2004-01-23 10:41:32.000000000 +0100 ++++ libid3tag-0.15.1b-patched/utf16.c 2018-11-01 13:12:00.866050641 +0100 +@@ -250,6 +250,8 @@ id3_ucs4_t *id3_utf16_deserialize(id3_by + id3_ucs4_t *ucs4; + + end = *ptr + (length & ~1); ++ if (end == *ptr) ++ return 0; + + utf16 = malloc((length / 2 + 1) * sizeof(*utf16)); + if (utf16 == 0) diff --git a/pkgs/development/libraries/libid3tag/default.nix b/pkgs/development/libraries/libid3tag/default.nix index 0289a5331f89..4b7d9bdc2e32 100644 --- a/pkgs/development/libraries/libid3tag/default.nix +++ b/pkgs/development/libraries/libid3tag/default.nix @@ -14,7 +14,10 @@ stdenv.mkDerivation rec { propagatedBuildInputs = [ zlib gperf ]; - patches = [ ./debian-patches.patch ]; + patches = [ + ./debian-patches.patch + ./CVE-2017-11550-and-CVE-2017-11551.patch + ]; preConfigure = '' configureFlagsArray+=( diff --git a/pkgs/development/r-modules/default.nix b/pkgs/development/r-modules/default.nix index f40c0fcb5592..428d6c60546e 100644 --- a/pkgs/development/r-modules/default.nix +++ b/pkgs/development/r-modules/default.nix @@ -942,6 +942,10 @@ let PKGCONFIG_LIBS = "-Wl,-rpath,${pkgs.openssl.out}/lib -L${pkgs.openssl.out}/lib -L${pkgs.cyrus_sasl.out}/lib -L${pkgs.zlib.out}/lib -lssl -lcrypto -lsasl2 -lz"; }); + ps = old.ps.overrideDerivation (attrs: { + preConfigure = "patchShebangs configure"; + }); + rlang = old.rlang.overrideDerivation (attrs: { preConfigure = "patchShebangs configure"; }); diff --git a/pkgs/development/tools/jq/darwin-strptime-test.patch b/pkgs/development/tools/jq/darwin-strptime-test.patch deleted file mode 100644 index 4ea83fc164a3..000000000000 --- a/pkgs/development/tools/jq/darwin-strptime-test.patch +++ /dev/null @@ -1,16 +0,0 @@ -diff --git a/tests/jq.test b/tests/jq.test -index 4a4018b..f5aa7d5 100644 ---- a/src/tests/jq.test -+++ b/src/tests/jq.test -@@ -1144,9 +1144,9 @@ bsearch(4) - [1,2,3] - -4 - --[strptime("%Y-%m-%dT%H:%M:%SZ")|(.,mktime)] -+[strptime("%Y-%m-%dT%H:%M:%SZ")|mktime] - "2015-03-05T23:51:47Z" --[[2015,2,5,23,51,47,4,63],1425599507] -+[1425599507] - - strftime("%Y-%m-%dT%H:%M:%SZ") - [2015,2,5,23,51,47,4,63] diff --git a/pkgs/development/tools/jq/default.nix b/pkgs/development/tools/jq/default.nix index 712ec64bd416..b7b2b5066b9f 100644 --- a/pkgs/development/tools/jq/default.nix +++ b/pkgs/development/tools/jq/default.nix @@ -2,33 +2,17 @@ stdenv.mkDerivation rec { name = "jq-${version}"; - version="1.5"; + version="1.6"; src = fetchurl { url="https://github.com/stedolan/jq/releases/download/jq-${version}/jq-${version}.tar.gz"; - sha256="0g29kyz4ykasdcrb0zmbrp2jqs9kv1wz9swx849i2d1ncknbzln4"; + sha256="1a76f46a652i2g333kfvrl6mp2w7whf6h1yly519izg4y967h9cn"; }; outputs = [ "bin" "doc" "man" "dev" "lib" "out" ]; buildInputs = [ oniguruma ]; - patches = [ - (fetchpatch { - name = "CVE-2015-8863.patch"; - url = https://github.com/stedolan/jq/commit/8eb1367ca44e772963e704a700ef72ae2e12babd.diff; - sha256 = "18bjanzvklfzlzzd690y88725l7iwl4f6wnr429na5pfmircbpvh"; - }) - (fetchpatch { - name = "CVE-2016-4074.patch"; - url = https://patch-diff.githubusercontent.com/raw/stedolan/jq/pull/1214.diff; - sha256 = "1w8bapnyp56di6p9casbfczfn8258rw0z16grydavdjddfm280l9"; - }) - ] - ++ stdenv.lib.optional stdenv.isDarwin ./darwin-strptime-test.patch; - - patchFlags = [ "-p2" ]; # `src` subdir was introduced after v1.5 was released - configureFlags = [ "--bindir=\${bin}/bin" diff --git a/pkgs/development/tools/pyre/default.nix b/pkgs/development/tools/pyre/default.nix index 99e53610c01c..382e733cb98b 100644 --- a/pkgs/development/tools/pyre/default.nix +++ b/pkgs/development/tools/pyre/default.nix @@ -1,9 +1,15 @@ { stdenv, fetchFromGitHub, ocamlPackages, makeWrapper, writeScript -, dune, python3, rsync, fetchpatch }: +, dune, python3, rsync, fetchpatch, buck }: let # Manually set version - the setup script requires # hg and git + keeping the .git directory around. - pyre-version = "0.0.14"; + pyre-version = "0.0.17"; # also change typeshed revision below with $pyre-src/.typeshed-version + pyre-src = fetchFromGitHub { + owner = "facebook"; + repo = "pyre-check"; + rev = "v${pyre-version}"; + sha256 = "0y86a3g5xbgh0byksyx5jw7yq7w840x85dhz9inz6mkg5j06mcis"; + }; versionFile = writeScript "version.ml" '' cat > "./version.ml" <<EOF open Core @@ -20,12 +26,7 @@ let pyre-bin = stdenv.mkDerivation { name = "pyre-${pyre-version}"; - src = fetchFromGitHub { - owner = "facebook"; - repo = "pyre-check"; - rev = "v${pyre-version}"; - sha256 = "0c8xzaa3ljqb6llr041sydw0l4xqn7x21nw9vaymdxh35nx9bp2v"; - }; + src = pyre-src; nativeBuildInputs = [ makeWrapper ]; @@ -49,7 +50,6 @@ let export HOME=. # "external" because https://github.com/facebook/pyre-check/pull/8/files - cp Makefile.template Makefile sed "s/%VERSION%/external/" dune.in > dune cp ${versionFile} ./scripts/generate-version-number.sh @@ -77,20 +77,18 @@ let description = "A performant type-checker for Python 3"; homepage = https://pyre-check.org; license = licenses.mit; - platforms = with platforms; linux; + platforms = ocamlPackages.ocaml.meta.platforms; maintainers = with maintainers; [ teh ]; }; }; typeshed = stdenv.mkDerivation { name = "typeshed"; - # typeshed doesn't have versions, it seems to be synchronized with - # mypy relases. I'm assigning a random version here (same as pyre). version = pyre-version; src = fetchFromGitHub { owner = "python"; repo = "typeshed"; - rev = "a08c6ea"; - sha256 = "0wy8yh43vhyyc4g7iqnmlj66kz5in02y5qc0c4jdckhpa3mchaqk"; + rev = "bc3f9fe1d3c43b00c04cedb23e0eeebc9e1734b6"; + sha256 = "06b2kj4n49h4sgi8hn5kalmir8llhanfdc7f1924cxvrkj5ry94b"; }; phases = [ "unpackPhase" "installPhase" ]; installPhase = "cp -r $src $out"; @@ -98,19 +96,8 @@ typeshed = stdenv.mkDerivation { in python3.pkgs.buildPythonApplication rec { pname = "pyre-check"; version = pyre-version; - src = fetchFromGitHub { - owner = "facebook"; - repo = "pyre-check"; - rev = "v${pyre-version}"; - sha256 = "0ig7bx2kfn2kbxw74wysh5365yp5gyby42l9l29iclrzdghgk32l"; - }; - patches = [ - (fetchpatch { - url = "https://github.com/facebook/pyre-check/commit/b473d2ed9fc11e7c1cd0c7b8c42f521e5cdc2003.patch"; - sha256 = "05xvyp7j4n6z92bxf64rxfq5pvaadxgx1c8c5qziy75vdz72lkcy"; - }) - ./pyre-bdist-wheel.patch - ]; + src = pyre-src; + patches = [ ./pyre-bdist-wheel.patch ]; # The build-pypi-package script does some funky stuff with build # directories - easier to patch it a bit than to replace it @@ -119,15 +106,21 @@ in python3.pkgs.buildPythonApplication rec { mkdir ./build substituteInPlace scripts/build-pypi-package.sh \ --replace 'NIX_BINARY_FILE' '${pyre-bin}/bin/pyre.bin' \ - --replace 'BUILD_ROOT="$(mktemp -d)"' "BUILD_ROOT=$(pwd)/build" + --replace 'BUILD_ROOT="$(mktemp -d)"' "BUILD_ROOT=$PWD/build" + substituteInPlace client/buck.py \ + --replace '"buck"' '"${buck}/bin/buck"' + substituteInPlace client/tests/buck_test.py \ + --replace '"buck"' '"${buck}/bin/buck"' ''; - buildInputs = [ pyre-bin rsync ]; + buildInputs = [ pyre-bin ]; + nativeBuildInputs = [ rsync ]; # only required for build-pypi-package.sh propagatedBuildInputs = with python3.pkgs; [ docutils typeshed ]; buildPhase = '' bash scripts/build-pypi-package.sh --version ${pyre-version} --bundle-typeshed ${typeshed} cp -r build/dist dist ''; - - doCheck = false; # can't open file 'nix_run_setup': + checkPhase = '' + bash scripts/run-python-tests.sh + ''; } diff --git a/pkgs/development/tools/rust/cargo-asm/default.nix b/pkgs/development/tools/rust/cargo-asm/default.nix index ca793bf49080..246f5b18843c 100644 --- a/pkgs/development/tools/rust/cargo-asm/default.nix +++ b/pkgs/development/tools/rust/cargo-asm/default.nix @@ -1,4 +1,4 @@ -{ stdenv, fetchFromGitHub, rustPlatform }: +{ stdenv, fetchFromGitHub, rustPlatform, Security }: rustPlatform.buildRustPackage rec { name = "cargo-asm-${version}"; @@ -13,6 +13,8 @@ rustPlatform.buildRustPackage rec { cargoSha256 = "1m2j6i8hc8isdlj77gv9m6sk6q0x3bvzpva2k16g27i1ngy1989b"; + buildInputs = stdenv.lib.optional stdenv.isDarwin Security; + # Test checks against machine code output, which fails with some # LLVM/compiler versions. doCheck = false; diff --git a/pkgs/games/gemrb/default.nix b/pkgs/games/gemrb/default.nix index 0e9025259224..fc7bf7168ddf 100644 --- a/pkgs/games/gemrb/default.nix +++ b/pkgs/games/gemrb/default.nix @@ -1,5 +1,6 @@ { stdenv, fetchFromGitHub, cmake -, freetype, SDL2, SDL2_mixer, openal, zlib, libpng, python, libvorbis }: +, freetype, SDL2, SDL2_mixer, openal, zlib, libpng, python, libvorbis +, libiconv }: stdenv.mkDerivation rec { name = "gemrb-${version}"; @@ -13,7 +14,7 @@ stdenv.mkDerivation rec { }; # TODO: make libpng, libvorbis, sdl_mixer, freetype, vlc, glew (and other gl reqs) optional - buildInputs = [ freetype python openal SDL2 SDL2_mixer zlib libpng libvorbis ]; + buildInputs = [ freetype python openal SDL2 SDL2_mixer zlib libpng libvorbis libiconv ]; nativeBuildInputs = [ cmake ]; diff --git a/pkgs/tools/package-management/nix-du/default.nix b/pkgs/tools/package-management/nix-du/default.nix index 24672296506d..59ec714261b1 100644 --- a/pkgs/tools/package-management/nix-du/default.nix +++ b/pkgs/tools/package-management/nix-du/default.nix @@ -1,25 +1,23 @@ -{ stdenv, fetchFromGitHub, rustPlatform, nix, boost, graphviz }: +{ stdenv, fetchFromGitHub, rustPlatform, nix, boost, graphviz, darwin }: rustPlatform.buildRustPackage rec { name = "nix-du-${version}"; - version = "0.2.0"; + version = "0.3.0"; src = fetchFromGitHub { owner = "symphorien"; repo = "nix-du"; rev = "v${version}"; - sha256 = "1n1qgqjbwbb59xnzgz0dn8h8pckh6yq3crh0w6x2sngijwh678x8"; + sha256 = "1x6qpivxbn94034jfdxb97xi97fhcdv2z7llq2ccfc80mgd0gz8l"; }; - cargoSha256 = "1qidbrkdpf4kliyvy2040qi3a67s8mr2r46rjcblr1v2gar0xgs0"; + cargoSha256 = "0sva4lnhccm6ly7pa6m99s3fqkmh1dzv7r2727nsg2f55prd4kxc"; - # switch to true when nix includes https://github.com/NixOS/nix/pull/2223 and - # https://github.com/NixOS/nix/pull/2234 - doCheck = false; + doCheck = true; checkInputs = [ graphviz ]; buildInputs = [ boost nix - ]; + ] ++ stdenv.lib.optional stdenv.isDarwin darwin.apple_sdk.frameworks.Security; meta = with stdenv.lib; { description = "A tool to determine which gc-roots take space in your nix store"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 62cef2d50689..f214f7043b89 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -7357,7 +7357,9 @@ with pkgs; cargo-tree = callPackage ../tools/package-management/cargo-tree { }; cargo-update = callPackage ../tools/package-management/cargo-update { }; - cargo-asm = callPackage ../development/tools/rust/cargo-asm { }; + cargo-asm = callPackage ../development/tools/rust/cargo-asm { + inherit (darwin.apple_sdk.frameworks) Security; + }; cargo-fuzz = callPackage ../development/tools/rust/cargo-fuzz { }; pyo3-pack = callPackage ../development/tools/rust/pyo3-pack { }; @@ -16052,6 +16054,8 @@ with pkgs; pulseaudioSupport = config.pulseaudio or false; }; + cmusfm = callPackage ../applications/audio/cmusfm { }; + cni = callPackage ../applications/networking/cluster/cni {}; cni-plugins = callPackage ../applications/networking/cluster/cni/plugins.nix {}; |