diff options
Diffstat (limited to 'pkgs')
163 files changed, 1097 insertions, 652 deletions
diff --git a/pkgs/applications/editors/vim/common.nix b/pkgs/applications/editors/vim/common.nix index 83d61b37bfc6..b392cc0aa565 100644 --- a/pkgs/applications/editors/vim/common.nix +++ b/pkgs/applications/editors/vim/common.nix @@ -1,12 +1,12 @@ { lib, fetchFromGitHub }: rec { - version = "9.0.2048"; + version = "9.0.2116"; src = fetchFromGitHub { owner = "vim"; repo = "vim"; rev = "v${version}"; - hash = "sha256-zR2iPiD4/gf5BnxYoe3cx2ebGWE1P2bY4Cg15gveFgg="; + hash = "sha256-ZKcNg/RrjvEsxpIcTjzQYi1xig3zLeTV+PXaBb4gUuM="; }; enableParallelBuilding = true; diff --git a/pkgs/applications/editors/vis/default.nix b/pkgs/applications/editors/vis/default.nix index f4d25b8547f4..479a475e0741 100644 --- a/pkgs/applications/editors/vis/default.nix +++ b/pkgs/applications/editors/vis/default.nix @@ -30,10 +30,6 @@ stdenv.mkDerivation rec { libselinux ]; - postPatch = '' - patchShebangs ./configure - ''; - postInstall = '' wrapProgram $out/bin/vis \ --prefix LUA_CPATH ';' "${luaEnv}/lib/lua/${lua.luaversion}/?.so" \ diff --git a/pkgs/applications/graphics/krita/default.nix b/pkgs/applications/graphics/krita/default.nix index 67d9774a35a9..c8d1fea0b78c 100644 --- a/pkgs/applications/graphics/krita/default.nix +++ b/pkgs/applications/graphics/krita/default.nix @@ -1,7 +1,7 @@ { callPackage, ... }: callPackage ./generic.nix { - version = "5.1.5"; + version = "5.2.0"; kde-channel = "stable"; - sha256 = "1lx4x4affkbh47b7w5qvahkkr4db0vcw6h24nykak6gpy2z5wxqw"; + hash = "sha256-02oZc4pZw2dQucx1IuPJslWQGjOqwGmgeDgnUIqKkpc="; } diff --git a/pkgs/applications/graphics/krita/generic.nix b/pkgs/applications/graphics/krita/generic.nix index 8bf6e26ab9d2..6846997a05df 100644 --- a/pkgs/applications/graphics/krita/generic.nix +++ b/pkgs/applications/graphics/krita/generic.nix @@ -2,13 +2,14 @@ , karchive, kconfig, kwidgetsaddons, kcompletion, kcoreaddons , kguiaddons, ki18n, kitemmodels, kitemviews, kwindowsystem , kio, kcrash, breeze-icons -, boost, libraw, fftw, eigen, exiv2, libheif, lcms2, gsl, openexr, giflib, libjxl -, openjpeg, opencolorio, xsimd, poppler, curl, ilmbase, libmypaint, libwebp -, qtmultimedia, qtx11extras, quazip +, boost, libraw, fftw, eigen, exiv2, fribidi, libaom, libheif, libkdcraw, lcms2, gsl, openexr, giflib +, libjxl, mlt , openjpeg, opencolorio, xsimd, poppler, curl, ilmbase, immer, kseexpr, lager +, libmypaint , libunibreak, libwebp +, qtmultimedia, qtx11extras, quazip, SDL2, zug, pkg-config , python3Packages , version , kde-channel -, sha256 +, hash }: mkDerivation rec { @@ -17,16 +18,11 @@ mkDerivation rec { src = fetchurl { url = "mirror://kde/${kde-channel}/krita/${version}/krita-${version}.tar.gz"; - inherit sha256; + inherit hash; }; patches = [ (fetchpatch { - name = "exiv2-0.28.patch"; - url = "https://gitlab.archlinux.org/archlinux/packaging/packages/krita/-/raw/acd9a818660e86b14a66fceac295c2bab318c671/exiv2-0.28.patch"; - hash = "sha256-iD2pyid513ThJVeotUlVDrwYANofnEiZmWINNUm/saw="; - }) - (fetchpatch { name = "krita-opencolorio-2.3-compat.patch"; url = "https://invent.kde.org/graphics/krita/-/commit/520c633c2c868f2236d8e56eefecdcb6e3ebd840.patch"; hash = "sha256-eXsgBN8OnKjZOQsOxViPypts6CVh3L+IYKMB/mDUcfQ="; @@ -34,16 +30,15 @@ mkDerivation rec { }) ]; - nativeBuildInputs = [ cmake extra-cmake-modules python3Packages.sip makeWrapper ]; + nativeBuildInputs = [ cmake extra-cmake-modules pkg-config python3Packages.sip makeWrapper ]; buildInputs = [ karchive kconfig kwidgetsaddons kcompletion kcoreaddons kguiaddons ki18n kitemmodels kitemviews kwindowsystem kio kcrash breeze-icons - boost libraw fftw eigen exiv2 lcms2 gsl openexr libheif giflib libjxl - openjpeg opencolorio poppler curl ilmbase libmypaint libwebp - qtmultimedia qtx11extras quazip + boost libraw fftw eigen exiv2 fribidi lcms2 gsl openexr lager libaom libheif libkdcraw giflib + libjxl mlt openjpeg opencolorio xsimd poppler curl ilmbase immer kseexpr libmypaint + libunibreak libwebp qtmultimedia qtx11extras quazip SDL2 zug python3Packages.pyqt5 - xsimd ]; env.NIX_CFLAGS_COMPILE = toString ([ "-I${ilmbase.dev}/include/OpenEXR" ] @@ -58,6 +53,9 @@ mkDerivation rec { --replace 'PYTHONPATH=''${_sip_python_path}' 'PYTHONPATH=${pythonPath}' substituteInPlace cmake/modules/SIPMacros.cmake \ --replace 'PYTHONPATH=''${_krita_python_path}' 'PYTHONPATH=${pythonPath}' + + substituteInPlace plugins/impex/jp2/jp2_converter.cc \ + --replace '<openjpeg.h>' '<${openjpeg.incDir}/openjpeg.h>' ''; cmakeBuildType = "RelWithDebInfo"; @@ -65,6 +63,7 @@ mkDerivation rec { cmakeFlags = [ "-DPYQT5_SIP_DIR=${python3Packages.pyqt5}/${python3Packages.python.sitePackages}/PyQt5/bindings" "-DPYQT_SIP_DIR_OVERRIDE=${python3Packages.pyqt5}/${python3Packages.python.sitePackages}/PyQt5/bindings" + "-DBUILD_KRITA_QT_DESIGNER_PLUGINS=ON" ]; preInstall = '' diff --git a/pkgs/applications/misc/mupdf/default.nix b/pkgs/applications/misc/mupdf/default.nix index db08bd5c14ce..e4bf829191e3 100644 --- a/pkgs/applications/misc/mupdf/default.nix +++ b/pkgs/applications/misc/mupdf/default.nix @@ -60,12 +60,12 @@ let in stdenv.mkDerivation rec { - version = "1.23.5"; + version = "1.23.6"; pname = "mupdf"; src = fetchurl { url = "https://mupdf.com/downloads/archive/${pname}-${version}-source.tar.gz"; - sha256 = "sha256-blZ5zfqu+cfoniljlSIM4sEz7T3K1RpHhmczbG6uxwY="; + sha256 = "sha256-rBHrhZ3UBEiOUVPNyWUbtDQeW6r007Pyfir8gvmq3Ck="; }; patches = [ ./0001-Use-command-v-in-favor-of-which.patch diff --git a/pkgs/applications/networking/browsers/firefox-bin/default.nix b/pkgs/applications/networking/browsers/firefox-bin/default.nix index 164851bc2756..56d21187ebb2 100644 --- a/pkgs/applications/networking/browsers/firefox-bin/default.nix +++ b/pkgs/applications/networking/browsers/firefox-bin/default.nix @@ -20,7 +20,6 @@ , runtimeShell , systemLocale ? config.i18n.defaultLocale or "en_US" , patchelfUnstable # have to use patchelfUnstable to support --no-clobber-old-sections -, makeWrapper }: let @@ -58,20 +57,6 @@ let source = lib.findFirst (sourceMatches mozLocale) defaultSource sources; pname = "firefox-${channel}-bin-unwrapped"; - - # FIXME: workaround for not being able to pass flags to patchelf - # Remove after https://github.com/NixOS/nixpkgs/pull/256525 - wrappedPatchelf = stdenv.mkDerivation { - pname = "patchelf-wrapped"; - inherit (patchelfUnstable) version; - - nativeBuildInputs = [ makeWrapper ]; - - buildCommand = '' - mkdir -p $out/bin - makeWrapper ${patchelfUnstable}/bin/patchelf $out/bin/patchelf --append-flags "--no-clobber-old-sections" - ''; - }; in stdenv.mkDerivation { @@ -79,7 +64,7 @@ stdenv.mkDerivation { src = fetchurl { inherit (source) url sha256; }; - nativeBuildInputs = [ wrapGAppsHook autoPatchelfHook wrappedPatchelf ]; + nativeBuildInputs = [ wrapGAppsHook autoPatchelfHook patchelfUnstable ]; buildInputs = [ gtk3 adwaita-icon-theme @@ -95,6 +80,8 @@ stdenv.mkDerivation { appendRunpaths = [ "${pipewire}/lib" ]; + # Firefox uses "relrhack" to manually process relocations from a fixed offset + patchelfFlags = [ "--no-clobber-old-sections" ]; installPhase = '' diff --git a/pkgs/applications/version-management/mercurial/default.nix b/pkgs/applications/version-management/mercurial/default.nix index 29dbe0573422..82417f59352b 100644 --- a/pkgs/applications/version-management/mercurial/default.nix +++ b/pkgs/applications/version-management/mercurial/default.nix @@ -21,11 +21,11 @@ let self = python3Packages.buildPythonApplication rec { pname = "mercurial${lib.optionalString fullBuild "-full"}"; - version = "6.5.2"; + version = "6.5.3"; src = fetchurl { url = "https://mercurial-scm.org/release/mercurial-${version}.tar.gz"; - sha256 = "sha256-r8OdcGeXZZPIMyuOl6Eq/Tk7VQN8X7nDyrGkLHVg9go="; + sha256 = "sha256-LNyB+t4SnPVrEoQXUn8ZC6cv13ZWc5TOVO7XZOZn59U="; }; format = "other"; @@ -35,7 +35,7 @@ let cargoDeps = if rustSupport then rustPlatform.fetchCargoTarball { inherit src; name = "mercurial-${version}"; - sha256 = "sha256-dcyHmLkRadNK30Vv0XsCEaZGTIcF/L29lLe58ggB3Lg="; + sha256 = "sha256-ob81zMUY4AVNIbkFKyImnj7QhHTh7LVOCcGeZDtTAXc="; sourceRoot = "mercurial-${version}/rust"; } else null; cargoRoot = if rustSupport then "rust" else null; diff --git a/pkgs/build-support/bintools-wrapper/default.nix b/pkgs/build-support/bintools-wrapper/default.nix index dd6032fc52cf..525b44fe0480 100644 --- a/pkgs/build-support/bintools-wrapper/default.nix +++ b/pkgs/build-support/bintools-wrapper/default.nix @@ -316,10 +316,10 @@ stdenv.mkDerivation { '' ### - ### Remove LC_UUID + ### Remove certain timestamps from final binaries ### + optionalString (stdenv.targetPlatform.isDarwin && !(bintools.isGNU or false)) '' - echo "-no_uuid" >> $out/nix-support/libc-ldflags-before + echo "export ZERO_AR_DATE=1" >> $out/nix-support/setup-hook '' + '' diff --git a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix index 3500e5e9216f..687cff3f01e2 100644 --- a/pkgs/build-support/build-fhsenv-bubblewrap/default.nix +++ b/pkgs/build-support/build-fhsenv-bubblewrap/default.nix @@ -200,6 +200,7 @@ let # Also, the cache needs to go to both 32 and 64 bit glibcs, for games # of both architectures to work. --tmpfs ${glibc}/etc \ + --tmpfs /etc \ --symlink /etc/ld.so.conf ${glibc}/etc/ld.so.conf \ --symlink /etc/ld.so.cache ${glibc}/etc/ld.so.cache \ --ro-bind ${glibc}/etc/rpc ${glibc}/etc/rpc \ diff --git a/pkgs/build-support/rust/rustc-wrapper/default.nix b/pkgs/build-support/rust/rustc-wrapper/default.nix new file mode 100644 index 000000000000..d6034c08af47 --- /dev/null +++ b/pkgs/build-support/rust/rustc-wrapper/default.nix @@ -0,0 +1,30 @@ +{ lib, runCommand, rustc-unwrapped, sysroot ? null }: + +runCommand "${rustc-unwrapped.pname}-wrapper-${rustc-unwrapped.version}" { + preferLocalBuild = true; + strictDeps = true; + inherit (rustc-unwrapped) outputs; + + env = { + prog = "${rustc-unwrapped}/bin/rustc"; + sysroot = lib.optionalString (sysroot != null) "--sysroot ${sysroot}"; + }; + + passthru = { + inherit (rustc-unwrapped) pname version src llvm llvmPackages; + unwrapped = rustc-unwrapped; + }; + + meta = rustc-unwrapped.meta // { + description = "${rustc-unwrapped.meta.description} (wrapper script)"; + priority = 10; + }; +} '' + mkdir -p $out/bin + ln -s ${rustc-unwrapped}/bin/* $out/bin + rm $out/bin/rustc + substituteAll ${./rustc-wrapper.sh} $out/bin/rustc + chmod +x $out/bin/rustc + ${lib.concatMapStrings (output: "ln -s ${rustc-unwrapped.${output}} \$${output}\n") + (lib.remove "out" rustc-unwrapped.outputs)} +'' diff --git a/pkgs/build-support/rust/rustc-wrapper/rustc-wrapper.sh b/pkgs/build-support/rust/rustc-wrapper/rustc-wrapper.sh new file mode 100644 index 000000000000..a62e35b8736f --- /dev/null +++ b/pkgs/build-support/rust/rustc-wrapper/rustc-wrapper.sh @@ -0,0 +1,16 @@ +#!@shell@ + +extraBefore=(@sysroot@) +extraAfter=($NIX_RUSTFLAGS) + +# Optionally print debug info. +if (( "${NIX_DEBUG:-0}" >= 1 )); then + echo "extra flags before to @prog@:" >&2 + printf " %q\n" "${extraBefore[@]}" >&2 + echo "original flags to @prog@:" >&2 + printf " %q\n" "$@" >&2 + echo "extra flags after to @prog@:" >&2 + printf " %q\n" "${extraAfter[@]}" >&2 +fi + +exec @prog@ "${extraBefore[@]}" "$@" "${extraAfter[@]}" diff --git a/pkgs/build-support/setup-hooks/auto-patchelf.py b/pkgs/build-support/setup-hooks/auto-patchelf.py index 261f55854808..4769179167b3 100644 --- a/pkgs/build-support/setup-hooks/auto-patchelf.py +++ b/pkgs/build-support/setup-hooks/auto-patchelf.py @@ -336,9 +336,12 @@ def main() -> None: ) parser.add_argument( "--extra-args", - nargs="*", + # Undocumented Python argparse feature: consume all remaining arguments + # as values for this one. This means this argument should always be passed + # last. + nargs="...", type=str, - help="Extra arguments to pass to patchelf" + help="Extra arguments to pass to patchelf. This argument should always come last." ) print("automatically fixing dependencies for ELF files") diff --git a/pkgs/build-support/setup-hooks/separate-debug-info.sh b/pkgs/build-support/setup-hooks/separate-debug-info.sh index 3a16ac4fee90..197e8a920b70 100644 --- a/pkgs/build-support/setup-hooks/separate-debug-info.sh +++ b/pkgs/build-support/setup-hooks/separate-debug-info.sh @@ -1,7 +1,7 @@ export NIX_SET_BUILD_ID=1 export NIX_LDFLAGS+=" --compress-debug-sections=zlib" export NIX_CFLAGS_COMPILE+=" -ggdb -Wa,--compress-debug-sections" -export RUSTFLAGS+=" -g" +export NIX_RUSTFLAGS+=" -g" fixupOutputHooks+=(_separateDebugInfo) diff --git a/pkgs/by-name/cm/cmake/package.nix b/pkgs/by-name/cm/cmake/package.nix index 1b8aefd1b911..cc69b4de4ad2 100644 --- a/pkgs/by-name/cm/cmake/package.nix +++ b/pkgs/by-name/cm/cmake/package.nix @@ -46,11 +46,11 @@ stdenv.mkDerivation (finalAttrs: { + lib.optionalString isMinimalBuild "-minimal" + lib.optionalString cursesUI "-cursesUI" + lib.optionalString qt5UI "-qt5UI"; - version = "3.27.7"; + version = "3.27.8"; src = fetchurl { url = "https://cmake.org/files/v${lib.versions.majorMinor finalAttrs.version}/cmake-${finalAttrs.version}.tar.gz"; - hash = "sha256-CPcaEGA2vwUfaSdg75VYwFd8Qqw56Wugl+dmK9QVjY4="; + hash = "sha256-/s4kVj9peHD7uYLqi/F0gsnV+FXYyb8LgkY9dsno0Mw="; }; patches = [ @@ -161,6 +161,12 @@ stdenv.mkDerivation (finalAttrs: { (lib.cmakeBool "BUILD_CursesDialog" cursesUI) ]; + # `pkgsCross.musl64.cmake.override { stdenv = pkgsCross.musl64.llvmPackages_16.libcxxStdenv; }` + # fails with `The C++ compiler does not support C++11 (e.g. std::unique_ptr).` + # The cause is a compiler warning `warning: argument unused during compilation: '-pie' [-Wunused-command-line-argument]` + # interfering with the feature check. + env.NIX_CFLAGS_COMPILE = "-Wno-unused-command-line-argument"; + # make install attempts to use the just-built cmake preInstall = lib.optionalString (stdenv.hostPlatform != stdenv.buildPlatform) '' sed -i 's|bin/cmake|${buildPackages.cmakeMinimal}/bin/cmake|g' Makefile diff --git a/pkgs/by-name/ks/kseexpr/cmake_libdir.patch b/pkgs/by-name/ks/kseexpr/cmake_libdir.patch new file mode 100644 index 000000000000..f98d5bab93cc --- /dev/null +++ b/pkgs/by-name/ks/kseexpr/cmake_libdir.patch @@ -0,0 +1,13 @@ +diff --git a/cmake/kseexpr.pc.in b/cmake/kseexpr.pc.in +index 4b9f15f..fc76153 100644 +--- a/cmake/kseexpr.pc.in ++++ b/cmake/kseexpr.pc.in +@@ -5,7 +5,7 @@ + + # pkg-config file for KSeExpr + prefix=@CMAKE_INSTALL_PREFIX@ +-libdir=${prefix}/@CMAKE_INSTALL_LIBDIR@ ++libdir=@CMAKE_INSTALL_FULL_LIBDIR@ + includedir=${prefix}/include + + Name: KSeExpr diff --git a/pkgs/by-name/ks/kseexpr/package.nix b/pkgs/by-name/ks/kseexpr/package.nix new file mode 100644 index 000000000000..37e29c3a10ed --- /dev/null +++ b/pkgs/by-name/ks/kseexpr/package.nix @@ -0,0 +1,46 @@ +{ lib +, stdenv +, fetchFromGitLab +, cmake +, extra-cmake-modules +, qt5 +, libsForQt5 +, bison +, flex +, llvm +}: + +stdenv.mkDerivation rec { + pname = "kseexpr"; + version = "4.0.4.0"; + src = fetchFromGitLab { + domain = "invent.kde.org"; + owner = "graphics"; + repo = "kseexpr"; + rev = "v${version}"; + hash = "sha256-XjFGAN7kK2b0bLouYG3OhajhOQk4AgC4EQRzseccGCE="; + }; + patches = [ + # see https://github.com/NixOS/nixpkgs/issues/144170 + ./cmake_libdir.patch + ]; + nativeBuildInputs = [ + cmake + extra-cmake-modules + qt5.wrapQtAppsHook + ]; + buildInputs = [ + bison + flex + libsForQt5.ki18n + llvm + qt5.qtbase + ]; + + meta = with lib; { + homepage = "https://invent.kde.org/graphics/kseexpr"; + description = "An embeddable expression evaluation engine"; + maintainers = with maintainers; [ nek0 ]; + license = licenses.lgpl3Plus; + }; +} diff --git a/pkgs/by-name/la/lager/package.nix b/pkgs/by-name/la/lager/package.nix new file mode 100644 index 000000000000..11b7595fcccb --- /dev/null +++ b/pkgs/by-name/la/lager/package.nix @@ -0,0 +1,37 @@ +{ lib +, stdenv +, fetchFromGitHub +, cmake +, pkg-config +, boost +, immer +, zug +}: + +stdenv.mkDerivation rec { + pname = "lager"; + version = "0.1.0"; + src = fetchFromGitHub { + owner = "arximboldi"; + repo = "lager"; + rev = "v${version}"; + hash = "sha256-KTHrVV/186l4klwlcfDwFsKVoOVqWCUPzHnIbWuatbg="; + }; + buildInputs = [ + boost + immer + zug + ]; + nativeBuildInputs = [ + cmake + ]; + cmakeFlags = [ + "-Dlager_BUILD_EXAMPLES=OFF" + ]; + meta = with lib; { + homepage = "https://github.com/arximboldi/lager"; + description = "C++ library for value-oriented design using the unidirectional data-flow architecture — Redux for C++"; + license = licenses.mit; + maintainers = with maintainers; [ nek0 ]; + }; +} diff --git a/pkgs/by-name/ze/zesarux/package.nix b/pkgs/by-name/ze/zesarux/package.nix index e19dd5b60f08..915bfe3905cf 100644 --- a/pkgs/by-name/ze/zesarux/package.nix +++ b/pkgs/by-name/ze/zesarux/package.nix @@ -48,7 +48,7 @@ stdenv.mkDerivation (finalAttrs: { sourceRoot = "${finalAttrs.src.name}/src"; postPatch = '' - patchShebangs ./configure *.sh + patchShebangs *.sh ''; configureFlags = [ diff --git a/pkgs/by-name/zu/zug/package.nix b/pkgs/by-name/zu/zug/package.nix new file mode 100644 index 000000000000..f3356dd51ae6 --- /dev/null +++ b/pkgs/by-name/zu/zug/package.nix @@ -0,0 +1,34 @@ +{ lib +, stdenv +, pkgs +, fetchFromGitHub +, cmake +, boost +}: + + +stdenv.mkDerivation rec { + pname = "zug"; + version = "0.1.0"; + src = fetchFromGitHub { + owner = "arximboldi"; + repo = "zug"; + rev = "v${version}"; + hash = "sha256-7xTMDhPIx1I1PiYNanGUsK8pdrWuemMWM7BW+NQs2BQ="; + }; + nativeBuildInputs = [ + cmake + ]; + buildInputs = [ + boost + ]; + cmakeFlags = [ + "-Dzug_BUILD_EXAMPLES=OFF" + ]; + meta = with lib; { + homepage = "https://github.com/arximboldi/zug"; + description = "library for functional interactive c++ programs"; + maintainers = with maintainers; [ nek0 ]; + license = licenses.boost; + }; +} diff --git a/pkgs/data/documentation/stdman/default.nix b/pkgs/data/documentation/stdman/default.nix index 57e32d864053..adb735c38a1e 100644 --- a/pkgs/data/documentation/stdman/default.nix +++ b/pkgs/data/documentation/stdman/default.nix @@ -14,7 +14,6 @@ stdenv.mkDerivation rec { outputDevdoc = "out"; preConfigure = " - patchShebangs ./configure patchShebangs ./do_install "; diff --git a/pkgs/data/misc/cacert/default.nix b/pkgs/data/misc/cacert/default.nix index d489c23c6b8d..30f2ee38c72f 100644 --- a/pkgs/data/misc/cacert/default.nix +++ b/pkgs/data/misc/cacert/default.nix @@ -1,7 +1,7 @@ { lib , stdenv , writeText -, fetchurl +, fetchFromGitHub , buildcatrust , blacklist ? [] , extraCertificateFiles ? [] @@ -17,20 +17,10 @@ }: let - blocklist = writeText "cacert-blocklist.txt" (lib.concatStringsSep "\n" (blacklist ++ [ - # Mozilla does not trust new certificates issued by these CAs after 2022/11/30¹ - # in their products, but unfortunately we don't have such a fine-grained - # solution for most system packages², so we decided to eject these. - # - # [1] https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ - # [2] https://utcc.utoronto.ca/~cks/space/blog/linux/CARootStoreTrustProblem - "TrustCor ECA-1" - "TrustCor RootCert CA-1" - "TrustCor RootCert CA-2" - ])); + blocklist = writeText "cacert-blocklist.txt" (lib.concatStringsSep "\n" blacklist); extraCertificatesBundle = writeText "cacert-extra-certificates-bundle.crt" (lib.concatStringsSep "\n\n" extraCertificateStrings); - srcVersion = "3.92"; + srcVersion = "3.95"; version = if nssOverride != null then nssOverride.version else srcVersion; meta = with lib; { homepage = "https://curl.haxx.se/docs/caextract.html"; @@ -43,9 +33,11 @@ let pname = "nss-cacert-certdata"; inherit version; - src = if nssOverride != null then nssOverride.src else fetchurl { - url = "mirror://mozilla/security/nss/releases/NSS_${lib.replaceStrings ["."] ["_"] version}_RTM/src/nss-${version}.tar.gz"; - hash = "sha256-PbGS1uiCA5rwKufq8yF+0RS7etg0FMZGdyq4Ah4kolQ="; + src = if nssOverride != null then nssOverride.src else fetchFromGitHub { + owner = "nss-dev"; + repo = "nss"; + rev = "NSS_${lib.replaceStrings ["."] ["_"] version}_RTM"; + hash = "sha256-qgSbzlRbU+gElC2ae3FEGRUFSM1JHd/lNGNXC0x4xt4="; }; dontBuild = true; @@ -54,7 +46,7 @@ let runHook preInstall mkdir $out - cp nss/lib/ckfw/builtins/certdata.txt $out + cp lib/ckfw/builtins/certdata.txt $out runHook postInstall ''; diff --git a/pkgs/data/misc/dns-root-data/default.nix b/pkgs/data/misc/dns-root-data/default.nix index abf945e9df55..1c6121473c74 100644 --- a/pkgs/data/misc/dns-root-data/default.nix +++ b/pkgs/data/misc/dns-root-data/default.nix @@ -6,11 +6,11 @@ let # Original source https://www.internic.net/domain/named.root # occasionally suffers from pointless hash changes, # and having stable sources for older versions has advantages, too. - urls = map (prefix: prefix + "cc5e14a264912/etc/root.hints") [ + urls = map (prefix: prefix + "d9c96ae96f066a85d7/etc/root.hints") [ "https://gitlab.nic.cz/knot/knot-resolver/raw/" "https://raw.githubusercontent.com/CZ-NIC/knot-resolver/" ]; - sha256 = "0vdrff4l8s8grif52dnh091s8qydhh88k25zqd9rj66sf1qwcwxl"; + hash = "sha256-4lG/uPnNHBNIZ/XIeDM1w3iukrpeW0JIjTnGSwkJ8U4="; }; rootKey = ./root.key; @@ -20,7 +20,7 @@ in stdenv.mkDerivation { pname = "dns-root-data"; - version = "2019-01-11"; + version = "2023-11-27"; buildCommand = '' mkdir $out diff --git a/pkgs/data/misc/shared-mime-info/default.nix b/pkgs/data/misc/shared-mime-info/default.nix index 8de13f2eaf36..6bad73e68392 100644 --- a/pkgs/data/misc/shared-mime-info/default.nix +++ b/pkgs/data/misc/shared-mime-info/default.nix @@ -1,7 +1,6 @@ { stdenv , lib , fetchFromGitLab -, fetchpatch , meson , ninja , pkg-config @@ -14,7 +13,7 @@ stdenv.mkDerivation rec { pname = "shared-mime-info"; - version = "2.3"; + version = "2.4"; outputs = [ "out" "dev" ]; @@ -23,15 +22,9 @@ stdenv.mkDerivation rec { owner = "xdg"; repo = pname; rev = version; - sha256 = "sha256-cEfknRVtOJykEO9Iqlb0UoiayYtu+ugvmmZqAD5cGnE="; + hash = "sha256-5eyMkfSBUOD7p8woIYTgz5C/L8uQMXyr0fhL0l23VMA="; }; - patches = [ - # Submitted upstream at - # https://gitlab.freedesktop.org/xdg/shared-mime-info/-/issues/211 - ./fix-clang-warnings.patch - ]; - nativeBuildInputs = [ meson ninja diff --git a/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch b/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch deleted file mode 100644 index 2d185549c4e6..000000000000 --- a/pkgs/data/misc/shared-mime-info/fix-clang-warnings.patch +++ /dev/null @@ -1,31 +0,0 @@ -diff --git a/meson.build b/meson.build -index 1780c44..7998a51 100644 ---- a/meson.build -+++ b/meson.build -@@ -49,12 +49,7 @@ endif - ############################################################################### - # Dependencies - --check_functions = [ -- 'fdatasync', --] --foreach function : check_functions -- config.set('HAVE_'+function.to_upper(), cc.has_function(function)) --endforeach -+config.set('HAVE_FDATASYNC', cc.has_function('fdatasync', prefix: '#include <unistd.h>')) - - - if get_option('build-translations') -diff --git a/src/update-mime-database.cpp b/src/update-mime-database.cpp -index 733ba06..4ca6d06 100644 ---- a/src/update-mime-database.cpp -+++ b/src/update-mime-database.cpp -@@ -2158,7 +2158,7 @@ static void check_in_path_xdg_data(const char *mime_path) - - env = getenv("XDG_DATA_DIRS"); - if (!env) -- env = "/usr/local/share/"PATH_SEPARATOR"/usr/share/"; -+ env = "/usr/local/share/" PATH_SEPARATOR "/usr/share/"; - dirs = g_strsplit(env, PATH_SEPARATOR, 0); - g_return_if_fail(dirs != NULL); - for (n = 0; dirs[n]; n++) diff --git a/pkgs/data/misc/tzdata/default.nix b/pkgs/data/misc/tzdata/default.nix index 98aeb7638e12..f04005af7452 100644 --- a/pkgs/data/misc/tzdata/default.nix +++ b/pkgs/data/misc/tzdata/default.nix @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { ]; outputs = [ "out" "bin" "man" "dev" ]; - propagatedBuildOutputs = []; + propagatedBuildOutputs = [ ]; makeFlags = [ "TOPDIR=$(out)" @@ -59,6 +59,8 @@ stdenv.mkDerivation rec { ( cd $out/share/zoneinfo/posix; ln -s ../* .; rm posix ) mv $out/share/zoneinfo-leaps $out/share/zoneinfo/right + cp leap-seconds.list $out/share/zoneinfo + mkdir -p "$dev/include" cp tzfile.h "$dev/include/tzfile.h" ''; diff --git a/pkgs/desktops/gnome-2/platform/GConf/default.nix b/pkgs/desktops/gnome-2/platform/GConf/default.nix index 8419c1a7d730..33430f453ab5 100644 --- a/pkgs/desktops/gnome-2/platform/GConf/default.nix +++ b/pkgs/desktops/gnome-2/platform/GConf/default.nix @@ -11,14 +11,16 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" "man" ]; - buildInputs = [ ORBit2 libxml2 python3 ] + strictDeps = true; + + buildInputs = [ ORBit2 libxml2 ] # polkit requires pam, which requires shadow.h, which is not available on # darwin ++ lib.optional (!stdenv.isDarwin) polkit; propagatedBuildInputs = [ glib dbus-glib ]; - nativeBuildInputs = [ pkg-config intltool ]; + nativeBuildInputs = [ pkg-config intltool python3 glib ]; configureFlags = # fixes the "libgconfbackend-oldxml.so is not portable" error on darwin diff --git a/pkgs/desktops/gnome-2/platform/ORBit2/default.nix b/pkgs/desktops/gnome-2/platform/ORBit2/default.nix index a45095ba4978..28bc04697b87 100644 --- a/pkgs/desktops/gnome-2/platform/ORBit2/default.nix +++ b/pkgs/desktops/gnome-2/platform/ORBit2/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pkg-config, glib, libIDL, libintl }: +{ lib, stdenv, fetchurl, pkg-config, glib, libIDL, libintl, buildPackages }: stdenv.mkDerivation rec { pname = "ORBit2"; @@ -9,11 +9,34 @@ stdenv.mkDerivation rec { sha256 = "0l3mhpyym9m5iz09fz0rgiqxl2ym6kpkwpsp1xrr4aa80nlh1jam"; }; + strictDeps = true; + + # Processing file orbit-interface.idl + # sh: gcc: not found + # output does not contain binaries for build + depsBuildBuild = [ buildPackages.stdenv.cc ]; nativeBuildInputs = [ pkg-config libintl ]; propagatedBuildInputs = [ glib libIDL ]; outputs = [ "out" "dev" ]; + configureFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + "--with-idl-compiler=${lib.getExe' buildPackages.gnome2.ORBit2 "orbit-idl-2"}" + # https://github.com/void-linux/void-packages/blob/e5856e02aa6ef7e4f2725afbff2915f89d39024b/srcpkgs/ORBit2/template#L17-L35 + "ac_cv_alignof_CORBA_boolean=1" + "ac_cv_alignof_CORBA_char=1" + "ac_cv_alignof_CORBA_double=8" + "ac_cv_alignof_CORBA_float=4" + "ac_cv_alignof_CORBA_long=4" + "ac_cv_alignof_CORBA_long_double=8" + "ac_cv_alignof_CORBA_long_long=8" + "ac_cv_alignof_CORBA_octet=1" + "ac_cv_alignof_CORBA_short=2" + "ac_cv_alignof_CORBA_struct=1" + "ac_cv_alignof_CORBA_wchar=2" + "ac_cv_alignof_CORBA_pointer=${if stdenv.hostPlatform.is64bit then "8" else "4"}" + ]; + preBuild = '' sed 's/-DG_DISABLE_DEPRECATED//' -i linc2/src/Makefile ''; diff --git a/pkgs/desktops/gnome-2/platform/libIDL/default.nix b/pkgs/desktops/gnome-2/platform/libIDL/default.nix index 61b21ba88c01..c8c40de9d44c 100644 --- a/pkgs/desktops/gnome-2/platform/libIDL/default.nix +++ b/pkgs/desktops/gnome-2/platform/libIDL/default.nix @@ -9,7 +9,15 @@ stdenv.mkDerivation rec { sha256 = "08129my8s9fbrk0vqvnmx6ph4nid744g5vbwphzkaik51664vln5"; }; + strictDeps = true; + buildInputs = [ glib gettext ]; nativeBuildInputs = [ flex bison pkg-config ]; + + configureFlags = lib.optionals (stdenv.buildPlatform != stdenv.hostPlatform) [ + # before openembedded removed libIDL + # the result was always ll https://lists.openembedded.org/g/openembedded-core/topic/85775262?p=%2C%2C%2C20%2C0%2C0%2C0%3A%3A%2C%2C%2C0%2C0%2C0%2C85775262 + "libIDL_cv_long_long_format=ll" + ]; } diff --git a/pkgs/desktops/gnome-2/platform/libglade/default.nix b/pkgs/desktops/gnome-2/platform/libglade/default.nix index 2f2641a9a5c8..dc6e192ed161 100644 --- a/pkgs/desktops/gnome-2/platform/libglade/default.nix +++ b/pkgs/desktops/gnome-2/platform/libglade/default.nix @@ -11,10 +11,18 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" ]; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ gtk2 gettext ]; - - NIX_LDFLAGS = "-lgmodule-2.0"; + strictDeps = true; + nativeBuildInputs = [ pkg-config gettext ]; + buildInputs = [ gtk2 ]; propagatedBuildInputs = [ libxml2 ]; + + postPatch = '' + # uses pkg-config in some places and uses the correct $PKG_CONFIG in some + # it's an ancient library so it has very old configure scripts and m4 + substituteInPlace ./configure \ + --replace "pkg-config" "$PKG_CONFIG" + ''; + + NIX_LDFLAGS = "-lgmodule-2.0"; } diff --git a/pkgs/desktops/gnome-2/platform/libgnomecanvas/default.nix b/pkgs/desktops/gnome-2/platform/libgnomecanvas/default.nix index b856442290a4..529e73b87478 100644 --- a/pkgs/desktops/gnome-2/platform/libgnomecanvas/default.nix +++ b/pkgs/desktops/gnome-2/platform/libgnomecanvas/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, pkg-config, gtk2, intltool, libart_lgpl, libglade }: +{ lib, stdenv, fetchurl, pkg-config, gtk2, intltool, libart_lgpl, libglade, glib }: stdenv.mkDerivation rec { pname = "libgnomecanvas"; @@ -11,7 +11,9 @@ stdenv.mkDerivation rec { outputs = [ "out" "dev" ]; + strictDeps = true; + buildInputs = [ libglade ]; - nativeBuildInputs = [ pkg-config intltool ]; + nativeBuildInputs = [ pkg-config intltool glib ]; propagatedBuildInputs = [ libart_lgpl gtk2 ]; } diff --git a/pkgs/development/compilers/gcc/patches/12/mangle-NIX_STORE-in-__FILE__.patch b/pkgs/development/compilers/gcc/patches/12/mangle-NIX_STORE-in-__FILE__.patch index d938d67a2d06..4e6c392ce76e 100644 --- a/pkgs/development/compilers/gcc/patches/12/mangle-NIX_STORE-in-__FILE__.patch +++ b/pkgs/development/compilers/gcc/patches/12/mangle-NIX_STORE-in-__FILE__.patch @@ -17,10 +17,10 @@ Ideally we would like to use `-fmacro-prefix-map=` feature of `gcc` as: -fmacro-prefix-map=/nix/store/$hash1-nlohmann-json-ver=/nix/store/eeee.eee-nlohmann-json-ver -fmacro-prefix-map=/nix/... -In practice it quickly exhausts argument lengtth limit due to `gcc` +In practice it quickly exhausts argument length limit due to `gcc` deficiency: https://gcc.gnu.org/PR111527 -Until it;s fixed let's hardcode header mangling if $NIX_STORE variable +Until it's fixed let's hardcode header mangling if $NIX_STORE variable is present in the environment. Tested as: diff --git a/pkgs/development/compilers/gcc/patches/13/mangle-NIX_STORE-in-__FILE__.patch b/pkgs/development/compilers/gcc/patches/13/mangle-NIX_STORE-in-__FILE__.patch index 57ae2111f020..ea0673219eb1 100644 --- a/pkgs/development/compilers/gcc/patches/13/mangle-NIX_STORE-in-__FILE__.patch +++ b/pkgs/development/compilers/gcc/patches/13/mangle-NIX_STORE-in-__FILE__.patch @@ -17,10 +17,10 @@ Ideally we would like to use `-fmacro-prefix-map=` feature of `gcc` as: -fmacro-prefix-map=/nix/store/$hash1-nlohmann-json-ver=/nix/store/eeee.eee-nlohmann-json-ver -fmacro-prefix-map=/nix/... -In practice it quickly exhausts argument lengtth limit due to `gcc` +In practice it quickly exhausts argument length limit due to `gcc` deficiency: https://gcc.gnu.org/PR111527 -Until it;s fixed let's hardcode header mangling if $NIX_STORE variable +Until it's fixed let's hardcode header mangling if $NIX_STORE variable is present in the environment. Tested as: diff --git a/pkgs/development/compilers/glslang/default.nix b/pkgs/development/compilers/glslang/default.nix index ff55201ebd03..0f75d09098be 100644 --- a/pkgs/development/compilers/glslang/default.nix +++ b/pkgs/development/compilers/glslang/default.nix @@ -26,6 +26,9 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ cmake python3 bison jq ]; + # Workaround missing atomic ops with gcc <13 + env.LDFLAGS = lib.optionalString stdenv.hostPlatform.isRiscV "-latomic"; + postPatch = '' cp --no-preserve=mode -r "${spirv-tools.src}" External/spirv-tools ln -s "${spirv-headers.src}" External/spirv-tools/external/spirv-headers diff --git a/pkgs/development/compilers/rust/1_73.nix b/pkgs/development/compilers/rust/1_74.nix index 37e75e0a7a4f..163c64c249b7 100644 --- a/pkgs/development/compilers/rust/1_73.nix +++ b/pkgs/development/compilers/rust/1_74.nix @@ -16,12 +16,13 @@ , CoreFoundation, Security, SystemConfiguration , pkgsBuildTarget, pkgsBuildBuild, pkgsBuildHost , makeRustPlatform +, wrapRustcWith , llvmPackages_16, llvm_16 } @ args: import ./default.nix { - rustcVersion = "1.73.0"; - rustcSha256 = "sha256-ltYubR8tId96yKyzuYgkEfnnxwNhc/fy7enh8faxuzo="; + rustcVersion = "1.74.0"; + rustcSha256 = "sha256-iCtYS8Mhxdz+d82qafJ3kGuTYlXveAj81cdJKSXPEEk="; llvmSharedForBuild = pkgsBuildBuild.llvmPackages_16.libllvm.override { enableSharedLibraries = true; }; llvmSharedForHost = pkgsBuildHost.llvmPackages_16.libllvm.override { enableSharedLibraries = true; }; @@ -35,24 +36,24 @@ import ./default.nix { # Note: the version MUST be one version prior to the version we're # building - bootstrapVersion = "1.72.1"; + bootstrapVersion = "1.73.0"; # fetch hashes by running `print-hashes.sh ${bootstrapVersion}` bootstrapHashes = { - i686-unknown-linux-gnu = "a2a849a701dfd6643aaaa27e1ed5ac56aea00f7dee26c00d81c520808efd8911"; - x86_64-unknown-linux-gnu = "4fbd8df2000cf73c632d67a219a7fc153537ceffa2e6474491e3db71fdd5a410"; - x86_64-unknown-linux-musl = "94eddc044868a944a887d0b0375e393cb3acc6ebc034e3eac2ef2890ec7c0eac"; - arm-unknown-linux-gnueabihf = "a4d90538882181722d3e7cb8d7f021770e29e6b6d28375452e31a98049600110"; - armv7-unknown-linux-gnueabihf = "4c8e6b3c705a84d17894d3a1cfe744fb6083dd57c61868e67aac8b8512640ecb"; - aarch64-unknown-linux-gnu = "190d0473cbe619f163d33a6c4e2ef982abdd4178f73abc3194631cd2d5c8ed8b"; - aarch64-unknown-linux-musl = "c83778d1a95f6604bc3610a9070e8a8435c60a8bca5117aad71ffab36dea020f"; - x86_64-apple-darwin = "d01e7e9a7482f88a51b4fd888f06234274b49f51b5476c2d14fd46fd6e99ba9e"; - aarch64-apple-darwin = "42b0aaf269b6d9c60db13a64a920336d6064ab11d0c7043c9deeb9d4f67b3983"; - powerpc64le-unknown-linux-gnu = "9310df247efc072f2ca27354a875c4989cf3c29c9e545255a7472895d830163c"; - riscv64gc-unknown-linux-gnu = "1e08cd3ecd29d5bf247e3f7f4bc97318b439f0443dd9c99c36edcfa717d55101"; + i686-unknown-linux-gnu = "6a088acbbda734d27e8b431499f1d746de7781673b88fead3aeae072be1d1a5a"; + x86_64-unknown-linux-gnu = "aa4cf0b7e66a9f5b7c623d4b340bb1ac2864a5f2c2b981f39f796245dc84f2cb"; + x86_64-unknown-linux-musl = "c888457d106ccd40288ca8db1cb966b23d719c9a128daca701ecc574c53773d4"; + arm-unknown-linux-gnueabihf = "9c29bb42786aedbb16ea71564eb06068a8b01cca6c6b8857f0c37f91dfba7134"; + armv7-unknown-linux-gnueabihf = "092b32b82c602c18279d76d9a96763e85030aa62cda64c1bc73fc1f6355bb99c"; + aarch64-unknown-linux-gnu = "e54d7d886ba413ae573151f668e76ea537f9a44406d3d29598269a4a536d12f6"; + aarch64-unknown-linux-musl = "f4e9ff895aa55558777585ad4debe2ccf3c0298cb5d65db67814f62428de4a5b"; + x86_64-apple-darwin = "ece9646bb153d4bc0f7f1443989de0cbcd8989a7d0bf3b7fb9956e1223954f0c"; + aarch64-apple-darwin = "9c96e4c57328fb438ee2d87aa75970ce89b4426b49780ccb3c16af0d7c617cc6"; + powerpc64le-unknown-linux-gnu = "8fa215ee3e274fb64364e7084613bc570369488fa22cf5bc8e0fe6dc810fe2b9"; + riscv64gc-unknown-linux-gnu = "381379a2381835428b2e7a396b3046581517356b7cc851e39e385aebd5700623"; }; - selectRustPackage = pkgs: pkgs.rust_1_73; + selectRustPackage = pkgs: pkgs.rust_1_74; rustcPatches = [ ]; } diff --git a/pkgs/development/compilers/rust/binary.nix b/pkgs/development/compilers/rust/binary.nix index bf03077f4aa8..efef07aba4c6 100644 --- a/pkgs/development/compilers/rust/binary.nix +++ b/pkgs/development/compilers/rust/binary.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, makeWrapper, bash, curl, darwin, zlib +{ lib, stdenv, makeWrapper, wrapRustc, bash, curl, darwin, zlib , autoPatchelfHook, gcc , version , src @@ -19,7 +19,7 @@ let in rec { - rustc = stdenv.mkDerivation { + rustc-unwrapped = stdenv.mkDerivation { pname = "rustc-${versionType}"; inherit version; @@ -61,6 +61,8 @@ rec { setupHooks = ./setup-hook.sh; }; + rustc = wrapRustc rustc-unwrapped; + cargo = stdenv.mkDerivation { pname = "cargo-${versionType}"; diff --git a/pkgs/development/compilers/rust/cargo.nix b/pkgs/development/compilers/rust/cargo.nix index 8eb628aa536b..1bc1777acd47 100644 --- a/pkgs/development/compilers/rust/cargo.nix +++ b/pkgs/development/compilers/rust/cargo.nix @@ -11,7 +11,7 @@ rustPlatform.buildRustPackage.override { cargo-auditable = cargo-auditable.bootstrap; } ({ pname = "cargo"; - inherit (rustc) version src; + inherit (rustc.unwrapped) version src; # the rust source tarball already has all the dependencies vendored, no need to fetch them again cargoVendorDir = "vendor"; diff --git a/pkgs/development/compilers/rust/default.nix b/pkgs/development/compilers/rust/default.nix index efd7042c230c..d56b6fb9e08e 100644 --- a/pkgs/development/compilers/rust/default.nix +++ b/pkgs/development/compilers/rust/default.nix @@ -18,6 +18,7 @@ , CoreFoundation, Security, SystemConfiguration , pkgsBuildBuild , makeRustPlatform +, wrapRustcWith }: let @@ -64,7 +65,7 @@ in buildRustPackages = (selectRustPackage buildPackages).packages.stable; # Analogous to stdenv rustPlatform = makeRustPlatform self.buildRustPackages; - rustc = self.callPackage ./rustc.nix ({ + rustc-unwrapped = self.callPackage ./rustc.nix ({ version = rustcVersion; sha256 = rustcSha256; inherit enableRustcDev; @@ -75,6 +76,10 @@ in # Use boot package set to break cycle inherit (bootstrapRustPackages) cargo rustc rustfmt; }); + rustc = wrapRustcWith { + inherit (self) rustc-unwrapped; + sysroot = if fastCross then self.rustc-unwrapped else null; + }; rustfmt = self.callPackage ./rustfmt.nix { inherit Security; inherit (self.buildRustPackages) rustc; diff --git a/pkgs/development/compilers/rust/rustc.nix b/pkgs/development/compilers/rust/rustc.nix index 1758abb6bea5..7e365f52ef30 100644 --- a/pkgs/development/compilers/rust/rustc.nix +++ b/pkgs/development/compilers/rust/rustc.nix @@ -81,6 +81,7 @@ in stdenv.mkDerivation (finalAttrs: { ccForTarget = ccPrefixForStdenv pkgsBuildTarget.targetPackages.stdenv; cxxForTarget = cxxPrefixForStdenv pkgsBuildTarget.targetPackages.stdenv; in [ + "--sysconfdir=${placeholder "out"}/etc" "--release-channel=stable" "--set=build.rustc=${rustc}/bin/rustc" "--set=build.cargo=${cargo}/bin/cargo" @@ -153,9 +154,9 @@ in stdenv.mkDerivation (finalAttrs: { runHook preBuild mkdir -p build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-{std,rustc}/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/ - ln -s ${rustc}/lib/rustlib/${stdenv.hostPlatform.rust.rustcTargetSpec}/libstd-*.so build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-std/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/libstd.so - ln -s ${rustc}/lib/rustlib/${stdenv.hostPlatform.rust.rustcTargetSpec}/librustc_driver-*.so build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-rustc/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/librustc.so - ln -s ${rustc}/bin/rustc build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-rustc/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/rustc-main + ln -s ${rustc.unwrapped}/lib/rustlib/${stdenv.hostPlatform.rust.rustcTargetSpec}/libstd-*.so build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-std/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/libstd.so + ln -s ${rustc.unwrapped}/lib/rustlib/${stdenv.hostPlatform.rust.rustcTargetSpec}/librustc_driver-*.so build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-rustc/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/librustc.so + ln -s ${rustc.unwrapped}/bin/rustc build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-rustc/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/rustc-main touch build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-std/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/.libstd.stamp touch build/${stdenv.hostPlatform.rust.rustcTargetSpec}/stage0-rustc/${stdenv.hostPlatform.rust.rustcTargetSpec}/release/.librustc.stamp python ./x.py --keep-stage=0 --stage=1 build library/std @@ -168,9 +169,9 @@ in stdenv.mkDerivation (finalAttrs: { python ./x.py --keep-stage=0 --stage=1 install library/std mkdir -v $out/bin $doc $man - makeWrapper ${rustc}/bin/rustc $out/bin/rustc --add-flags "--sysroot $out" - makeWrapper ${rustc}/bin/rustdoc $out/bin/rustdoc --add-flags "--sysroot $out" - ln -s ${rustc}/lib/rustlib/{manifest-rust-std-,}${stdenv.hostPlatform.rust.rustcTargetSpec} $out/lib/rustlib/ + ln -s ${rustc.unwrapped}/bin/rustc $out/bin + makeWrapper ${rustc.unwrapped}/bin/rustdoc $out/bin/rustdoc --add-flags "--sysroot $out" + ln -s ${rustc.unwrapped}/lib/rustlib/{manifest-rust-std-,}${stdenv.hostPlatform.rust.rustcTargetSpec} $out/lib/rustlib/ echo rust-std-${stdenv.hostPlatform.rust.rustcTargetSpec} >> $out/lib/rustlib/components lndir ${rustc.doc} $doc lndir ${rustc.man} $man @@ -178,14 +179,6 @@ in stdenv.mkDerivation (finalAttrs: { runHook postInstall '' else null; - # The bootstrap.py will generated a Makefile that then executes the build. - # The BOOTSTRAP_ARGS used by this Makefile must include all flags to pass - # to the bootstrap builder. - postConfigure = '' - substituteInPlace Makefile \ - --replace 'BOOTSTRAP_ARGS :=' 'BOOTSTRAP_ARGS := --jobs $(NIX_BUILD_CORES)' - ''; - # the rust build system complains that nix alters the checksums dontFixLibtool = true; diff --git a/pkgs/development/coq-modules/Cheerios/default.nix b/pkgs/development/coq-modules/Cheerios/default.nix index cacdacde326f..4f02f4fca7a3 100644 --- a/pkgs/development/coq-modules/Cheerios/default.nix +++ b/pkgs/development/coq-modules/Cheerios/default.nix @@ -14,9 +14,4 @@ mkCoqDerivation { release."20200201".sha256 = "1h55s6lk47bk0lv5ralh81z55h799jbl9mhizmqwqzy57y8wqgs1"; propagatedBuildInputs = [ StructTact ]; - preConfigure = '' - if [ -f ./configure ]; then - patchShebangs ./configure - fi - ''; } diff --git a/pkgs/development/coq-modules/InfSeqExt/default.nix b/pkgs/development/coq-modules/InfSeqExt/default.nix index ae20898e3ce9..5727afa983a0 100644 --- a/pkgs/development/coq-modules/InfSeqExt/default.nix +++ b/pkgs/development/coq-modules/InfSeqExt/default.nix @@ -12,9 +12,4 @@ mkCoqDerivation { release."20230107".sha256 = "sha256-YMBzVIsLkIC+w2TeyHrKe29eWLIxrH3wIMZqhik8p9I="; release."20200131".rev = "203d4c20211d6b17741f1fdca46dbc091f5e961a"; release."20200131".sha256 = "0xylkdmb2dqnnqinf3pigz4mf4zmczcbpjnn59g5g76m7f2cqxl0"; - preConfigure = '' - if [ -f ./configure ]; then - patchShebangs ./configure - fi - ''; } diff --git a/pkgs/development/coq-modules/StructTact/default.nix b/pkgs/development/coq-modules/StructTact/default.nix index 16bc63ff3a74..96173ae640b2 100644 --- a/pkgs/development/coq-modules/StructTact/default.nix +++ b/pkgs/development/coq-modules/StructTact/default.nix @@ -15,9 +15,4 @@ mkCoqDerivation { release."20210328".sha256 = "sha256:1y5r1zm3hli10ah6lnj7n8hxad6rb6rgldd0g7m2fjibzvwqzhdg"; release."20181102".rev = "82a85b7ec07e71fa6b30cfc05f6a7bfb09ef2510"; release."20181102".sha256 = "08zry20flgj7qq37xk32kzmg4fg6d4wi9m7pf9aph8fd3j2a0b5v"; - preConfigure = '' - if [ -f ./configure ]; then - patchShebangs ./configure - fi - ''; } diff --git a/pkgs/development/coq-modules/Verdi/default.nix b/pkgs/development/coq-modules/Verdi/default.nix index 748f16b2ea8a..b0ff84c45981 100644 --- a/pkgs/development/coq-modules/Verdi/default.nix +++ b/pkgs/development/coq-modules/Verdi/default.nix @@ -24,9 +24,4 @@ mkCoqDerivation { release."20181102".sha256 = "1vw47c37k5vaa8vbr6ryqy8riagngwcrfmb3rai37yi9xhdqg55z"; propagatedBuildInputs = [ Cheerios InfSeqExt ssreflect ]; - preConfigure = '' - if [ -f ./configure ]; then - patchShebangs ./configure - fi - ''; } diff --git a/pkgs/development/coq-modules/corn/default.nix b/pkgs/development/coq-modules/corn/default.nix index a33fd8b87e27..1f19ed2c9ec5 100644 --- a/pkgs/development/coq-modules/corn/default.nix +++ b/pkgs/development/coq-modules/corn/default.nix @@ -17,7 +17,6 @@ mkCoqDerivation rec { "8.18.0".sha256 = "sha256-ow3mfarZ1PvBGf5WLnI8LdF3E+8A6fN7cOcXHrZJLo0="; }; - preConfigure = "patchShebangs ./configure.sh"; configureScript = "./configure.sh"; dontAddPrefix = true; diff --git a/pkgs/development/coq-modules/metacoq/default.nix b/pkgs/development/coq-modules/metacoq/default.nix index b61b729eb475..9ab49f8e0861 100644 --- a/pkgs/development/coq-modules/metacoq/default.nix +++ b/pkgs/development/coq-modules/metacoq/default.nix @@ -48,7 +48,6 @@ let propagatedBuildInputs = [ equations coq.ocamlPackages.zarith ] ++ metacoq-deps; patchPhase = '' - patchShebangs ./configure.sh patchShebangs ./template-coq/update_plugin.sh patchShebangs ./template-coq/gen-src/to-lower.sh patchShebangs ./pcuic/clean_extraction.sh diff --git a/pkgs/development/interpreters/perl/default.nix b/pkgs/development/interpreters/perl/default.nix index 502bd5522346..50189a6213ba 100644 --- a/pkgs/development/interpreters/perl/default.nix +++ b/pkgs/development/interpreters/perl/default.nix @@ -57,16 +57,16 @@ in rec { # Maint version perl536 = callPackage ./intepreter.nix { self = perl536; - version = "5.36.1"; - sha256 = "sha256-aCA2Zdjs4CmI/HfckvzLspeoOku0uNB1WEQvl42lTME="; + version = "5.36.3"; + sha256 = "sha256-8qGtiBFjkaF2Ji3ULfxS7yKvtA9MDpgQ8V1WHm8ccmo="; inherit passthruFun; }; # Maint version perl538 = callPackage ./intepreter.nix { self = perl538; - version = "5.38.0"; - sha256 = "sha256-IT71gInS8sly6jU1F9xg7DZW8FDcwCdmbhGLUIQj5Rc="; + version = "5.38.2"; + sha256 = "sha256-oKMVNEUet7g8fWWUpJdUOlTUiLyQygD140diV39AZV4="; inherit passthruFun; }; } diff --git a/pkgs/development/interpreters/perl/intepreter.nix b/pkgs/development/interpreters/perl/intepreter.nix index c16dffe3db69..8861a0ed0456 100644 --- a/pkgs/development/interpreters/perl/intepreter.nix +++ b/pkgs/development/interpreters/perl/intepreter.nix @@ -236,14 +236,14 @@ stdenv.mkDerivation (rec { mainProgram = "perl"; }; } // lib.optionalAttrs (stdenv.buildPlatform != stdenv.hostPlatform) rec { - crossVersion = "1.5"; # Jul 03, 2023 + crossVersion = "84db4c71ae3d3b01fb2966cd15a060a7be334710"; # Nov 29, 2023 perl-cross-src = fetchFromGitHub { name = "perl-cross-${crossVersion}"; owner = "arsv"; repo = "perl-cross"; rev = crossVersion; - sha256 = "sha256-9nRFJinZUWUSpXXyyIVmhRLQ1B5LB3UmN2iAckmem58="; + sha256 = "sha256-1Zqw4sy/lD2nah0Z8rAE11tSpq1Ym9nBbatDczR+mxs="; }; depsBuildBuild = [ buildPackages.stdenv.cc makeWrapper ]; diff --git a/pkgs/development/libraries/SDL/default.nix b/pkgs/development/libraries/SDL/default.nix index e82220b2398e..fa816c0add0f 100644 --- a/pkgs/development/libraries/SDL/default.nix +++ b/pkgs/development/libraries/SDL/default.nix @@ -31,9 +31,6 @@ stdenv.mkDerivation rec { sha256 = "005d993xcac8236fpvd1iawkz4wqjybkpn8dbwaliqz5jfkidlyn"; }; - # make: *** No rule to make target 'build/*.lo', needed by 'build/libSDL.la'. Stop. - postPatch = "patchShebangs ./configure"; - outputs = [ "out" "dev" ]; outputBin = "dev"; # sdl-config diff --git a/pkgs/development/libraries/SDL2/default.nix b/pkgs/development/libraries/SDL2/default.nix index dea308d59a2e..2532bab798bc 100644 --- a/pkgs/development/libraries/SDL2/default.nix +++ b/pkgs/development/libraries/SDL2/default.nix @@ -58,13 +58,13 @@ stdenv.mkDerivation (finalAttrs: { pname = "SDL2"; - version = "2.28.4"; + version = "2.28.5"; src = fetchFromGitHub { owner = "libsdl-org"; repo = "SDL"; rev = "release-${finalAttrs.version}"; - hash = "sha256-1+1m0s3pBCTu924J/4aIu4IHk/N88x2djWDEsDpAJn4="; + hash = "sha256-YcM7bfLo+KkWx8LdtG4z2UwJvzlEkvIkm+M5aMSztwU="; }; dontDisableStatic = if withStatic then 1 else 0; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/audio/lilv/default.nix b/pkgs/development/libraries/audio/lilv/default.nix index a0869edf4fbd..9827e6f52a77 100644 --- a/pkgs/development/libraries/audio/lilv/default.nix +++ b/pkgs/development/libraries/audio/lilv/default.nix @@ -18,13 +18,13 @@ stdenv.mkDerivation rec { pname = "lilv"; - version = "0.24.20"; + version = "0.24.22"; outputs = [ "out" "dev" "man" ]; src = fetchurl { url = "https://download.drobilla.net/${pname}-${version}.tar.xz"; - hash = "sha256-T7CCubiyhuqSu7cb3mt1Ykzsq23wzGOe51oqCWIS7rw="; + hash = "sha256-dvlJ0OWfyDNjQJtexeFcEEb7fdZYnTwbkgzsH9Kfn/M="; }; nativeBuildInputs = [ meson ninja pkg-config python3 ]; diff --git a/pkgs/development/libraries/audio/roc-toolkit/default.nix b/pkgs/development/libraries/audio/roc-toolkit/default.nix index c2cdd5285aa3..cbb580413c2b 100644 --- a/pkgs/development/libraries/audio/roc-toolkit/default.nix +++ b/pkgs/development/libraries/audio/roc-toolkit/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { pname = "roc-toolkit"; - version = "0.2.5"; + version = "0.3.0"; outputs = [ "out" "dev" ]; @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { owner = "roc-streaming"; repo = "roc-toolkit"; rev = "v${version}"; - hash = "sha256-vosw4H3YTTCXdDOnQQYRNZgufPo1BxUtfg6jutArzTI="; + hash = "sha256-tC0rjb3eDtEciUk0NmVye+N//Y/RFsi5d3kFS031y8I="; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/audio/sratom/default.nix b/pkgs/development/libraries/audio/sratom/default.nix index 45dceb393457..26a55efd786a 100644 --- a/pkgs/development/libraries/audio/sratom/default.nix +++ b/pkgs/development/libraries/audio/sratom/default.nix @@ -12,13 +12,13 @@ stdenv.mkDerivation rec { pname = "sratom"; - version = "0.6.14"; + version = "0.6.16"; outputs = [ "out" "dev" ]; src = fetchurl { url = "https://download.drobilla.net/${pname}-${version}.tar.xz"; - hash = "sha256-mYL69A24Ou3Zs4UOSZ/s1oUri0um3t5RQBNlXP+soeY="; + hash = "sha256-ccFXmRGD5T0FVTk7tCccdcm19dq3Sl7yLyCLsi3jIsQ="; }; strictDeps = true; @@ -43,13 +43,6 @@ stdenv.mkDerivation rec { "-Ddocs=disabled" ]; - postFixup = '' - # remove once updated to 0.6.15 or above - for f in $dev/lib/pkgconfig/*; do - echo "Requires: lv2 >= 1.18.4, serd-0 >= 0.30.10, sord-0 >= 0.16.10" >> "$f" - done - ''; - passthru = { updateScript = writeScript "update-sratom" '' #!/usr/bin/env nix-shell diff --git a/pkgs/development/libraries/audio/zix/default.nix b/pkgs/development/libraries/audio/zix/default.nix index 9f5d8867a150..0fc0635747e5 100644 --- a/pkgs/development/libraries/audio/zix/default.nix +++ b/pkgs/development/libraries/audio/zix/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitLab +, fetchpatch , meson , ninja , pkg-config @@ -17,6 +18,16 @@ stdenv.mkDerivation rec { hash = "sha256-nMm3Mdqc4ncCae8SoyGxZYURzmXLNcp1GjsSExfB6x4="; }; + patches = [ + # clang-16 support on Darwin: + # https://gitlab.com/drobilla/zix/-/issues/3 + (fetchpatch { + name = "darwin-sync.patch"; + url = "https://gitlab.com/drobilla/zix/-/commit/a6f804073de1f1e626464a9dd0a169fd3f69fdff.patch"; + hash = "sha256-ZkDPjtUzIyqnYarQR+7aCj7S/gSngbd6d75aRT+h7Ww="; + }) + ]; + nativeBuildInputs = [ meson ninja @@ -28,12 +39,7 @@ stdenv.mkDerivation rec { "-Ddocs=disabled" ]; - env = lib.optionalAttrs stdenv.isDarwin { - # Do not fail the build on clang-16/darwin. - # TODO: drop the workaround when upstream fixes it in: - # https://gitlab.com/drobilla/zix/-/issues/3 - NIX_CFLAGS_COMPILE = "-Wno-error=implicit-function-declaration"; - }; + doCheck = true; meta = with lib; { description = "A lightweight C99 portability and data structure library"; diff --git a/pkgs/development/libraries/avahi/CVE-2023-38469.patch b/pkgs/development/libraries/avahi/CVE-2023-38469.patch new file mode 100644 index 000000000000..ff6cd65de0f4 --- /dev/null +++ b/pkgs/development/libraries/avahi/CVE-2023-38469.patch @@ -0,0 +1,102 @@ +From a337a1ba7d15853fb56deef1f464529af6e3a1cf Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Mon, 23 Oct 2023 20:29:31 +0000 +Subject: [PATCH 1/2] core: reject overly long TXT resource records + +Closes https://github.com/lathiat/avahi/issues/455 + +CVE-2023-38469 +--- + avahi-core/rr.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/avahi-core/rr.c b/avahi-core/rr.c +index 2bb89244..9c04ebbd 100644 +--- a/avahi-core/rr.c ++++ b/avahi-core/rr.c +@@ -32,6 +32,7 @@ + #include <avahi-common/malloc.h> + #include <avahi-common/defs.h> + ++#include "dns.h" + #include "rr.h" + #include "log.h" + #include "util.h" +@@ -689,11 +690,17 @@ int avahi_record_is_valid(AvahiRecord *r) { + case AVAHI_DNS_TYPE_TXT: { + + AvahiStringList *strlst; ++ size_t used = 0; + +- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) ++ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) { + if (strlst->size > 255 || strlst->size <= 0) + return 0; + ++ used += 1+strlst->size; ++ if (used > AVAHI_DNS_RDATA_MAX) ++ return 0; ++ } ++ + return 1; + } + } + +From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Wed, 25 Oct 2023 18:15:42 +0000 +Subject: [PATCH 2/2] tests: pass overly long TXT resource records + +to make sure they don't crash avahi any more. + +It reproduces https://github.com/lathiat/avahi/issues/455 +--- + avahi-client/client-test.c | 14 ++++++++++++++ + 2 files changed, 20 insertions(+) + +diff --git a/avahi-client/client-test.c b/avahi-client/client-test.c +index ba979988..da0e43ad 100644 +--- a/avahi-client/client-test.c ++++ b/avahi-client/client-test.c +@@ -22,6 +22,7 @@ + #endif + + #include <stdio.h> ++#include <string.h> + #include <assert.h> + + #include <avahi-client/client.h> +@@ -33,6 +34,8 @@ + #include <avahi-common/malloc.h> + #include <avahi-common/timeval.h> + ++#include <avahi-core/dns.h> ++ + static const AvahiPoll *poll_api = NULL; + static AvahiSimplePoll *simple_poll = NULL; + +@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + uint32_t cookie; + struct timeval tv; + AvahiAddress a; ++ uint8_t rdata[AVAHI_DNS_RDATA_MAX+1]; ++ AvahiStringList *txt = NULL; ++ int r; + + simple_poll = avahi_simple_poll_new(); + poll_api = avahi_simple_poll_get(simple_poll); +@@ -261,6 +267,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) { + error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0); + assert(error != AVAHI_OK); + ++ memset(rdata, 1, sizeof(rdata)); ++ r = avahi_string_list_parse(rdata, sizeof(rdata), &txt); ++ assert(r >= 0); ++ assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata)); ++ error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt); ++ assert(error == AVAHI_ERR_INVALID_RECORD); ++ avahi_string_list_free(txt); ++ + avahi_entry_group_commit (group); + + domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u"); diff --git a/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch b/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch new file mode 100644 index 000000000000..be0faddbfef5 --- /dev/null +++ b/pkgs/development/libraries/avahi/CVE-2023-38471-2.patch @@ -0,0 +1,47 @@ +From 04ac71fd56a16365360f14bd4691219913e22f21 Mon Sep 17 00:00:00 2001 +From: Evgeny Vereshchagin <evvers@ya.ru> +Date: Tue, 24 Oct 2023 21:57:32 +0000 +Subject: [PATCH 1/2] smoke-test: call SetHostName with unusual names + +It's prompted by https://github.com/lathiat/avahi/issues/453 +--- + avahi-core/server.c | 9 ++++++--- + 1 file changed, 6 insertions(+), 3 deletions(-) + +diff --git a/avahi-core/server.c b/avahi-core/server.c +index f6a21bb7..84df6b5d 100644 +--- a/avahi-core/server.c ++++ b/avahi-core/server.c +@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + else + hn = avahi_normalize_name_strdup(host_name); + ++ if (!hn) ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); ++ + h = hn; + if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) { + avahi_free(h); +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + } + + avahi_free(h); +@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + h = label_escaped; + len = sizeof(label_escaped); + if (!avahi_escape_label(label, strlen(label), &h, &len)) +- return AVAHI_ERR_INVALID_HOST_NAME; ++ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME); + + if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION) + return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE); +@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) { + avahi_free(s->host_name); + s->host_name = avahi_strdup(label_escaped); + if (!s->host_name) +- return AVAHI_ERR_NO_MEMORY; ++ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY); + + update_fqdn(s); + diff --git a/pkgs/development/libraries/avahi/default.nix b/pkgs/development/libraries/avahi/default.nix index 772650bd3a8a..df3d113dfd2c 100644 --- a/pkgs/development/libraries/avahi/default.nix +++ b/pkgs/development/libraries/avahi/default.nix @@ -51,6 +51,41 @@ stdenv.mkDerivation rec { url = "https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f.patch"; sha256 = "sha256-BEYFGCnQngp+OpiKIY/oaKygX7isAnxJpUPCUvg+efc="; }) + # CVE-2023-38470 + # https://github.com/lathiat/avahi/pull/457 merged Sep 19 + (fetchpatch { + name = "CVE-2023-38470.patch"; + url = "https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c.patch"; + sha256 = "sha256-Fanh9bvz+uknr5pAmltqijuUAZIG39JR2Lyq5zGKJ58="; + }) + # CVE-2023-38473 + # https://github.com/lathiat/avahi/pull/486 merged Oct 18 + (fetchpatch { + name = "CVE-2023-38473.patch"; + url = "https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797.patch"; + sha256 = "sha256-/ZVhsBkf70vjDWWG5KXxvGXIpLOZUXdRkn3413iSlnI="; + }) + # CVE-2023-38472 + # https://github.com/lathiat/avahi/pull/490 merged Oct 19 + (fetchpatch { + name = "CVE-2023-38472.patch"; + url = "https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40.patch"; + sha256 = "sha256-FjR8fmhevgdxR9JQ5iBLFXK0ILp2OZQ8Oo9IKjefCqk="; + }) + # CVE-2023-38471 + # https://github.com/lathiat/avahi/pull/494 merged Oct 24 + (fetchpatch { + name = "CVE-2023-38471.patch"; + url = "https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09.patch"; + sha256 = "sha256-4dG+5ZHDa+A4/CszYS8uXWlpmA89m7/jhbZ7rheMs7U="; + }) + # https://github.com/lathiat/avahi/pull/499 merged Oct 25 + # (but with the changes to '.github/workflows/smoke-tests.sh removed) + ./CVE-2023-38471-2.patch + # CVE-2023-38469 + # https://github.com/lathiat/avahi/pull/500 merged Oct 25 + # (but with the changes to '.github/workflows/smoke-tests.sh removed) + ./CVE-2023-38469.patch ]; depsBuildBuild = [ diff --git a/pkgs/development/libraries/expat/default.nix b/pkgs/development/libraries/expat/default.nix index ac6e9bfdc386..248e3774f4cd 100644 --- a/pkgs/development/libraries/expat/default.nix +++ b/pkgs/development/libraries/expat/default.nix @@ -37,7 +37,7 @@ stdenv.mkDerivation rec { doCheck = true; # not cross; preCheck = '' - patchShebangs ./configure ./run.sh ./test-driver-wrapper.sh + patchShebangs ./run.sh ./test-driver-wrapper.sh ''; # CMake files incorrectly calculate library path from dev prefix diff --git a/pkgs/development/libraries/faad2/default.nix b/pkgs/development/libraries/faad2/default.nix index f72e6f4f9543..12179dd7e2a8 100644 --- a/pkgs/development/libraries/faad2/default.nix +++ b/pkgs/development/libraries/faad2/default.nix @@ -1,8 +1,7 @@ {lib , stdenv , fetchFromGitHub -, autoreconfHook -, drmSupport ? false # Digital Radio Mondiale +, cmake # for passthru.tests , gst_all_1 @@ -13,19 +12,18 @@ stdenv.mkDerivation rec { pname = "faad2"; - version = "2.10.1"; + version = "2.11.1"; src = fetchFromGitHub { owner = "knik0"; repo = "faad2"; rev = version; - sha256 = "sha256-k7y12OwCn3YkNZY9Ov5Y9EQtlrZh6oFUzM27JDR960w="; + hash = "sha256-E6oe7yjYy1SJo8xQkyUk1sSucKDMPxwUFVSAyrf4Pd8="; }; - configureFlags = [] - ++ lib.optional drmSupport "--with-drm"; + outputs = [ "out" "dev" "man" ]; - nativeBuildInputs = [ autoreconfHook ]; + nativeBuildInputs = [ cmake ]; passthru.tests = { inherit mpd vlc; diff --git a/pkgs/development/libraries/fftw/default.nix b/pkgs/development/libraries/fftw/default.nix index 026c1f3ed063..7c06a346e4bb 100644 --- a/pkgs/development/libraries/fftw/default.nix +++ b/pkgs/development/libraries/fftw/default.nix @@ -1,4 +1,5 @@ { fetchurl +, fetchpatch , stdenv , lib , gfortran @@ -25,6 +26,14 @@ stdenv.mkDerivation (finalAttrs: { sha256 = "sha256-VskyVJhSzdz6/as4ILAgDHdCZ1vpIXnlnmIVs0DiZGc="; }; + patches = [ + (fetchpatch { + name = "remove_missing_FFTW3LibraryDepends.patch"; + url = "https://github.com/FFTW/fftw3/pull/338/commits/f69fef7aa546d4477a2a3fd7f13fa8b2f6c54af7.patch"; + hash = "sha256-lzX9kAHDMY4A3Td8necXwYLcN6j8Wcegi3A7OIECKeU="; + }) + ]; + outputs = [ "out" "dev" "man" ] ++ lib.optional withDoc "info"; # it's dev-doc only outputBin = "dev"; # fftw-wisdom @@ -64,7 +73,7 @@ stdenv.mkDerivation (finalAttrs: { meta = with lib; { description = "Fastest Fourier Transform in the West library"; - homepage = "http://www.fftw.org/"; + homepage = "https://www.fftw.org/"; license = licenses.gpl2Plus; maintainers = [ ]; pkgConfigModules = [ diff --git a/pkgs/development/libraries/gnutls/default.nix b/pkgs/development/libraries/gnutls/default.nix index 5f4a295e3b09..bbbdf19a1909 100644 --- a/pkgs/development/libraries/gnutls/default.nix +++ b/pkgs/development/libraries/gnutls/default.nix @@ -1,6 +1,6 @@ { config, lib, stdenv, fetchurl, zlib, lzo, libtasn1, nettle, pkg-config, lzip , perl, gmp, autoconf, automake, libidn2, libiconv -, fetchpatch, texinfo +, texinfo , unbound, dns-root-data, gettext, util-linux , cxxBindings ? !stdenv.hostPlatform.isStatic # tries to link libstdc++.so , tpmSupport ? false, trousers, which, nettools, libunistring @@ -35,11 +35,11 @@ in stdenv.mkDerivation rec { pname = "gnutls"; - version = "3.8.1"; + version = "3.8.2"; src = fetchurl { url = "mirror://gnupg/gnutls/v${lib.versions.majorMinor version}/gnutls-${version}.tar.xz"; - hash = "sha256-uoueFa4gq6iPRGYZePW1hjSUMW/n5yLt6dBp/mKUgpw="; + hash = "sha256-52XlAW/6m53SQ+NjoEYNV3B0RE7iSRJn2y6WycKt73c="; }; outputs = [ "bin" "dev" "out" "man" "devdoc" ]; @@ -48,12 +48,6 @@ stdenv.mkDerivation rec { outputDoc = "devdoc"; patches = [ - (fetchpatch { #TODO: when updating drop this patch and texinfo - name = "GNUTLS_NO_EXTENSIONS.patch"; - url = "https://gitlab.com/gnutls/gnutls/-/commit/abfa8634db940115a11a07596ce53c8f9c4f87d2.diff"; - hash = "sha256-3M5WdNoVx9gUwTUPgu/sXmsaNg+j5d6liXs0UZz8fGU="; - }) - ./nix-ssl-cert-file.patch ]; diff --git a/pkgs/development/libraries/grpc/default.nix b/pkgs/development/libraries/grpc/default.nix index daf3bad132d3..631bfa72b51a 100644 --- a/pkgs/development/libraries/grpc/default.nix +++ b/pkgs/development/libraries/grpc/default.nix @@ -21,7 +21,7 @@ stdenv.mkDerivation rec { pname = "grpc"; - version = "1.59.1"; # N.B: if you change this, please update: + version = "1.60.0"; # N.B: if you change this, please update: # pythonPackages.grpcio-tools # pythonPackages.grpcio-status @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { owner = "grpc"; repo = "grpc"; rev = "v${version}"; - hash = "sha256-4bou7oFQOgyxjFqJdmiFT8xEMCsOap9v34W6SPrT4WQ="; + hash = "sha256-0mn+nQAgaurd1WomzcLUAYwp88l26qGkP+cP1SSYxsE="; fetchSubmodules = true; }; diff --git a/pkgs/development/libraries/gstreamer/bad/default.nix b/pkgs/development/libraries/gstreamer/bad/default.nix index 72c8b76e59f5..2874f0d2fa04 100644 --- a/pkgs/development/libraries/gstreamer/bad/default.nix +++ b/pkgs/development/libraries/gstreamer/bad/default.nix @@ -109,13 +109,13 @@ stdenv.mkDerivation rec { pname = "gst-plugins-bad"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "out" "dev" ]; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-tAKc0pCKCJxV8dkCpWXQB0lclbFELYOEhdxH+xLfcTc="; + hash = "sha256-xxb43/qPrD+2RpQa8cbscv/wWgRRMTEb8tBJ/ch7zi4="; }; patches = [ diff --git a/pkgs/development/libraries/gstreamer/base/default.nix b/pkgs/development/libraries/gstreamer/base/default.nix index d9b624a59943..e87555fef57b 100644 --- a/pkgs/development/libraries/gstreamer/base/default.nix +++ b/pkgs/development/libraries/gstreamer/base/default.nix @@ -45,7 +45,7 @@ stdenv.mkDerivation (finalAttrs: { pname = "gst-plugins-base"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "out" "dev" ]; @@ -53,7 +53,7 @@ stdenv.mkDerivation (finalAttrs: { inherit (finalAttrs) pname version; in fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-UPK00XwC7v5DC776jFzRNLG+eKU8D2DpURNtls9J/Us="; + hash = "sha256-YlGeDY+Wnr9iqaeZby0j792jMCF6Y19KMsC/HHFXdGg="; }; strictDeps = true; diff --git a/pkgs/development/libraries/gstreamer/core/default.nix b/pkgs/development/libraries/gstreamer/core/default.nix index 96899b63e5b3..6a44f3e01a27 100644 --- a/pkgs/development/libraries/gstreamer/core/default.nix +++ b/pkgs/development/libraries/gstreamer/core/default.nix @@ -24,7 +24,7 @@ stdenv.mkDerivation (finalAttrs: { pname = "gstreamer"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "bin" @@ -36,7 +36,7 @@ stdenv.mkDerivation (finalAttrs: { inherit (finalAttrs) pname version; in fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-9QDmz93/VZCPk3cR/CaghA3iih6exJYhwLbxrb2PgY4="; + hash = "sha256-AeQsY1Kga9+kRW5ksGq32YxcSHolVXx2FVRjHL2mQhc="; }; depsBuildBuild = [ diff --git a/pkgs/development/libraries/gstreamer/devtools/default.nix b/pkgs/development/libraries/gstreamer/devtools/default.nix index 917a5041eeee..87097dddd8d3 100644 --- a/pkgs/development/libraries/gstreamer/devtools/default.nix +++ b/pkgs/development/libraries/gstreamer/devtools/default.nix @@ -17,11 +17,11 @@ stdenv.mkDerivation rec { pname = "gst-devtools"; - version = "1.22.6"; + version = "1.22.7"; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-iShWDvrxYTfDAoXnGHCOXQurB3frTvgSfgJ04SDT2Gs="; + hash = "sha256-FXz5P7J0HPDD3qcxvjry/65wPJ8s08DJGzgPvGheufk="; }; outputs = [ diff --git a/pkgs/development/libraries/gstreamer/ges/default.nix b/pkgs/development/libraries/gstreamer/ges/default.nix index 93ddc619a573..764bd78c083a 100644 --- a/pkgs/development/libraries/gstreamer/ges/default.nix +++ b/pkgs/development/libraries/gstreamer/ges/default.nix @@ -18,7 +18,7 @@ stdenv.mkDerivation rec { pname = "gst-editing-services"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "out" @@ -27,7 +27,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-dI1CNnLFl/h24TCAT7mEhI9bS4nv14pQbLF/dkZ5UwE="; + hash = "sha256-/sVqLDeiU80EjSiNTH7abv8ZECKwnbl14HosEF0bUh4="; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/gstreamer/good/default.nix b/pkgs/development/libraries/gstreamer/good/default.nix index 8ff8220aa75d..7e4c7d77363d 100644 --- a/pkgs/development/libraries/gstreamer/good/default.nix +++ b/pkgs/development/libraries/gstreamer/good/default.nix @@ -43,6 +43,7 @@ , libgudev , wavpack , glib +, openssl # Checks meson.is_cross_build(), so even canExecute isn't enough. , enableDocumentation ? stdenv.hostPlatform == stdenv.buildPlatform, hotdoc }: @@ -53,13 +54,13 @@ assert raspiCameraSupport -> (stdenv.isLinux && stdenv.isAarch32); stdenv.mkDerivation rec { pname = "gst-plugins-good"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "out" "dev" ]; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-s7B/4/HOf+k6qb5yF4ZgRFSPNcSneSKA7sfhCKMvmBc="; + hash = "sha256-ttsOGOOYtSZlt83OMBw0qHUEg9X0+6we3p+AsDdDzRU="; }; strictDeps = true; @@ -109,6 +110,7 @@ stdenv.mkDerivation rec { libintl ncurses wavpack + openssl ] ++ lib.optionals raspiCameraSupport [ libraspberrypi ] ++ lib.optionals enableX11 [ diff --git a/pkgs/development/libraries/gstreamer/libav/default.nix b/pkgs/development/libraries/gstreamer/libav/default.nix index 7dbd9b61cbc3..c183f8ee48a2 100644 --- a/pkgs/development/libraries/gstreamer/libav/default.nix +++ b/pkgs/development/libraries/gstreamer/libav/default.nix @@ -18,11 +18,11 @@ stdenv.mkDerivation rec { pname = "gst-libav"; - version = "1.22.6"; + version = "1.22.7"; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-d4nmQIOIol8jy/lIz8XGIw1zW7zYt/N/SgHJ40ih46c="; + hash = "sha256-FSW5FxQbiV/lz2GP6IZ2IrJSgnigKG6fcntfNzF9rKE="; }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/libraries/gstreamer/rtsp-server/default.nix b/pkgs/development/libraries/gstreamer/rtsp-server/default.nix index aa211eb51a50..1420a438b6f6 100644 --- a/pkgs/development/libraries/gstreamer/rtsp-server/default.nix +++ b/pkgs/development/libraries/gstreamer/rtsp-server/default.nix @@ -15,11 +15,11 @@ stdenv.mkDerivation rec { pname = "gst-rtsp-server"; - version = "1.22.6"; + version = "1.22.7"; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-CuM6i1BEO2LxFYGpGB6Qa0HNOHey15nb6nKRLD7aS7M="; + hash = "sha256-9/rAAeIK0h420YOXdBxGV8XUNXHrHMO0n5qTrhJ9yI8="; }; outputs = [ diff --git a/pkgs/development/libraries/gstreamer/ugly/default.nix b/pkgs/development/libraries/gstreamer/ugly/default.nix index cf5f93707cca..b92bb9dc0d4c 100644 --- a/pkgs/development/libraries/gstreamer/ugly/default.nix +++ b/pkgs/development/libraries/gstreamer/ugly/default.nix @@ -26,13 +26,13 @@ stdenv.mkDerivation rec { pname = "gst-plugins-ugly"; - version = "1.22.6"; + version = "1.22.7"; outputs = [ "out" "dev" ]; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-PjFFTJjLL39tLTVezrkzqJL6Dx3Am8NsmryTDY4pykg="; + hash = "sha256-UgtGvKY3GJrYaimP8kWy2JN128rIsF102uqRD4Gp6do="; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/gstreamer/vaapi/default.nix b/pkgs/development/libraries/gstreamer/vaapi/default.nix index d2227763f4e8..b779d132210d 100644 --- a/pkgs/development/libraries/gstreamer/vaapi/default.nix +++ b/pkgs/development/libraries/gstreamer/vaapi/default.nix @@ -24,11 +24,11 @@ stdenv.mkDerivation rec { pname = "gstreamer-vaapi"; - version = "1.22.6"; + version = "1.22.7"; src = fetchurl { url = "https://gstreamer.freedesktop.org/src/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-2bovwmvvmMeOmCxZn1hdRru2X+Ei2onC16tB9GilLHs="; + hash = "sha256-Dp//douJ3m0xizQUbk54HYK5oPQCXcVBssg0nHvLf2c="; }; outputs = [ diff --git a/pkgs/development/libraries/http-parser/build-shared.patch b/pkgs/development/libraries/http-parser/build-shared.patch deleted file mode 100644 index 5922cdfb5848..000000000000 --- a/pkgs/development/libraries/http-parser/build-shared.patch +++ /dev/null @@ -1,30 +0,0 @@ -diff -Naur http-parser-2.1-orig/http_parser.gyp http-parser-2.1/http_parser.gyp ---- http-parser-2.1-orig/http_parser.gyp 2013-03-26 18:35:20.000000000 -0400 -+++ http-parser-2.1/http_parser.gyp 2013-05-23 16:47:49.280488341 -0400 -@@ -21,7 +21,7 @@ - }, - 'Release': { - 'defines': [ 'NDEBUG' ], -- 'cflags': [ '-Wall', '-Wextra', '-O3' ], -+ 'cflags': [ '-Wall', '-Wextra', '-O3', '-fPIC' ], - 'msvs_settings': { - 'VCCLCompilerTool': { - 'RuntimeLibrary': 0, # static release -@@ -50,7 +50,7 @@ - 'targets': [ - { - 'target_name': 'http_parser', -- 'type': 'static_library', -+ 'type': 'shared_library', - 'include_dirs': [ '.' ], - 'direct_dependent_settings': { - 'defines': [ 'HTTP_PARSER_STRICT=0' ], -@@ -73,7 +73,7 @@ - - { - 'target_name': 'http_parser_strict', -- 'type': 'static_library', -+ 'type': 'shared_library', - 'include_dirs': [ '.' ], - 'direct_dependent_settings': { - 'defines': [ 'HTTP_PARSER_STRICT=1' ], diff --git a/pkgs/development/libraries/http-parser/default.nix b/pkgs/development/libraries/http-parser/default.nix index 327121dc6b1b..65ac1fe92c13 100644 --- a/pkgs/development/libraries/http-parser/default.nix +++ b/pkgs/development/libraries/http-parser/default.nix @@ -1,4 +1,7 @@ -{ lib, stdenv, fetchFromGitHub, fetchpatch }: +{ lib, stdenv, fetchFromGitHub, fetchpatch +, enableShared ? !stdenv.hostPlatform.isStatic +, enableStatic ? stdenv.hostPlatform.isStatic +}: stdenv.mkDerivation rec { pname = "http-parser"; @@ -12,8 +15,9 @@ stdenv.mkDerivation rec { }; env.NIX_CFLAGS_COMPILE = "-Wno-error"; + patches = [ - ./build-shared.patch + ./enable-static-shared.patch ] ++ lib.optionals stdenv.isAarch32 [ # https://github.com/nodejs/http-parser/pull/510 (fetchpatch { @@ -21,18 +25,43 @@ stdenv.mkDerivation rec { sha256 = "sha256-rZZMJeow3V1fTnjadRaRa+xTq3pdhZn/eJ4xjxEDoU4="; }) ]; - makeFlags = [ "DESTDIR=" "PREFIX=$(out)" ]; - buildFlags = [ "library" ]; + + makeFlags = [ + "DESTDIR=" + "PREFIX=$(out)" + "BINEXT=${stdenv.hostPlatform.extensions.executable}" + "Platform=${lib.toLower stdenv.hostPlatform.uname.system}" + "AEXT=${lib.strings.removePrefix "." stdenv.hostPlatform.extensions.staticLibrary}" + "ENABLE_SHARED=${if enableShared then "1" else "0"}" + "ENABLE_STATIC=${if enableStatic then "1" else "0"}" + ] ++ lib.optionals enableShared [ + "SOEXT=${lib.strings.removePrefix "." stdenv.hostPlatform.extensions.sharedLibrary}" + ] ++ lib.optionals enableStatic [ + "AEXT=${lib.strings.removePrefix "." stdenv.hostPlatform.extensions.staticLibrary}" + ] ++ lib.optionals (enableShared && stdenv.hostPlatform.isWindows) [ + "SONAME=$(SOLIBNAME).$(SOMAJOR).$(SOMINOR).$(SOEXT)" + "LIBNAME=$(SOLIBNAME).$(SOMAJOR).$(SOMINOR).$(SOREV).$(SOEXT)" + "LDFLAGS=-Wl,--out-implib=$(LIBNAME).a" + ]; + + buildFlags = lib.optional enableShared "library" + ++ lib.optional enableStatic "package"; + doCheck = true; checkTarget = "test"; enableParallelBuilding = true; + postInstall = lib.optionalString stdenv.hostPlatform.isWindows '' + install -D *.dll.a $out/lib + ln -sf libhttp_parser.${version}.dll.a $out/lib/libhttp_parser.dll.a + ''; + meta = with lib; { description = "An HTTP message parser written in C"; homepage = "https://github.com/nodejs/http-parser"; maintainers = with maintainers; [ matthewbauer ]; license = licenses.mit; - platforms = platforms.unix; + platforms = platforms.all; }; } diff --git a/pkgs/development/libraries/http-parser/enable-static-shared.patch b/pkgs/development/libraries/http-parser/enable-static-shared.patch new file mode 100644 index 000000000000..42f11d4c817f --- /dev/null +++ b/pkgs/development/libraries/http-parser/enable-static-shared.patch @@ -0,0 +1,93 @@ +commit abcb3cca9452779e91380b7636f32745166af3de +Author: John Ericson <John.Ericson@Obsidian.Systems> +Date: Wed Nov 29 23:55:38 2023 -0500 + + Make build system: enable/disable shared/static support + + This allows building this package in static-lib-only distros. + +diff --git a/Makefile b/Makefile +index 5d21221..cbc7914 100644 +--- a/Makefile ++++ b/Makefile +@@ -18,6 +18,9 @@ + # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + # IN THE SOFTWARE. + ++ENABLE_SHARED ?= 1 ++ENABLE_STATIC ?= ++ + PLATFORM ?= $(shell sh -c 'uname -s | tr "[A-Z]" "[a-z]"') + HELPER ?= + BINEXT ?= +@@ -25,6 +28,8 @@ SOLIBNAME = libhttp_parser + SOMAJOR = 2 + SOMINOR = 9 + SOREV = 4 ++AEXT = a ++STATICLIBNAME = $(SOLIBNAME).$(AEXT) + ifeq (darwin,$(PLATFORM)) + SOEXT ?= dylib + SONAME ?= $(SOLIBNAME).$(SOMAJOR).$(SOMINOR).$(SOEXT) +@@ -109,11 +114,17 @@ test-valgrind: test_g + libhttp_parser.o: http_parser.c http_parser.h Makefile + $(CC) $(CPPFLAGS_FAST) $(CFLAGS_LIB) -c http_parser.c -o libhttp_parser.o + +-library: libhttp_parser.o +- $(CC) $(LDFLAGS_LIB) -o $(LIBNAME) $< ++.PHONY: library ++library: $(LIBNAME) ++ ++$(LIBNAME): libhttp_parser.o ++ $(CC) $(LDFLAGS_LIB) -o $@ $< + +-package: http_parser.o +- $(AR) rcs libhttp_parser.a http_parser.o ++.PHONY: package ++package: $(STATICLIBNAME) ++ ++$(STATICLIBNAME): http_parser.o ++ $(AR) rcs $@ $< + + url_parser: http_parser.o contrib/url_parser.c + $(CC) $(CPPFLAGS_FAST) $(CFLAGS_FAST) $^ -o $@ +@@ -130,12 +141,30 @@ parsertrace_g: http_parser_g.o contrib/parsertrace.c + tags: http_parser.c http_parser.h test.c + ctags $^ + +-install: library ++.PHONY: install-headers ++install-headers: + $(INSTALL) -D http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h ++ ++.PHONY: install-library ++install-library: library + $(INSTALL) -D $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) + ln -sf $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SONAME) + ln -sf $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(SOLIBNAME).$(SOEXT) + ++.PHONY: install-package ++install-package: package ++ $(INSTALL) -D $(STATICLIBNAME) $(DESTDIR)$(LIBDIR)/$(STATICLIBNAME) ++ ++.PHONY: install ++install: install-headers ++ifeq ($(ENABLE_SHARED),1) ++install: install-library ++endif ++ifeq ($(ENABLE_STATIC),1) ++install: install-package ++endif ++ ++.PHONY: install-strip + install-strip: library + $(INSTALL) -D http_parser.h $(DESTDIR)$(INCLUDEDIR)/http_parser.h + $(INSTALL) -D -s $(LIBNAME) $(DESTDIR)$(LIBDIR)/$(LIBNAME) +@@ -147,6 +176,7 @@ uninstall: + rm $(DESTDIR)$(LIBDIR)/$(SOLIBNAME).$(SOEXT) + rm $(DESTDIR)$(LIBDIR)/$(SONAME) + rm $(DESTDIR)$(LIBDIR)/$(LIBNAME) ++ rm $(DESTDIR)$(LIBDIR)/$(STATICLIBNAME) + + clean: + rm -f *.o *.a tags test test_fast test_g \ diff --git a/pkgs/development/libraries/kerberos/krb5.nix b/pkgs/development/libraries/kerberos/krb5.nix index 08d0ffae8f9d..fdf01c195af5 100644 --- a/pkgs/development/libraries/kerberos/krb5.nix +++ b/pkgs/development/libraries/kerberos/krb5.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, pkg-config, perl, bison, bootstrap_cmds -, openssl, openldap, libedit, keyutils, libverto +, openssl, openldap, libedit, keyutils, libverto, darwin # for passthru.tests , bind @@ -27,11 +27,11 @@ let in stdenv.mkDerivation rec { pname = "${type}krb5"; - version = "1.20.2"; + version = "1.21.2"; src = fetchurl { url = "https://kerberos.org/dist/krb5/${lib.versions.majorMinor version}/krb5-${version}.tar.gz"; - sha256 = "sha256-fY1ofUKu01DCUly2mk/DqnkWlNpnYdzMHELC7neWtd0="; + hash = "sha256-lWCUGp2EPAJDpxsXp6xv4xx867W845g9t55Srn6FBJE="; }; outputs = [ "out" "dev" ]; @@ -58,6 +58,11 @@ stdenv.mkDerivation rec { ++ lib.optionals (!libOnly) [ openldap libedit ] ++ lib.optionals withVerto [ libverto ]; + propagatedBuildInputs = lib.optionals stdenv.isDarwin (with darwin.apple_sdk; [ + libs.xpc + frameworks.Kerberos + ]); + sourceRoot = "krb5-${version}/src"; postPatch = '' diff --git a/pkgs/development/libraries/libaom/default.nix b/pkgs/development/libraries/libaom/default.nix index 30d3c0d81b55..826dc544a88f 100644 --- a/pkgs/development/libraries/libaom/default.nix +++ b/pkgs/development/libraries/libaom/default.nix @@ -9,11 +9,11 @@ let in stdenv.mkDerivation rec { pname = "libaom"; - version = "3.7.0"; + version = "3.7.1"; src = fetchzip { url = "https://aomedia.googlesource.com/aom/+archive/v${version}.tar.gz"; - hash = "sha256-Zf0g/CMI73O9Dkn9o7aIvwZ/8wh3lCmVY8nZaPwBp68="; + hash = "sha256-v2SBiDE4zZe3LMrlo/tP9GzmG/PJZ42rKi1svKJR6ZA="; stripRoot = false; }; diff --git a/pkgs/development/libraries/libass/default.nix b/pkgs/development/libraries/libass/default.nix index 3265fd7d093e..ad94f55ccb6d 100644 --- a/pkgs/development/libraries/libass/default.nix +++ b/pkgs/development/libraries/libass/default.nix @@ -4,6 +4,7 @@ , rasterizerSupport ? false # Internal rasterizer , largeTilesSupport ? false # Use larger tiles in the rasterizer , libiconv +, darwin }: assert fontconfigSupport -> fontconfig != null; @@ -29,7 +30,12 @@ stdenv.mkDerivation rec { buildInputs = [ freetype fribidi harfbuzz ] ++ lib.optional fontconfigSupport fontconfig - ++ lib.optional stdenv.isDarwin libiconv; + ++ lib.optional stdenv.isDarwin [ + libiconv + darwin.apple_sdk.frameworks.ApplicationServices + darwin.apple_sdk.frameworks.CoreFoundation + darwin.apple_sdk.frameworks.CoreText + ]; meta = with lib; { description = "Portable ASS/SSA subtitle renderer"; diff --git a/pkgs/development/libraries/libavif/default.nix b/pkgs/development/libraries/libavif/default.nix index 27aaef546433..02e069a35290 100644 --- a/pkgs/development/libraries/libavif/default.nix +++ b/pkgs/development/libraries/libavif/default.nix @@ -19,13 +19,13 @@ in stdenv.mkDerivation rec { pname = "libavif"; - version = "1.0.1"; + version = "1.0.2"; src = fetchFromGitHub { owner = "AOMediaCodec"; repo = pname; rev = "v${version}"; - sha256 = "sha256-3zNhKl8REWsRlblXIFD7zn7qvrc/pa4wHZI0oEc3pKE="; + sha256 = "sha256-Ku0UgVBba1tHBzHjx5yf9hRAtbmXf2n4gEdAaGr3qTY="; }; # reco: encode libaom slowest but best, decode dav1d fastest diff --git a/pkgs/development/libraries/libde265/default.nix b/pkgs/development/libraries/libde265/default.nix index 9c1a10f9f5b1..de366da98b96 100644 --- a/pkgs/development/libraries/libde265/default.nix +++ b/pkgs/development/libraries/libde265/default.nix @@ -14,14 +14,14 @@ }: stdenv.mkDerivation (finalAttrs: rec { - version = "1.0.12"; + version = "1.0.14"; pname = "libde265"; src = fetchFromGitHub { owner = "strukturag"; repo = "libde265"; rev = "refs/tags/v${version}"; - hash = "sha256-pl1r3n4T4FcJ4My/wCE54R2fmTdrlJOvgb2U0MZf1BI="; + hash = "sha256-aZRtF4wYWxi/6ORNu7yVxFFdkvJTvBwPinL5lC0Mlqg="; }; nativeBuildInputs = [ autoreconfHook pkg-config ]; diff --git a/pkgs/development/libraries/libdrm/default.nix b/pkgs/development/libraries/libdrm/default.nix index 63a8522bd073..a7ead8f22747 100644 --- a/pkgs/development/libraries/libdrm/default.nix +++ b/pkgs/development/libraries/libdrm/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "libdrm"; - version = "2.4.117"; + version = "2.4.118"; src = fetchurl { url = "https://dri.freedesktop.org/${pname}/${pname}-${version}.tar.xz"; - hash = "sha256-ooiNaePrHIp3rcCKdaYPuuAfDSCNJvA00aEuNiNhJCs="; + hash = "sha256-p3e9hfK1/JxX+IbIIFgwBXgxfK/bx30Kdp1+mpVnq4g="; }; outputs = [ "out" "dev" "bin" ]; diff --git a/pkgs/development/libraries/libedit/default.nix b/pkgs/development/libraries/libedit/default.nix index c36d882c0aeb..f0eb267b05b5 100644 --- a/pkgs/development/libraries/libedit/default.nix +++ b/pkgs/development/libraries/libedit/default.nix @@ -14,6 +14,17 @@ stdenv.mkDerivation rec { # Have `configure' avoid `/usr/bin/nroff' in non-chroot builds. # NROFF = "${groff}/bin/nroff"; + # GCC automatically include `stdc-predefs.h` while Clang does not do + # this by default. While Musl is ISO 10646 compliant, doesn't define + # __STDC_ISO_10646__. This definition is in `stdc-predefs.h` that's + # why libedit builds just fine with GCC and Musl. + # There is a DR to fix this issue with Clang which is not merged + # yet. + # https://reviews.llvm.org/D137043 + NIX_CFLAGS_COMPILE = lib.optional + (stdenv.targetPlatform.isMusl && stdenv.cc.isClang) + "-D__STDC_ISO_10646__=201103L"; + patches = [ ./01-cygwin.patch ]; propagatedBuildInputs = [ ncurses ]; diff --git a/pkgs/development/libraries/libffi/default.nix b/pkgs/development/libraries/libffi/default.nix index 5bfa335314fe..6394a35d782d 100644 --- a/pkgs/development/libraries/libffi/default.nix +++ b/pkgs/development/libraries/libffi/default.nix @@ -22,6 +22,9 @@ stdenv.mkDerivation rec { # cgit) that are needed here should be included directly in Nixpkgs as # files. patches = [ + # Fix implicit function declarations (clang-16 build failure): + # https://github.com/libffi/libffi/pull/764 + ./fix-implicit-fun-decl.patch ]; strictDeps = true; diff --git a/pkgs/development/libraries/libffi/fix-implicit-fun-decl.patch b/pkgs/development/libraries/libffi/fix-implicit-fun-decl.patch new file mode 100644 index 000000000000..c0bd32d4333c --- /dev/null +++ b/pkgs/development/libraries/libffi/fix-implicit-fun-decl.patch @@ -0,0 +1,46 @@ +https://github.com/libffi/libffi/commit/ce077e5565366171aa1b4438749b0922fce887a4.patch + +From ce077e5565366171aa1b4438749b0922fce887a4 Mon Sep 17 00:00:00 2001 +From: serge-sans-paille <serge.guelton@telecom-bretagne.eu> +Date: Thu, 2 Feb 2023 14:46:29 +0000 +Subject: [PATCH] Forward declare open_temp_exec_file (#764) + +It's defined in closures.c and used in tramp.c. +Also declare it as an hidden symbol, as it should be. + +Co-authored-by: serge-sans-paille <sguelton@mozilla.com> +--- + include/ffi_common.h | 4 ++++ + src/tramp.c | 4 ++++ + 2 files changed, 8 insertions(+) + +diff --git a/include/ffi_common.h b/include/ffi_common.h +index 2bd31b03d..c53a79493 100644 +--- a/include/ffi_common.h ++++ b/include/ffi_common.h +@@ -128,6 +128,10 @@ void *ffi_data_to_code_pointer (void *data) FFI_HIDDEN; + static trampoline. */ + int ffi_tramp_is_present (void *closure) FFI_HIDDEN; + ++/* Return a file descriptor of a temporary zero-sized file in a ++ writable and executable filesystem. */ ++int open_temp_exec_file(void) FFI_HIDDEN; ++ + /* Extended cif, used in callback from assembly routine */ + typedef struct + { +diff --git a/src/tramp.c b/src/tramp.c +index 7e005b054..5f19b557f 100644 +--- a/src/tramp.c ++++ b/src/tramp.c +@@ -39,6 +39,10 @@ + #ifdef __linux__ + #define _GNU_SOURCE 1 + #endif ++ ++#include <ffi.h> ++#include <ffi_common.h> ++ + #include <stdio.h> + #include <unistd.h> + #include <stdlib.h> diff --git a/pkgs/development/libraries/libfido2/default.nix b/pkgs/development/libraries/libfido2/default.nix index c14c30c27335..b3c3cc450237 100644 --- a/pkgs/development/libraries/libfido2/default.nix +++ b/pkgs/development/libraries/libfido2/default.nix @@ -14,12 +14,12 @@ stdenv.mkDerivation rec { pname = "libfido2"; - version = "1.13.0"; + version = "1.14.0"; # releases on https://developers.yubico.com/libfido2/Releases/ are signed src = fetchurl { url = "https://developers.yubico.com/${pname}/Releases/${pname}-${version}.tar.gz"; - sha256 = "sha256-UdQ3J+KhxFRMf9DuR3hvRD458TiK2nNaUJrUrwokWco="; + sha256 = "sha256-NgF5LjIAMtQoACxMzoSZpMe4AzGQUaJaDJ8fE4/+5Fo="; }; nativeBuildInputs = [ cmake pkg-config ]; diff --git a/pkgs/development/libraries/libgcrypt/default.nix b/pkgs/development/libraries/libgcrypt/default.nix index 23e11f097054..28cee5c7dfd6 100644 --- a/pkgs/development/libraries/libgcrypt/default.nix +++ b/pkgs/development/libraries/libgcrypt/default.nix @@ -1,7 +1,6 @@ { lib , stdenv , fetchurl -, fetchpatch , gettext , libgpg-error , enableCapabilities ? false, libcap @@ -16,21 +15,13 @@ assert enableCapabilities -> stdenv.isLinux; stdenv.mkDerivation rec { pname = "libgcrypt"; - version = "1.10.2"; + version = "1.10.3"; src = fetchurl { url = "mirror://gnupg/libgcrypt/${pname}-${version}.tar.bz2"; - hash = "sha256-O5wCoAS2jCVq3ZlwHeALODrMzPNxd+DWxYKJZkzODAM="; + hash = "sha256-iwhwiXrFrGfe1Wjc+t9Flpz6imvrD9YK8qnq3Coycqo="; }; - patches = lib.optionals (!stdenv.isLinux) [ # not everywhere to avoid rebuild for now - (fetchpatch { - name = "getrandom-conditionalize.patch"; - url = "https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff_plain;h=d41177937cea4aa1e9042ebcd195a349c40e8071"; - hash = "sha256-CgQjNtC1qLe5LicIc8rESc6Z1u4fk7ErMUVcG/2G9gM="; - }) - ]; - outputs = [ "out" "dev" "info" ]; outputBin = "dev"; diff --git a/pkgs/development/libraries/libgit2/default.nix b/pkgs/development/libraries/libgit2/default.nix index 085c4c79bdc9..d21dbcb7ac0a 100644 --- a/pkgs/development/libraries/libgit2/default.nix +++ b/pkgs/development/libraries/libgit2/default.nix @@ -33,6 +33,10 @@ stdenv.mkDerivation rec { "-DUSE_HTTP_PARSER=system" "-DUSE_SSH=ON" "-DBUILD_SHARED_LIBS=${if staticBuild then "OFF" else "ON"}" + ] ++ lib.optionals stdenv.hostPlatform.isWindows [ + "-DDLLTOOL=${stdenv.cc.bintools.targetPrefix}dlltool" + # For ws2_32, refered to by a `*.pc` file + "-DCMAKE_LIBRARY_PATH=${stdenv.cc.libc}/lib" ]; nativeBuildInputs = [ cmake python3 pkg-config ]; diff --git a/pkgs/development/libraries/libglvnd/default.nix b/pkgs/development/libraries/libglvnd/default.nix index b7ccb7085fb2..a7480d6ffb95 100644 --- a/pkgs/development/libraries/libglvnd/default.nix +++ b/pkgs/development/libraries/libglvnd/default.nix @@ -1,4 +1,5 @@ { stdenv, lib, fetchFromGitLab +, fetchpatch , autoreconfHook, pkg-config, python3, addOpenGLRunpath , libX11, libXext, xorgproto }: @@ -15,6 +16,16 @@ stdenv.mkDerivation rec { sha256 = "sha256-2U9JtpGyP4lbxtVJeP5GUgh5XthloPvFIw28+nldYx8="; }; + patches = [ + # Enable 64-bit file APIs on 32-bit systems: + # https://gitlab.freedesktop.org/glvnd/libglvnd/-/merge_requests/288 + (fetchpatch { + name = "large-file.patch"; + url = "https://gitlab.freedesktop.org/glvnd/libglvnd/-/commit/956d2d3f531841cabfeddd940be4c48b00c226b4.patch"; + hash = "sha256-Y6YCzd/jZ1VZP9bFlHkHjzSwShXeA7iJWdyfxpgT2l0="; + }) + ]; + nativeBuildInputs = [ autoreconfHook pkg-config python3 addOpenGLRunpath ]; buildInputs = [ libX11 libXext xorgproto ]; diff --git a/pkgs/development/libraries/libgnome-keyring/default.nix b/pkgs/development/libraries/libgnome-keyring/default.nix index 775bcf2f2a43..f360e29ec2f2 100644 --- a/pkgs/development/libraries/libgnome-keyring/default.nix +++ b/pkgs/development/libraries/libgnome-keyring/default.nix @@ -15,9 +15,23 @@ stdenv.mkDerivation (finalAttrs: { outputs = [ "out" "dev" ]; + strictDeps = true; propagatedBuildInputs = [ glib dbus libgcrypt ]; nativeBuildInputs = [ pkg-config intltool ]; + configureFlags = [ + # not ideal to use -config scripts but it's not possible switch it to pkg-config + # binaries in dev have a for build shebang + "LIBGCRYPT_CONFIG=${lib.getExe' (lib.getDev libgcrypt) "libgcrypt-config"}" + ]; + + postPatch = '' + # uses pkg-config in some places and uses the correct $PKG_CONFIG in some + # it's an ancient library so it has very old configure scripts and m4 + substituteInPlace ./configure \ + --replace "pkg-config" "$PKG_CONFIG" + ''; + passthru.tests.pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; meta = { diff --git a/pkgs/development/libraries/libksba/default.nix b/pkgs/development/libraries/libksba/default.nix index 9b1716ecc6df..8f22ede81669 100644 --- a/pkgs/development/libraries/libksba/default.nix +++ b/pkgs/development/libraries/libksba/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libksba"; - version = "1.6.4"; + version = "1.6.5"; src = fetchurl { url = "mirror://gnupg/libksba/libksba-${version}.tar.bz2"; - hash = "sha256-u7Q/AyuRZNhseB/+QiE6g79PL+6RRV7fpGVFIbiwO2s="; + hash = "sha256-pWRijFdMmSh5mHU/mNdQur2RpOnbRR9GrRQEZu8qbRY="; }; outputs = [ "out" "dev" "info" ]; diff --git a/pkgs/development/libraries/libnsl/default.nix b/pkgs/development/libraries/libnsl/default.nix index 59e16071ce71..b199406918ab 100644 --- a/pkgs/development/libraries/libnsl/default.nix +++ b/pkgs/development/libraries/libnsl/default.nix @@ -11,6 +11,8 @@ stdenv.mkDerivation rec { sha256 = "sha256-bCToqXVE4RZcoZ2eTNZcVHyzKlWyIpSAssQCOZcfmEA="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ autoreconfHook pkg-config ]; buildInputs = [ libtirpc ]; diff --git a/pkgs/development/libraries/libsigcxx/3.0.nix b/pkgs/development/libraries/libsigcxx/3.0.nix index 9ed8a3fd4c3f..5515901a1cf2 100644 --- a/pkgs/development/libraries/libsigcxx/3.0.nix +++ b/pkgs/development/libraries/libsigcxx/3.0.nix @@ -16,6 +16,8 @@ stdenv.mkDerivation rec { sha256 = "w9I7N9/W458uCfCRt3sVQfv6F8Twtr9cibrvcikIDhc="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config meson diff --git a/pkgs/development/libraries/libsigcxx/default.nix b/pkgs/development/libraries/libsigcxx/default.nix index 3afb588af1b1..c73cbaa55dc3 100644 --- a/pkgs/development/libraries/libsigcxx/default.nix +++ b/pkgs/development/libraries/libsigcxx/default.nix @@ -9,6 +9,8 @@ stdenv.mkDerivation rec { sha256 = "sha256-qdvuMjNR0Qm3ruB0qcuJyj57z4rY7e8YUfTPNZvVCEM="; }; + outputs = [ "out" "dev" ]; + nativeBuildInputs = [ pkg-config meson ninja ]; doCheck = true; diff --git a/pkgs/development/libraries/libsodium/default.nix b/pkgs/development/libraries/libsodium/default.nix index b3a00d89a5d5..5ecd27f60078 100644 --- a/pkgs/development/libraries/libsodium/default.nix +++ b/pkgs/development/libraries/libsodium/default.nix @@ -1,21 +1,29 @@ -{ lib, stdenv, fetchurl, autoreconfHook +{ lib, stdenv, fetchurl, fetchpatch, autoreconfHook , testers }: stdenv.mkDerivation (finalAttrs: { pname = "libsodium"; - version = "1.0.18"; + version = "1.0.19"; src = fetchurl { url = "https://download.libsodium.org/libsodium/releases/${finalAttrs.pname}-${finalAttrs.version}.tar.gz"; - sha256 = "1h9ncvj23qbbni958knzsli8dvybcswcjbx0qjjgi922nf848l3g"; + hash = "sha256-AY15/goEXMoHMx03vQy1ey6DjFG8SP2DehRy5QBou+o="; }; outputs = [ "out" "dev" ]; - patches = lib.optional stdenv.hostPlatform.isMinGW ./mingw-no-fortify.patch; - - nativeBuildInputs = lib.optional stdenv.hostPlatform.isMinGW autoreconfHook; + patches = [ + # Drop -Ofast as it breaks floating point arithmetics in downstream + # users. + (fetchpatch { + name = "drop-Ofast.patch"; + url = "https://github.com/jedisct1/libsodium/commit/ffd1e374989197b44d815ac8b5d8f0b43b6ce534.patch"; + hash = "sha256-jG0VirIoFBwYmRx6zHSu2xe6pXYwbeqNVhPJxO6eJEY="; + }) + ] ++ lib.optional stdenv.hostPlatform.isMinGW ./mingw-no-fortify.patch; + + nativeBuildInputs = [ autoreconfHook ]; separateDebugInfo = stdenv.isLinux && stdenv.hostPlatform.libc != "musl"; diff --git a/pkgs/development/libraries/libusb1/default.nix b/pkgs/development/libraries/libusb1/default.nix index 1f768a2cb261..57ceb5b444df 100644 --- a/pkgs/development/libraries/libusb1/default.nix +++ b/pkgs/development/libraries/libusb1/default.nix @@ -33,6 +33,9 @@ stdenv.mkDerivation rec { dontDisableStatic = withStatic; + # libusb-1.0.rc:11: fatal error: opening dependency file .deps/libusb-1.0.Tpo: No such file or directory + dontAddDisableDepTrack = stdenv.hostPlatform.isWindows; + configureFlags = lib.optional (!enableUdev) "--disable-udev" ++ lib.optional (withExamples) "--enable-examples-build"; diff --git a/pkgs/development/libraries/libuv/default.nix b/pkgs/development/libraries/libuv/default.nix index d8b7cbdab521..d7fbea913ca0 100644 --- a/pkgs/development/libraries/libuv/default.nix +++ b/pkgs/development/libraries/libuv/default.nix @@ -1,13 +1,10 @@ { stdenv , lib , fetchFromGitHub -, fetchpatch , autoconf , automake , libtool , pkg-config -, ApplicationServices -, CoreServices , pkgsStatic # for passthru.tests @@ -21,28 +18,20 @@ , nodejs , ocamlPackages , python3 +, testers }: stdenv.mkDerivation (finalAttrs: { - version = "1.46.0"; + version = "1.47.0"; pname = "libuv"; src = fetchFromGitHub { owner = "libuv"; repo = "libuv"; rev = "v${finalAttrs.version}"; - sha256 = "sha256-Lrsyh4qd3OkTw1cSPfahzfSGNt6+pRN1X21iiv1SsFo="; + hash = "sha256-J6qvq///A/tr+/vNRVCwCc80/VHKWQTYF6Mt1I+dBCU="; }; - patches = [ - # Disable io_uring close on selected kernels. Remove on next release - # https://github.com/libuv/libuv/pull/4141 - (fetchpatch { - url = "https://github.com/libuv/libuv/commit/c811169f91b2101f7302e96de3d2dc366ade3a25.patch"; - hash = "sha256-7vk6XGXwJcwYUQPqIJ3JPd/fPIGrjE5WRDSJCMQfKeU="; - }) - ]; - outputs = [ "out" "dev" ]; postPatch = let @@ -50,7 +39,7 @@ stdenv.mkDerivation (finalAttrs: { "getnameinfo_basic" "udp_send_hang_loop" # probably network-dependent "tcp_connect_timeout" # tries to reach out to 8.8.8.8 "spawn_setuid_fails" "spawn_setgid_fails" "fs_chown" # user namespaces - "getaddrinfo_fail" "getaddrinfo_fail_sync" + "getaddrinfo_fail" "getaddrinfo_fail_sync" "tcp_connect6_link_local" "threadpool_multiple_event_loops" # times out on slow machines "get_passwd" # passed on NixOS but failed on other Linuxes "tcp_writealot" "udp_multicast_join" "udp_multicast_join6" "metrics_pool_events" # times out sometimes @@ -91,7 +80,6 @@ stdenv.mkDerivation (finalAttrs: { ''; nativeBuildInputs = [ automake autoconf libtool pkg-config ]; - buildInputs = lib.optionals stdenv.isDarwin [ ApplicationServices CoreServices ]; preConfigure = '' LIBTOOLIZE=libtoolize ./autogen.sh @@ -119,12 +107,14 @@ stdenv.mkDerivation (finalAttrs: { python-pyuv = python3.pkgs.pyuv; python-uvloop = python3.pkgs.uvloop; static = pkgsStatic.libuv; + pkg-config = testers.testMetaPkgConfig finalAttrs.finalPackage; }; meta = with lib; { description = "A multi-platform support library with a focus on asynchronous I/O"; homepage = "https://libuv.org/"; changelog = "https://github.com/libuv/libuv/blob/v${finalAttrs.version}/ChangeLog"; + pkgConfigModules = [ "libuv" ]; maintainers = with maintainers; [ marsam ]; platforms = platforms.all; license = with licenses; [ mit isc bsd2 bsd3 cc-by-40 ]; diff --git a/pkgs/development/libraries/libxslt/default.nix b/pkgs/development/libraries/libxslt/default.nix index 356f87ff264b..dbca7f7fc2b7 100644 --- a/pkgs/development/libraries/libxslt/default.nix +++ b/pkgs/development/libraries/libxslt/default.nix @@ -17,14 +17,14 @@ stdenv.mkDerivation rec { pname = "libxslt"; - version = "1.1.38"; + version = "1.1.39"; outputs = [ "bin" "dev" "out" "doc" "devdoc" ] ++ lib.optional pythonSupport "py"; outputMan = "bin"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "HzJFBCWBmgmsr/Krelp/ii7HlW5QXXvutF6EPQ4eyrE="; + hash = "sha256-KiCtYhFIM5sHWcTU6WcZNi3uZMmgltu6YlugU4RjSfA="; }; strictDeps = true; diff --git a/pkgs/development/libraries/newt/default.nix b/pkgs/development/libraries/newt/default.nix index ea3bc808a0bb..e5dbb563cfb5 100644 --- a/pkgs/development/libraries/newt/default.nix +++ b/pkgs/development/libraries/newt/default.nix @@ -5,11 +5,11 @@ let in stdenv.mkDerivation rec { pname = "newt"; - version = "0.52.23"; + version = "0.52.24"; src = fetchurl { url = "https://releases.pagure.org/${pname}/${pname}-${version}.tar.gz"; - sha256 = "sha256-yqNykHsU7Oz+KY8NUSpi9B0zspBhAkSliu0Hu8WtoSo="; + sha256 = "sha256-Xe1+Ih+F9kJSHEmxgmyN4ZhFqjcrr11jClF3S1RPvbs="; }; postPatch = '' @@ -50,11 +50,11 @@ stdenv.mkDerivation rec { ''; meta = with lib; { - homepage = "https://pagure.io/newt"; description = "Library for color text mode, widget based user interfaces"; - + homepage = "https://pagure.io/newt"; + changelog = "https://pagure.io/newt/blob/master/f/CHANGES"; license = licenses.lgpl2; platforms = platforms.unix; - maintainers = [ maintainers.viric ]; + maintainers = with maintainers; [ viric ]; }; } diff --git a/pkgs/development/libraries/nlohmann_json/default.nix b/pkgs/development/libraries/nlohmann_json/default.nix index 29c7ca2c690b..6f3ce7b3c5fe 100644 --- a/pkgs/development/libraries/nlohmann_json/default.nix +++ b/pkgs/development/libraries/nlohmann_json/default.nix @@ -1,7 +1,6 @@ { stdenv , lib , fetchFromGitHub -, fetchpatch , cmake }: let @@ -13,33 +12,15 @@ let }; in stdenv.mkDerivation (finalAttrs: { pname = "nlohmann_json"; - version = "3.11.2"; + version = "3.11.3"; src = fetchFromGitHub { owner = "nlohmann"; repo = "json"; rev = "v${finalAttrs.version}"; - hash = "sha256-SUdhIV7tjtacf5DkoWk9cnkfyMlrkg8ZU7XnPZd22Tw="; + hash = "sha256-7F0Jon+1oWL7uqet5i1IgHX0fUw/+z0QwEcA3zs5xHg="; }; - patches = [ - # Backport fix for gcc-13: - # https://github.com/nlohmann/json/pull/3895 - (fetchpatch { - name = "gcc-13-rebind.patch"; - url = "https://github.com/nlohmann/json/commit/a5b09d50b786638ed9deb09ef13860a3cb64eb6b.patch"; - hash = "sha256-Jbi0VwZP+ZHTGbpIwgKCVc66gOmwjkT5iOUe85eIzM0="; - }) - - # Backport fix for gcc-13: - # https://github.com/nlohmann/json/pull/3950 - (fetchpatch { - name = "gcc-13-eq-op.patch"; - url = "https://github.com/nlohmann/json/commit/a49829bd984c0282be18fcec070df0c31bf77dd5.patch"; - hash = "sha256-D+cRtdN6AXr4z3/y9Ui7Zqp3e/y10tp+DOL80ZtPz5E="; - }) - ]; - nativeBuildInputs = [ cmake ]; cmakeFlags = [ diff --git a/pkgs/development/libraries/nss/esr.nix b/pkgs/development/libraries/nss/esr.nix index fe3cc87192af..55e09511aab1 100644 --- a/pkgs/development/libraries/nss/esr.nix +++ b/pkgs/development/libraries/nss/esr.nix @@ -1,4 +1,4 @@ import ./generic.nix { version = "3.90"; - hash = "sha256-ms1lNMQdjq0Z/Kb8s//+0vnwnEN8PXn+5qTuZoqqk7Y="; + hash = "sha256-ZEG6ZcEymQ8Yw02ziT2LFWuvwZ1rRuT93rRHGYM22yQ="; } diff --git a/pkgs/development/libraries/nss/generic.nix b/pkgs/development/libraries/nss/generic.nix index 592dbffbdffc..82bbd2f4a13f 100644 --- a/pkgs/development/libraries/nss/generic.nix +++ b/pkgs/development/libraries/nss/generic.nix @@ -1,7 +1,7 @@ -{ version, hash }: +{ version, hash, github ? false }: { lib , stdenv -, fetchurl +, fetchFromGitHub , nspr , perl , zlib @@ -26,8 +26,10 @@ stdenv.mkDerivation rec { pname = "nss"; inherit version; - src = fetchurl { - url = "mirror://mozilla/security/nss/releases/NSS_${underscoreVersion}_RTM/src/${pname}-${version}.tar.gz"; + src = fetchFromGitHub { + owner = "nss-dev"; + repo = "nss"; + rev = "NSS_${lib.replaceStrings ["."] ["_"] version}_RTM"; inherit hash; }; @@ -50,25 +52,21 @@ stdenv.mkDerivation rec { ./remove-c25519-support.patch ]; - patchFlags = [ "-p0" ]; - postPatch = '' - patchShebangs nss + patchShebangs . - for f in nss/coreconf/config.gypi nss/build.sh; do + for f in coreconf/config.gypi build.sh; do substituteInPlace "$f" --replace "/usr/bin/env" "${buildPackages.coreutils}/bin/env" done - substituteInPlace nss/coreconf/config.gypi --replace "/usr/bin/grep" "${buildPackages.coreutils}/bin/env grep" + substituteInPlace coreconf/config.gypi --replace "/usr/bin/grep" "${buildPackages.coreutils}/bin/env grep" '' + lib.optionalString stdenv.hostPlatform.isDarwin '' - substituteInPlace nss/coreconf/Darwin.mk --replace '@executable_path/$(notdir $@)' "$out/lib/\$(notdir \$@)" - substituteInPlace nss/coreconf/config.gypi --replace "'DYLIB_INSTALL_NAME_BASE': '@executable_path'" "'DYLIB_INSTALL_NAME_BASE': '$out/lib'" + substituteInPlace coreconf/Darwin.mk --replace '@executable_path/$(notdir $@)' "$out/lib/\$(notdir \$@)" + substituteInPlace coreconf/config.gypi --replace "'DYLIB_INSTALL_NAME_BASE': '@executable_path'" "'DYLIB_INSTALL_NAME_BASE': '$out/lib'" ''; outputs = [ "out" "dev" "tools" ]; - preConfigure = "cd nss"; - buildPhase = let getArch = platform: diff --git a/pkgs/development/libraries/nss/latest.nix b/pkgs/development/libraries/nss/latest.nix index 9244978061ee..a759e2c86f5e 100644 --- a/pkgs/development/libraries/nss/latest.nix +++ b/pkgs/development/libraries/nss/latest.nix @@ -6,5 +6,5 @@ import ./generic.nix { version = "3.95"; - hash = "sha256-RpiI5B6KeABRzgDtzZFOimvTjaiKgs+4SJjdOIY1gio="; + hash = "sha256-qgSbzlRbU+gElC2ae3FEGRUFSM1JHd/lNGNXC0x4xt4="; } diff --git a/pkgs/development/libraries/nuspell/default.nix b/pkgs/development/libraries/nuspell/default.nix index 5ef4f676aebc..c9e6aeeba363 100644 --- a/pkgs/development/libraries/nuspell/default.nix +++ b/pkgs/development/libraries/nuspell/default.nix @@ -1,18 +1,18 @@ -{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, icu, catch2 }: +{ lib, stdenv, fetchFromGitHub, cmake, pkg-config, icu, catch2_3 }: stdenv.mkDerivation rec { pname = "nuspell"; - version = "5.1.3"; + version = "5.1.4"; src = fetchFromGitHub { owner = "nuspell"; repo = "nuspell"; rev = "v${version}"; - hash = "sha256-ww7Kqzlnf7065i9RZLeFDUOPBMCVgV/6sBnN0+WvBTk="; + hash = "sha256-KteLH031QP8MunQXsodzsPhD/YN9n3O7b2kb/1mFQRY="; }; nativeBuildInputs = [ cmake pkg-config ]; - buildInputs = [ catch2 ]; + buildInputs = [ catch2_3 ]; propagatedBuildInputs = [ icu ]; cmakeFlags = [ "-DBUILD_TESTING=YES" ]; diff --git a/pkgs/development/libraries/openh264/default.nix b/pkgs/development/libraries/openh264/default.nix index 479ffbc78eee..c250b31ecd71 100644 --- a/pkgs/development/libraries/openh264/default.nix +++ b/pkgs/development/libraries/openh264/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "openh264"; - version = "2.3.1"; + version = "2.4.0"; src = fetchFromGitHub { owner = "cisco"; repo = pname; rev = "v${version}"; - sha256 = "sha256-L5u0xkoza3G1ZHdtJH7ayVOgcVbPWYp7MC3lJd7LsSY="; + hash = "sha256-vPVHXATsSWmqKOAj09WRR5jCi2NU2lq0j4K15KBzARY="; }; nativeBuildInputs = [ nasm ]; diff --git a/pkgs/development/libraries/p11-kit/default.nix b/pkgs/development/libraries/p11-kit/default.nix index 1d089774cc67..1e01ed4a607a 100644 --- a/pkgs/development/libraries/p11-kit/default.nix +++ b/pkgs/development/libraries/p11-kit/default.nix @@ -16,13 +16,14 @@ stdenv.mkDerivation rec { pname = "p11-kit"; - version = "0.25.0"; + version = "0.25.3"; src = fetchFromGitHub { owner = "p11-glue"; repo = pname; rev = version; - hash = "sha256-paLiRYgYshuedgDgW2nEsv4/Loq6qFyQMjfBJwqtHzw="; + hash = "sha256-zIbkw0pwt4TdyjncnSDeTN6Gsx7cc+x7Un4rnagZxQk="; + fetchSubmodules = true; }; outputs = [ "out" "bin" "dev" ]; diff --git a/pkgs/development/libraries/physics/fastjet-contrib/default.nix b/pkgs/development/libraries/physics/fastjet-contrib/default.nix index b61db08457fd..3c4e8008639c 100644 --- a/pkgs/development/libraries/physics/fastjet-contrib/default.nix +++ b/pkgs/development/libraries/physics/fastjet-contrib/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { for f in Makefile.in */Makefile; do substituteInPlace "$f" --replace "CXX=g++" "" done - patchShebangs ./configure ./utils/check.sh ./utils/install-sh + patchShebangs ./utils/check.sh ./utils/install-sh ''; # Written in shell manually, does not support autoconf-style diff --git a/pkgs/development/libraries/physics/pythia/default.nix b/pkgs/development/libraries/physics/pythia/default.nix index 0916eae24669..917dbf40a37d 100644 --- a/pkgs/development/libraries/physics/pythia/default.nix +++ b/pkgs/development/libraries/physics/pythia/default.nix @@ -13,10 +13,6 @@ stdenv.mkDerivation rec { ++ lib.optionals stdenv.isDarwin [ fixDarwinDylibNames ]; buildInputs = [ boost fastjet hepmc zlib lhapdf ]; - preConfigure = '' - patchShebangs ./configure - ''; - configureFlags = [ "--enable-shared" "--with-lhapdf6=${lhapdf}" diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index 3876a5c892a0..5d0ffee503b8 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -81,7 +81,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.84"; + version = "1.0.0"; outputs = [ "out" @@ -97,7 +97,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-9W9y+wtS/CYUaPRrCRmRDeyvuS1XllMBNQLy6GAMqBM="; + sha256 = "sha256-mfnMluxJAxDbB6JlIM6HJ0zg7e1q3ia3uFbht6zeHCk="; }; patches = [ @@ -189,6 +189,7 @@ let "-Dsdl2=disabled" # required only to build examples, causes dependency loop "-Drlimits-install=false" # installs to /etc, we won't use this anyway "-Dcompress-offload=enabled" + "-Dman=enabled" ]; # Fontconfig error: Cannot load default config file @@ -197,7 +198,7 @@ let doCheck = true; postUnpack = '' - patchShebangs source/doc/input-filter.sh + patchShebangs source/doc/*.py patchShebangs source/doc/input-filter-h.sh ''; diff --git a/pkgs/development/libraries/qpdf/default.nix b/pkgs/development/libraries/qpdf/default.nix index d80309f2b16b..2cabf5022844 100644 --- a/pkgs/development/libraries/qpdf/default.nix +++ b/pkgs/development/libraries/qpdf/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "qpdf"; - version = "11.6.1"; + version = "11.6.3"; src = fetchFromGitHub { owner = "qpdf"; repo = "qpdf"; rev = "v${version}"; - hash = "sha256-QXRzvSMi6gKISJo44KIjTYENNqxh1yDhUUhEZa8uz6Q="; + hash = "sha256-asGNZ/5iEkyIjRO9FECV1bN4k/YHv4/7I125BUr9+fE="; }; nativeBuildInputs = [ cmake perl ]; diff --git a/pkgs/development/libraries/readline/readline-8.2-patches.nix b/pkgs/development/libraries/readline/readline-8.2-patches.nix index 48d2bd14badb..bc075df237c7 100644 --- a/pkgs/development/libraries/readline/readline-8.2-patches.nix +++ b/pkgs/development/libraries/readline/readline-8.2-patches.nix @@ -2,4 +2,10 @@ patch: [ (patch "001" "1xxgfgr6hn3ads8m8xsrdi1kbx1f3s69k0danpd9x4haqhg7zydv") +(patch "002" "0ly0siy6qy3l7hv12847adpfa34yq1w4qz9qkw6vrxv25j106rg0") +(patch "003" "1c5cwvvkx9mfmpaapymq9cavmzh4fnagkjlchsqx4vml8sx8gx94") +(patch "004" "1b15sndx9v5vj3x1f3h73099nlagknx4rbfpd5ldrbw2xgm2wmvr") +(patch "005" "16ac25jz1a1mgkpfp1sydqf6qpsfh0s0dcmrnjpqbhg5va3s6av2") +(patch "006" "18gmh6y3klh0vv28cyqz4is3rlb32pl7f1kf5r482kfjq3w5zd67") +(patch "007" "1xmnpahs983n4w0gn3j0wr8nh1dpva33yj7fvfmhm46ph2wsa4ar") ] diff --git a/pkgs/development/libraries/science/math/openblas/default.nix b/pkgs/development/libraries/science/math/openblas/default.nix index 3fc533e848db..c5b9f9019e06 100644 --- a/pkgs/development/libraries/science/math/openblas/default.nix +++ b/pkgs/development/libraries/science/math/openblas/default.nix @@ -141,7 +141,7 @@ let in stdenv.mkDerivation rec { pname = "openblas"; - version = "0.3.24"; + version = "0.3.25"; outputs = [ "out" "dev" ]; @@ -149,7 +149,7 @@ stdenv.mkDerivation rec { owner = "xianyi"; repo = "OpenBLAS"; rev = "v${version}"; - sha256 = "sha256-IuXhrZRB3o7kbnivv/6En/aAeF2F18sQw9pKs1WEJc4="; + hash = "sha256-eY/R7gLDOls3csuwZkUS+x+v3GeL3dCsOD+4STxDpCg="; }; postPatch = '' diff --git a/pkgs/development/libraries/silgraphite/graphite2.nix b/pkgs/development/libraries/silgraphite/graphite2.nix index 5e7358fa15f9..ec44d80d04a8 100644 --- a/pkgs/development/libraries/silgraphite/graphite2.nix +++ b/pkgs/development/libraries/silgraphite/graphite2.nix @@ -28,6 +28,10 @@ stdenv.mkDerivation rec { # https://github.com/silnrsi/graphite/pull/74 substituteInPlace tests/CMakeLists.txt \ --replace 'add_subdirectory(nametabletest)' '#add_subdirectory(nametabletest)' + + # support cross-compilation by using target readelf binary: + substituteInPlace Graphite.cmake \ + --replace 'readelf' "${stdenv.cc.targetPrefix}readelf" ''; cmakeFlags = lib.optionals static [ diff --git a/pkgs/development/libraries/sord/default.nix b/pkgs/development/libraries/sord/default.nix index 54ae9261f810..6ce3ca60c0f5 100644 --- a/pkgs/development/libraries/sord/default.nix +++ b/pkgs/development/libraries/sord/default.nix @@ -4,21 +4,22 @@ , fetchFromGitHub , meson , ninja -, pcre +, pcre2 , pkg-config , python3 , serd +, zix }: stdenv.mkDerivation rec { pname = "sord"; - version = "0.16.14"; + version = "0.16.16"; src = fetchFromGitHub { owner = "drobilla"; repo = pname; rev = "v${version}"; - hash = "sha256-S22Szpg6iXeana5t6EpbOtRstthgrJ4Z2cBrf7a9ZBk="; + hash = "sha256-GDs1m8KoEhJDdCf7kacQMZzCNPoZhESJds6KupQvOkU="; }; outputs = [ "out" "dev" "doc" "man" ]; @@ -30,8 +31,8 @@ stdenv.mkDerivation rec { pkg-config python3 ]; - buildInputs = [ pcre ]; - propagatedBuildInputs = [ serd ]; + buildInputs = [ pcre2 ]; + propagatedBuildInputs = [ serd zix ]; doCheck = true; diff --git a/pkgs/development/libraries/xsimd/default.nix b/pkgs/development/libraries/xsimd/default.nix index 8b53db0388fe..c1be468a4208 100644 --- a/pkgs/development/libraries/xsimd/default.nix +++ b/pkgs/development/libraries/xsimd/default.nix @@ -7,12 +7,12 @@ stdenv.mkDerivation (finalAttrs: { pname = "xsimd"; - version = "11.1.0"; + version = "11.2.0"; src = fetchFromGitHub { owner = "xtensor-stack"; repo = "xsimd"; rev = finalAttrs.version; - sha256 = "sha256-l6IRzndjb95hIcFCCm8zmlNHWtKduqy2t/oml/9Xp+w="; + sha256 = "sha256-CzgfxXGZXoJ56dX+mDPsHZC31YudrZXpX2tovh/Vjr0="; }; patches = [ # Ideally, Accelerate/Accelerate.h should be used for this implementation, diff --git a/pkgs/development/libraries/zeromq/4.x.nix b/pkgs/development/libraries/zeromq/4.x.nix index 6a0e173db3a9..2a4119e0fe22 100644 --- a/pkgs/development/libraries/zeromq/4.x.nix +++ b/pkgs/development/libraries/zeromq/4.x.nix @@ -26,6 +26,12 @@ stdenv.mkDerivation rec { cmakeFlags = lib.optional enableDrafts "-DENABLE_DRAFTS=ON"; + postPatch = '' + substituteInPlace CMakeLists.txt \ + --replace '$'{prefix}/'$'{CMAKE_INSTALL_LIBDIR} '$'{CMAKE_INSTALL_FULL_LIBDIR} \ + --replace '$'{prefix}/'$'{CMAKE_INSTALL_INCLUDEDIR} '$'{CMAKE_INSTALL_FULL_INCLUDEDIR} + ''; + meta = with lib; { branch = "4"; homepage = "http://www.zeromq.org"; diff --git a/pkgs/development/ocaml-modules/javalib/default.nix b/pkgs/development/ocaml-modules/javalib/default.nix index 5675e10dbad1..fbe2d71fcd00 100644 --- a/pkgs/development/ocaml-modules/javalib/default.nix +++ b/pkgs/development/ocaml-modules/javalib/default.nix @@ -30,8 +30,6 @@ stdenv.mkDerivation rec { createFindlibDestdir = true; - preConfigure = "patchShebangs ./configure.sh"; - configureScript = "./configure.sh"; dontAddPrefix = "true"; dontAddStaticConfigureFlags = true; diff --git a/pkgs/development/ocaml-modules/sawja/default.nix b/pkgs/development/ocaml-modules/sawja/default.nix index a5d042fc1907..ab21f11fa31f 100644 --- a/pkgs/development/ocaml-modules/sawja/default.nix +++ b/pkgs/development/ocaml-modules/sawja/default.nix @@ -29,8 +29,6 @@ stdenv.mkDerivation { createFindlibDestdir = true; - preConfigure = "patchShebangs ./configure.sh"; - configureScript = "./configure.sh"; dontAddPrefix = "true"; dontAddStaticConfigureFlags = true; diff --git a/pkgs/development/python-modules/cryptography/default.nix b/pkgs/development/python-modules/cryptography/default.nix index aa762e315c13..4acb8c6dcd19 100644 --- a/pkgs/development/python-modules/cryptography/default.nix +++ b/pkgs/development/python-modules/cryptography/default.nix @@ -29,20 +29,21 @@ let in buildPythonPackage rec { pname = "cryptography"; - version = "41.0.3"; # Also update the hash in vectors.nix - format = "pyproject"; + version = "41.0.7"; # Also update the hash in vectors.nix + pyproject = true; + disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-bRknQRE+9eMNidy1uVbvThV48wRwhwG4tz044+FGHzQ="; + hash = "sha256-E/k86b6oAWwlOzSvxr1qdZk+XEBnLtVAWpyDLw1KALw="; }; cargoDeps = rustPlatform.fetchCargoTarball { inherit src; sourceRoot = "${pname}-${version}/${cargoRoot}"; name = "${pname}-${version}"; - hash = "sha256-LQu7waympGUs+CZun2yDQd2gUUAgyisKBG5mddrfSo0="; + hash = "sha256-VeZhKisCPDRvmSjGNwCgJJeVj65BZ0Ge+yvXbZw86Rw="; }; postPatch = '' diff --git a/pkgs/development/python-modules/cryptography/vectors.nix b/pkgs/development/python-modules/cryptography/vectors.nix index ff8bfa05ed51..c02e4d3bcf7e 100644 --- a/pkgs/development/python-modules/cryptography/vectors.nix +++ b/pkgs/development/python-modules/cryptography/vectors.nix @@ -9,12 +9,12 @@ buildPythonPackage rec { pname = "cryptography-vectors"; # The test vectors must have the same version as the cryptography package inherit (cryptography) version; - format = "pyproject"; + pyproject = true; src = fetchPypi { pname = "cryptography_vectors"; inherit version; - hash = "sha256-gN4EUsSzT1b1UY6B69dba5BfVyiq7VIdQuQfTryKQ/s="; + hash = "sha256-ezb5drbljMGAExDhyTxYTGU503Haf4U47dj8Rj3IDVs="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/gevent/default.nix b/pkgs/development/python-modules/gevent/default.nix index 938cb99cf8fa..52e058df47b1 100644 --- a/pkgs/development/python-modules/gevent/default.nix +++ b/pkgs/development/python-modules/gevent/default.nix @@ -1,6 +1,5 @@ { lib , fetchPypi -, fetchpatch , buildPythonPackage , isPyPy , python @@ -14,29 +13,26 @@ , zope_event , zope_interface , pythonOlder + +# for passthru.tests +, dulwich +, gunicorn +, opentracing +, pika }: buildPythonPackage rec { pname = "gevent"; - version = "22.10.2"; + version = "23.9.1"; format = "pyproject"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-HKAdoXbuN7NSeicC99QNvJ/7jPx75aA7+k+e7EXlXEY="; + hash = "sha256-csACI1OQ1G+Uk4qWkg2IVtT/2d32KjA6DXwRiJQJfjQ="; }; - patches = [ - # Replace deprecated pkg_resources with importlib-metadata - (fetchpatch { - url = "https://github.com/gevent/gevent/commit/bd96d8e14dc99f757de22ab4bb98439f912dab1e.patch"; - hash = "sha256-Y+cxIScuEgAVYmmxBJ8OI+JuJ4G+iiROTcRdWglo3l0="; - includes = [ "src/gevent/events.py" ]; - }) - ]; - nativeBuildInputs = [ cython_3 setuptools @@ -65,6 +61,14 @@ buildPythonPackage rec { "gevent.events" ]; + passthru.tests = { + inherit + dulwich + gunicorn + opentracing + pika; + } // lib.filterAttrs (k: v: lib.hasInfix "gevent" k) python.pkgs; + meta = with lib; { description = "Coroutine-based networking library"; homepage = "http://www.gevent.org/"; diff --git a/pkgs/development/python-modules/grpcio-status/default.nix b/pkgs/development/python-modules/grpcio-status/default.nix index e7d6fd550958..0915851d7a70 100644 --- a/pkgs/development/python-modules/grpcio-status/default.nix +++ b/pkgs/development/python-modules/grpcio-status/default.nix @@ -9,14 +9,14 @@ buildPythonPackage rec { pname = "grpcio-status"; - version = "1.59.0"; + version = "1.59.3"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-+TucM+CiYWLvhDG/z/zD4fshfM2Ne1swYbbp+BPmmLU="; + hash = "sha256-ZcOUukM4DWvfjATGHvxJMQS1U1VSrtNYF6G03GZZih8="; }; postPatch = '' diff --git a/pkgs/development/python-modules/grpcio-tools/default.nix b/pkgs/development/python-modules/grpcio-tools/default.nix index cd0b0abcb121..9c808eb8d718 100644 --- a/pkgs/development/python-modules/grpcio-tools/default.nix +++ b/pkgs/development/python-modules/grpcio-tools/default.nix @@ -2,12 +2,12 @@ buildPythonPackage rec { pname = "grpcio-tools"; - version = "1.59.0"; + version = "1.59.3"; format = "setuptools"; src = fetchPypi { inherit pname version; - hash = "sha256-qkAY8thmKsTZgwRF09JToRs+CW6K/iCGVUcTeqEWDpM="; + hash = "sha256-zRYKxCgc0a53osiAN3p3KDSTQLTJHiQoUDe1fBjp9lE="; }; postPatch = '' diff --git a/pkgs/development/python-modules/grpcio/default.nix b/pkgs/development/python-modules/grpcio/default.nix index e8ea37c90448..a003d4659d60 100644 --- a/pkgs/development/python-modules/grpcio/default.nix +++ b/pkgs/development/python-modules/grpcio/default.nix @@ -1,5 +1,7 @@ -{ lib, stdenv +{ lib +, stdenv , buildPythonPackage +, fetchPypi , grpc , six , protobuf @@ -14,9 +16,14 @@ }: buildPythonPackage rec { - inherit (grpc) src version; pname = "grpcio"; format = "setuptools"; + version = "1.59.3"; + + src = fetchPypi { + inherit pname version; + hash = "sha256-eAD5lWinSgbr3M1BndG25jm0d9yvbad+pwL4+xTOX4A="; + }; outputs = [ "out" "dev" ]; diff --git a/pkgs/development/python-modules/gst-python/default.nix b/pkgs/development/python-modules/gst-python/default.nix index abc5d52ece6d..16f99016fed3 100644 --- a/pkgs/development/python-modules/gst-python/default.nix +++ b/pkgs/development/python-modules/gst-python/default.nix @@ -14,7 +14,7 @@ buildPythonPackage rec { pname = "gst-python"; - version = "1.22.6"; + version = "1.22.7"; format = "other"; @@ -22,7 +22,7 @@ buildPythonPackage rec { src = fetchurl { url = "${meta.homepage}/src/gst-python/${pname}-${version}.tar.xz"; - hash = "sha256-Ud4tbROxLOCV6sl8C5TuWcKuujcSu3Rit4xNV93hdsU="; + hash = "sha256-HvjfdggBL6RpMpeZyVDsCHc3ptq60wA8IwZYtYxxAXI="; }; # Python 2.x is not supported. diff --git a/pkgs/development/python-modules/numpy/default.nix b/pkgs/development/python-modules/numpy/default.nix index 82ceee47d066..62ffc91e8767 100644 --- a/pkgs/development/python-modules/numpy/default.nix +++ b/pkgs/development/python-modules/numpy/default.nix @@ -11,6 +11,7 @@ , cython_3 , gfortran , meson-python +, mesonEmulatorHook , pkg-config , xcbuild @@ -83,6 +84,10 @@ in buildPythonPackage rec { rm numpy/core/tests/test_cython.py patchShebangs numpy/_build_utils/*.py + + # remove needless reference to full Python path stored in built wheel + substituteInPlace numpy/meson.build \ + --replace 'py.full_path()' "'python'" ''; nativeBuildInputs = [ @@ -92,6 +97,8 @@ in buildPythonPackage rec { pkg-config ] ++ lib.optionals (stdenv.isDarwin) [ xcbuild.xcrun + ] ++ lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [ + mesonEmulatorHook ]; buildInputs = [ @@ -110,6 +117,11 @@ in buildPythonPackage rec { export OMP_NUM_THREADS=$((NIX_BUILD_CORES > 64 ? 64 : NIX_BUILD_CORES)) ''; + # HACK: copy mesonEmulatorHook's flags to the variable used by meson-python + postConfigure = '' + mesonFlags="$mesonFlags ''${mesonFlagsArray[@]}" + ''; + preBuild = '' ln -s ${cfg} site.cfg ''; diff --git a/pkgs/development/python-modules/pyqt-builder/default.nix b/pkgs/development/python-modules/pyqt-builder/default.nix index 345b5aa13a1e..ad1ed8e17038 100644 --- a/pkgs/development/python-modules/pyqt-builder/default.nix +++ b/pkgs/development/python-modules/pyqt-builder/default.nix @@ -9,13 +9,13 @@ buildPythonPackage rec { pname = "pyqt-builder"; - version = "1.15.2"; + version = "1.15.3"; format = "pyproject"; src = fetchPypi { pname = "PyQt-builder"; inherit version; - hash = "sha256-dGz+g8A+v/RFjUeKHAZxR5Dvk+RY7NWii8KDe6yI63Q="; + hash = "sha256-WzPpnty3fUpjo4YF9EV6BM/04lTHce1SnryViZBszbE="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/pyqt/6.x.nix b/pkgs/development/python-modules/pyqt/6.x.nix index 641b12f4e50d..281b7d38308c 100644 --- a/pkgs/development/python-modules/pyqt/6.x.nix +++ b/pkgs/development/python-modules/pyqt/6.x.nix @@ -23,14 +23,14 @@ buildPythonPackage rec { pname = "PyQt6"; - version = "6.5.2"; + version = "6.6.0"; format = "pyproject"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-FIfuc1D5/7ZtYKtBdlGSUsKzcXYsvo+DQP2VH2OAEoA="; + hash = "sha256-1BUS1mBEwt+cX1FaVqkiFw1oo3s0Bv/dyLStxXGBtXY="; }; patches = [ @@ -132,11 +132,7 @@ buildPythonPackage rec { ++ lib.optional withLocation "PyQt6.QtPositioning" ; - # fix build with qt 6.6 - env.NIX_CFLAGS_COMPILE = toString ([ - "-fpermissive" - ] - ++ lib.optional (stdenv.isDarwin) "-Wno-address-of-temporary"); + env.NIX_CFLAGS_COMPILE = lib.optionalString stdenv.isDarwin "-Wno-address-of-temporary"; meta = with lib; { description = "Python bindings for Qt6"; diff --git a/pkgs/development/python-modules/pyqt6-charts.nix b/pkgs/development/python-modules/pyqt6-charts.nix index 6d2a110c8890..258a9c2eb8f4 100644 --- a/pkgs/development/python-modules/pyqt6-charts.nix +++ b/pkgs/development/python-modules/pyqt6-charts.nix @@ -11,14 +11,14 @@ buildPythonPackage rec { pname = "PyQt6_Charts"; - version = "6.5.0"; + version = "6.6.0"; format = "pyproject"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-b/APZbJRf5m/EG3dKMdvPKNE+R7PW6aBkeIKLZACSWI="; + sha256 = "sha256-FMxuXRnK6AEpUkpC+mMy0NXa2kKCqUI0Jea5rhtrxW0="; }; # fix include path and increase verbosity diff --git a/pkgs/development/python-modules/pyqt6-webengine.nix b/pkgs/development/python-modules/pyqt6-webengine.nix index d3b70a02f77d..1b42da5731e8 100644 --- a/pkgs/development/python-modules/pyqt6-webengine.nix +++ b/pkgs/development/python-modules/pyqt6-webengine.nix @@ -13,14 +13,14 @@ buildPythonPackage rec { pname = "PyQt6_WebEngine"; - version = "6.5.0"; + version = "6.6.0"; format = "pyproject"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-i6nbVsTBgaKi+rFnPKNeW2PcaRE/CFAn3cQ8cQttbuk="; + hash = "sha256-1QuYTD+F5AnmkrFWEychUi1OjPm2wl4M+Sfuot+zlIc="; }; # fix include path and increase verbosity diff --git a/pkgs/development/python-modules/pytest-regressions/default.nix b/pkgs/development/python-modules/pytest-regressions/default.nix index e804a0482dc1..c306f8ef8f6d 100644 --- a/pkgs/development/python-modules/pytest-regressions/default.nix +++ b/pkgs/development/python-modules/pytest-regressions/default.nix @@ -36,17 +36,15 @@ buildPythonPackage rec { ]; propagatedBuildInputs = [ - numpy - pandas - pillow pytest-datadir pyyaml ]; nativeCheckInputs = [ - pytestCheckHook matplotlib + pandas + pytestCheckHook ]; pythonImportsCheck = [ @@ -54,6 +52,12 @@ buildPythonPackage rec { "pytest_regressions.plugin" ]; + passthru.optional-dependencies = { + dataframe = [ pandas numpy ]; + image = [ numpy pillow ]; + num = [ numpy pandas ]; + }; + meta = with lib; { description = "Pytest fixtures to write regression tests"; longDescription = '' diff --git a/pkgs/development/python-modules/sip/default.nix b/pkgs/development/python-modules/sip/default.nix index f4870f2fa6f1..ec9c843dc885 100644 --- a/pkgs/development/python-modules/sip/default.nix +++ b/pkgs/development/python-modules/sip/default.nix @@ -13,13 +13,13 @@ buildPythonPackage rec { pname = "sip"; - version = "6.7.11"; + version = "6.7.12"; format = "pyproject"; src = fetchPypi { inherit pname version; - hash = "sha256-8Nwyh6CxcuVmSTHIeEd1DUfk/c2k/jYrUUr47dZVtGk="; + hash = "sha256-COZvdCWS64GKyP2kFz4u1kyfLUC3C+4R2xxJkSfZhFA="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/sphinx-autodoc-typehints/default.nix b/pkgs/development/python-modules/sphinx-autodoc-typehints/default.nix index d99577fd234e..59f832b999d6 100644 --- a/pkgs/development/python-modules/sphinx-autodoc-typehints/default.nix +++ b/pkgs/development/python-modules/sphinx-autodoc-typehints/default.nix @@ -10,7 +10,7 @@ let pname = "sphinx-autodoc-typehints"; - version = "1.24.0"; + version = "1.24.1"; in buildPythonPackage { @@ -22,7 +22,7 @@ buildPythonPackage { src = fetchPypi { pname = "sphinx_autodoc_typehints"; inherit version; - hash = "sha256-lORABmlBuyN3BLuIB4Xi0F6K5UBsiGdP7vu5OK0Nxq8="; + hash = "sha256-Bmg6K3bDx7GTG3XkDgIRhm+7ULpMToAtCQHZtOhJrdI="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/trove-classifiers/default.nix b/pkgs/development/python-modules/trove-classifiers/default.nix index e9691044a926..041f3db4c803 100644 --- a/pkgs/development/python-modules/trove-classifiers/default.nix +++ b/pkgs/development/python-modules/trove-classifiers/default.nix @@ -9,14 +9,14 @@ let self = buildPythonPackage rec { pname = "trove-classifiers"; - version = "2023.8.7"; + version = "2023.11.22"; format = "setuptools"; disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; - hash = "sha256-yfKgqF1UXlNi6Wfk8Gn1b939kSFeIv+kjGb7KDUhMZo="; + hash = "sha256-wxp+kvll8GCiRLV9jtXub1P8tBPuF855DgBXfLNprZk="; }; postPatch = '' diff --git a/pkgs/development/tools/documentation/doxygen/default.nix b/pkgs/development/tools/documentation/doxygen/default.nix index d735637cb53d..3b1a1fa0aa1f 100644 --- a/pkgs/development/tools/documentation/doxygen/default.nix +++ b/pkgs/development/tools/documentation/doxygen/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "doxygen"; - version = "1.9.7"; + version = "1.9.8"; src = fetchFromGitHub { owner = "doxygen"; repo = "doxygen"; rev = "Release_${lib.replaceStrings [ "." ] [ "_" ] version}"; - sha256 = "sha256-ezeMQk+Vyi9qNsYwbaRRruaIYGY8stFf71W7GonXqco="; + sha256 = "sha256-uQ1Fl2kmY7qmzy34NOmZCgPxVGwmqRqDvV6yEab5P4w="; }; nativeBuildInputs = [ diff --git a/pkgs/development/tools/kcat/default.nix b/pkgs/development/tools/kcat/default.nix index 224d18ed2e69..f363e4e51039 100644 --- a/pkgs/development/tools/kcat/default.nix +++ b/pkgs/development/tools/kcat/default.nix @@ -16,10 +16,6 @@ stdenv.mkDerivation rec { buildInputs = [ zlib rdkafka yajl avro-c libserdes ]; - preConfigure = '' - patchShebangs ./configure - ''; - meta = with lib; { description = "A generic non-JVM producer and consumer for Apache Kafka"; homepage = "https://github.com/edenhill/kcat"; diff --git a/pkgs/development/tools/pyenv/default.nix b/pkgs/development/tools/pyenv/default.nix index d8d528090834..9d8bcc246689 100644 --- a/pkgs/development/tools/pyenv/default.nix +++ b/pkgs/development/tools/pyenv/default.nix @@ -15,10 +15,6 @@ stdenv.mkDerivation rec { hash = "sha256-miJ/WONNDieLryD2J9JmkmSCG5Iesg2N2GT/FI9NGY0="; }; - postPatch = '' - patchShebangs --build src/configure - ''; - nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/development/web/nodejs/v18.nix b/pkgs/development/web/nodejs/v18.nix index b36e8e3d0f3a..ef8ea595eb2c 100644 --- a/pkgs/development/web/nodejs/v18.nix +++ b/pkgs/development/web/nodejs/v18.nix @@ -20,8 +20,8 @@ let in buildNodejs { inherit enableNpm; - version = "18.18.2"; - sha256 = "sha256-ckni8K+UPsOFmVBPSyor0x+5OHhykbbMymyLrfAeO1Y="; + version = "18.19.0"; + sha256 = "sha256-9StBryBZapq9jtdSQYN+xDlFRoIhRIu/hBNh4gkYGbY="; patches = [ ./disable-darwin-v8-system-instrumentation.patch ./bypass-darwin-xcrun-node16.patch diff --git a/pkgs/games/eboard/default.nix b/pkgs/games/eboard/default.nix index 49721fd2ce1e..0250208fd48a 100644 --- a/pkgs/games/eboard/default.nix +++ b/pkgs/games/eboard/default.nix @@ -16,10 +16,6 @@ stdenv.mkDerivation rec { hardeningDisable = [ "format" ]; - preConfigure = '' - patchShebangs ./configure - ''; - env.NIX_CFLAGS_COMPILE = "-fpermissive"; meta = { diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index b85e162efb72..daf7758b1184 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -61,11 +61,11 @@ let in stdenv.mkDerivation rec { pname = "ghostscript${lib.optionalString x11Support "-with-X"}"; - version = "10.02.0"; + version = "10.02.1"; src = fetchurl { url = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${lib.replaceStrings ["."] [""] version}/ghostscript-${version}.tar.xz"; - hash = "sha512-xJNEFRBj6RWt1VoKhCwqZF2DYqXLymY70HY49L02maCMreN6nv6QWtWkHgFDU+XhsSaLeSXkMSitMNWwMTlrcQ=="; + hash = "sha512-7g91TBvYoYQorRTqo+rYD/i5YnWvUBLnqDhPHxBJDaBW7smuPMeRp6E6JOFuVN9bzN0QnH1ToUU0u9c2CjALEQ="; }; patches = [ diff --git a/pkgs/os-specific/darwin/apple-sdk-11.0/apple_sdk.nix b/pkgs/os-specific/darwin/apple-sdk-11.0/apple_sdk.nix index ca23af43229c..fdc3bd45e55e 100644 --- a/pkgs/os-specific/darwin/apple-sdk-11.0/apple_sdk.nix +++ b/pkgs/os-specific/darwin/apple-sdk-11.0/apple_sdk.nix @@ -229,8 +229,8 @@ in rec { installPhase = drv.installPhase + '' # When used as a module, complains about a missing import for # Darwin.C.stdint. Apparently fixed in later SDKs. - awk -i inplace '/CFBase.h/ { print "#include <stdint.h>" } { print }' \ - $out/Library/Frameworks/CoreVideo.framework/Headers/CVBase.h + sed -e "/CFBase.h/ i #include <stdint.h>" \ + -i $out/Library/Frameworks/CoreVideo.framework/Headers/CVBase.h ''; }); diff --git a/pkgs/os-specific/linux/bluez/default.nix b/pkgs/os-specific/linux/bluez/default.nix index c6c7d9d0f509..2cd7a5210fd6 100644 --- a/pkgs/os-specific/linux/bluez/default.nix +++ b/pkgs/os-specific/linux/bluez/default.nix @@ -36,6 +36,12 @@ in stdenv.mkDerivation rec { url = "https://git.alpinelinux.org/aports/plain/main/bluez/max-input.patch?id=32b31b484cb13009bd8081c4106e4cf064ec2f1f"; sha256 = "sha256-SczbXtsxBkCO+izH8XOBcrJEO2f7MdtYVT3+2fCV8wU="; }) + # Fix device pairing regression + # FIXME: remove in next release + (fetchpatch { + url = "https://github.com/bluez/bluez/commit/3a9c637010f8dc1ba3e8382abe01065761d4f5bb.patch"; + hash = "sha256-UUmYMHnxYrw663nEEC2mv3zj5e0omkLNejmmPUtgS3c="; + }) ]; buildInputs = [ diff --git a/pkgs/os-specific/linux/dracut/default.nix b/pkgs/os-specific/linux/dracut/default.nix index c6bf684f7fc8..e5461bddbc8f 100644 --- a/pkgs/os-specific/linux/dracut/default.nix +++ b/pkgs/os-specific/linux/dracut/default.nix @@ -61,10 +61,6 @@ stdenv.mkDerivation rec { echo 'DRACUT_VERSION=${version}' >dracut-version.sh ''; - preConfigure = '' - patchShebangs ./configure - ''; - postFixup = '' wrapProgram $out/bin/dracut --prefix PATH : ${lib.makeBinPath [ coreutils diff --git a/pkgs/os-specific/linux/ell/default.nix b/pkgs/os-specific/linux/ell/default.nix index 789a59f751f5..4cbf950cdce4 100644 --- a/pkgs/os-specific/linux/ell/default.nix +++ b/pkgs/os-specific/linux/ell/default.nix @@ -9,14 +9,14 @@ stdenv.mkDerivation rec { pname = "ell"; - version = "0.59"; + version = "0.61"; outputs = [ "out" "dev" ]; src = fetchgit { url = "https://git.kernel.org/pub/scm/libs/ell/ell.git"; rev = version; - hash = "sha256-uJcGYT+JSdz/XTyJb/VUyedmSKJW/4BbTM3fw3ebtIc="; + hash = "sha256-spoZRT/gBCk/e/pn1AujCpCPdEM7hn/ImRyQq4hwctI="; }; nativeBuildInputs = [ diff --git a/pkgs/os-specific/linux/hwdata/default.nix b/pkgs/os-specific/linux/hwdata/default.nix index 5bfdf61dff6b..3332699886c9 100644 --- a/pkgs/os-specific/linux/hwdata/default.nix +++ b/pkgs/os-specific/linux/hwdata/default.nix @@ -11,10 +11,6 @@ stdenv.mkDerivation rec { hash = "sha256-M1uBamN09XepOembDAcHXO/UvnM9s/OiN+eNzChF5Tw="; }; - postPatch = '' - patchShebangs ./configure - ''; - configureFlags = [ "--datadir=${placeholder "out"}/share" ]; doCheck = false; # this does build machine-specific checks (e.g. enumerates PCI bus) diff --git a/pkgs/os-specific/linux/iwd/default.nix b/pkgs/os-specific/linux/iwd/default.nix index 1b983bb90e1e..072254bc3336 100644 --- a/pkgs/os-specific/linux/iwd/default.nix +++ b/pkgs/os-specific/linux/iwd/default.nix @@ -8,16 +8,17 @@ , readline , openssl , python3Packages +, gitUpdater }: stdenv.mkDerivation rec { pname = "iwd"; - version = "2.8"; + version = "2.10"; src = fetchgit { url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; rev = version; - sha256 = "sha256-i+2R8smgLXooApj0Z5e03FybhYgw1X/kIsJkrDzW8y4="; + hash = "sha256-zePFmcQRFjcH6KToTpBFMQzGY+Eq7jijfn0R/MMKGrw="; }; outputs = [ "out" "man" "doc" ] @@ -87,6 +88,11 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; + passthru.updateScript = gitUpdater { + # No nicer place to find latest release. + url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; + }; + meta = with lib; { homepage = "https://git.kernel.org/pub/scm/network/wireless/iwd.git"; description = "Wireless daemon for Linux"; diff --git a/pkgs/os-specific/linux/kernel-headers/default.nix b/pkgs/os-specific/linux/kernel-headers/default.nix index e0a3c4319b8b..652468002775 100644 --- a/pkgs/os-specific/linux/kernel-headers/default.nix +++ b/pkgs/os-specific/linux/kernel-headers/default.nix @@ -111,18 +111,15 @@ let in { inherit makeLinuxHeaders; - linuxHeaders = let version = "6.5"; in + linuxHeaders = let version = "6.6"; in makeLinuxHeaders { inherit version; src = fetchurl { url = "mirror://kernel/linux/kernel/v${lib.versions.major version}.x/linux-${version}.tar.xz"; - hash = "sha256-eldLvCCALqdrUsp/rwcmf3IEXoYbGJFcUnKpjCer+IQ="; + hash = "sha256-2SagbGPdisffP4buH/ws4qO4Gi0WhITna1s4mrqOVtA="; }; patches = [ ./no-relocs.patch # for building x86 kernel headers on non-ELF platforms - - # Fix regression turning `struct sockaddr_ll` flexible size. - ./revert-af_packet-flex.patch ]; }; } diff --git a/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch b/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch deleted file mode 100644 index ed6c8861d2fb..000000000000 --- a/pkgs/os-specific/linux/kernel-headers/revert-af_packet-flex.patch +++ /dev/null @@ -1,31 +0,0 @@ -Revert commit https://github.com/torvalds/linux/commit/a0ade8404c3bc2bf2631cb0f20d372eed22d9d96 - -The change caused API regression by turning fixed size struct to -flexible size struct. It was an unintentional change, broke `udp2raw`: - https://github.com/NixOS/nixpkgs/pull/252587#issuecomment-1744427473 ---- a/include/uapi/linux/if_packet.h -+++ b/include/uapi/linux/if_packet.h -@@ -18,11 +18,7 @@ struct sockaddr_ll { - unsigned short sll_hatype; - unsigned char sll_pkttype; - unsigned char sll_halen; -- union { -- unsigned char sll_addr[8]; -- /* Actual length is in sll_halen. */ -- __DECLARE_FLEX_ARRAY(unsigned char, sll_addr_flex); -- }; -+ unsigned char sll_addr[8]; - }; - - /* Packet types */ ---- a/net/packet/af_packet.c -+++ b/net/packet/af_packet.c -@@ -3607,7 +3607,7 @@ static int packet_getname(struct socket *sock, struct sockaddr *uaddr, - if (dev) { - sll->sll_hatype = dev->type; - sll->sll_halen = dev->addr_len; -- memcpy(sll->sll_addr_flex, dev->dev_addr, dev->addr_len); -+ memcpy(sll->sll_addr, dev->dev_addr, dev->addr_len); - } else { - sll->sll_hatype = 0; /* Bad: we have no ARPHRD_UNSPEC */ - sll->sll_halen = 0; diff --git a/pkgs/os-specific/linux/nftables/default.nix b/pkgs/os-specific/linux/nftables/default.nix index 4482170d346b..03e99441ec67 100644 --- a/pkgs/os-specific/linux/nftables/default.nix +++ b/pkgs/os-specific/linux/nftables/default.nix @@ -35,6 +35,13 @@ stdenv.mkDerivation rec { python3.pkgs.setuptools ]; + patches = [ ./fix-py-libnftables.patch ]; + + postPatch = '' + substituteInPlace "py/src/nftables.py" \ + --subst-var-by "out" "$out" + ''; + configureFlags = [ "--with-json" (lib.withFeatureAs withCli "cli" "editline") diff --git a/pkgs/os-specific/linux/nftables/fix-py-libnftables.patch b/pkgs/os-specific/linux/nftables/fix-py-libnftables.patch new file mode 100644 index 000000000000..3ab1e5363019 --- /dev/null +++ b/pkgs/os-specific/linux/nftables/fix-py-libnftables.patch @@ -0,0 +1,13 @@ +diff --git a/py/src/nftables.py b/py/src/nftables.py +index f1e43ade..9adcd1be 100644 +--- a/py/src/nftables.py ++++ b/py/src/nftables.py +@@ -69,7 +69,7 @@ class Nftables: + + validator = None + +- def __init__(self, sofile="libnftables.so.1"): ++ def __init__(self, sofile="@out@/lib/libnftables.so.1"): + """Instantiate a new Nftables class object. + + Accepts a shared object file to open, by default standard search path diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 38fec65b3334..f52342f5af36 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -17,13 +17,13 @@ in stdenv.mkDerivation rec { pname = "shadow"; - version = "4.14.1"; + version = "4.14.2"; src = fetchFromGitHub { owner = "shadow-maint"; repo = pname; rev = version; - hash = "sha256-DzPPnttnJSOMQwXWyFcz6fEtjwBC3p2PpZpBAQ/Ew18="; + hash = "sha256-8sFXxP4MPFzKfBHzlKlsibj0lVQKJbC/Z7pWCy3WEuc="; }; outputs = [ "out" "su" "dev" "man" ]; diff --git a/pkgs/os-specific/linux/systemd/default.nix b/pkgs/os-specific/linux/systemd/default.nix index e6872782b832..87db00c618be 100644 --- a/pkgs/os-specific/linux/systemd/default.nix +++ b/pkgs/os-specific/linux/systemd/default.nix @@ -160,7 +160,7 @@ assert !withPasswordQuality; let wantCurl = withRemote || withImportd; wantGcrypt = withResolved || withImportd; - version = "254.3"; + version = "254.6"; # Bump this variable on every (major) version change. See below (in the meson options list) for why. # command: @@ -177,7 +177,7 @@ stdenv.mkDerivation (finalAttrs: { owner = "systemd"; repo = "systemd-stable"; rev = "v${version}"; - hash = "sha256-ObnsAiKwhwEb4ti611eS/wGpg3Sss/pUy/gANPAbXbs="; + hash = "sha256-Ku24ecDeQt0t7A8/adR3Jm47QZ19+wdMPyJRzCxU4uU="; }; # On major changes, or when otherwise required, you *must* reformat the patches, @@ -205,14 +205,6 @@ stdenv.mkDerivation (finalAttrs: { ./0017-core-don-t-taint-on-unmerged-usr.patch ./0018-tpm2_context_init-fix-driver-name-checking.patch ./0019-systemctl-edit-suggest-systemdctl-edit-runtime-on-sy.patch - - # Fix for `RuntimeError: ELF .dynamic section is missing.` - # https://github.com/systemd/systemd/issues/29381 - # https://github.com/systemd/systemd/pull/29392 - (fetchpatch { - url = "https://github.com/systemd/systemd/commit/cecbb162a3134b43d2ca160e13198c73ff34c3ef.patch"; - hash = "sha256-hWpUosTDA18mYm5nIb9KnjwOlnzbEHgzha/WpyHoC54="; - }) ] ++ lib.optional stdenv.hostPlatform.isMusl ( let oe-core = fetchzip { diff --git a/pkgs/servers/monitoring/net-snmp/default.nix b/pkgs/servers/monitoring/net-snmp/default.nix index 638d7fad330c..8961bc549535 100644 --- a/pkgs/servers/monitoring/net-snmp/default.nix +++ b/pkgs/servers/monitoring/net-snmp/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, fetchpatch, removeReferencesTo +{ lib, stdenv, fetchurl, fetchpatch , file, openssl, perl, perlPackages, nettools , withPerlTools ? false }: let @@ -45,7 +45,14 @@ in stdenv.mkDerivation rec { substituteInPlace testing/fulltests/support/simple_TESTCONF.sh --replace "/bin/netstat" "${nettools}/bin/netstat" ''; - nativeBuildInputs = [ nettools removeReferencesTo file ]; + postConfigure = '' + # libraries contain configure options. Mangle store paths out from + # ./configure-generated file. + sed -i include/net-snmp/net-snmp-config.h \ + -e "/NETSNMP_CONFIGURE_OPTIONS/ s|$NIX_STORE/[a-z0-9]\{32\}-|$NIX_STORE/eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee-|g" + ''; + + nativeBuildInputs = [ nettools file ]; buildInputs = [ openssl ] ++ lib.optional withPerlTools perlWithPkgs; @@ -61,9 +68,6 @@ in stdenv.mkDerivation rec { done mkdir $dev/bin mv $bin/bin/net-snmp-config $dev/bin - # libraries contain configure options - find $lib/lib -type f -exec remove-references-to -t $bin '{}' + - find $lib/lib -type f -exec remove-references-to -t $dev '{}' + ''; meta = with lib; { diff --git a/pkgs/servers/tvheadend/default.nix b/pkgs/servers/tvheadend/default.nix index 7c7b3124ceba..499a046663ae 100644 --- a/pkgs/servers/tvheadend/default.nix +++ b/pkgs/servers/tvheadend/default.nix @@ -102,8 +102,6 @@ in stdenv.mkDerivation { ]; preConfigure = '' - patchShebangs ./configure - substituteInPlace src/config.c \ --replace /usr/bin/tar ${gnutar}/bin/tar diff --git a/pkgs/shells/bash/bash-5.2-patches.nix b/pkgs/shells/bash/bash-5.2-patches.nix index e118f03e0300..3aa9f331d8bb 100644 --- a/pkgs/shells/bash/bash-5.2-patches.nix +++ b/pkgs/shells/bash/bash-5.2-patches.nix @@ -16,4 +16,10 @@ patch: [ (patch "013" "1rkwpibd6j2ghppfhqsva2jm4kdni6b7jpdsxdps52643gc4yjq9") (patch "014" "09766vqqw4ffnmysm725v35qkhp1g9j4qgqag941xvq655pj9y9y") (patch "015" "12im449abnq5gaqjmdxr5i38kmp02fa8l8wffad3jryvd58r0wzg") +(patch "016" "05arb0hzmng03cr357lf6p8af0x2a1pznsd3psll03nibfy56n0m") +(patch "017" "129cvx4gfz8n23iw1lhbknbw86fyw6vh60jqj1wj3d5pr75wwj0w") +(patch "018" "105am94qxjc27gga4a8asvsi01090xwjfim3s16lafwjvm4xsha6") +(patch "019" "10njgv5mrc5rhsp5lvxcbm0pnzn59a8spi2nhdasifyl1a32cp1j") +(patch "020" "07f0wlmqjdfarp44w3gj9gdqbqm5x20rvlhpn34ngklmxcm2bz5n") +(patch "021" "1kahfqqalcwi4m73pg3ssz6lh0kcqsqax09myac7a15d2y0vhd43") ] diff --git a/pkgs/stdenv/generic/setup.sh b/pkgs/stdenv/generic/setup.sh index 37c10fb2957b..081024781eef 100644 --- a/pkgs/stdenv/generic/setup.sh +++ b/pkgs/stdenv/generic/setup.sh @@ -1260,6 +1260,10 @@ configurePhase() { prependToVar configureFlags --disable-static fi fi + + if [ -z "${dontPatchShebangsInConfigure:-}" ]; then + patchShebangs --build "$configureScript" + fi fi if [ -n "$configureScript" ]; then @@ -1495,17 +1499,7 @@ distPhase() { showPhaseHeader() { local phase="$1" - case "$phase" in - unpackPhase) echo "unpacking sources";; - patchPhase) echo "patching sources";; - configurePhase) echo "configuring";; - buildPhase) echo "building";; - checkPhase) echo "running tests";; - installPhase) echo "installing";; - fixupPhase) echo "post-installation fixup";; - installCheckPhase) echo "running install tests";; - *) echo "$phase";; - esac + echo "Running phase: $phase" } diff --git a/pkgs/tools/X11/xdg-utils/default.nix b/pkgs/tools/X11/xdg-utils/default.nix index ed8b1363d5f8..cf46239939b5 100644 --- a/pkgs/tools/X11/xdg-utils/default.nix +++ b/pkgs/tools/X11/xdg-utils/default.nix @@ -69,7 +69,8 @@ stdenv.mkDerivation rec { substituteInPlace $out/bin/xdg-open \ --replace "/usr/bin/printf" "${coreutils}/bin/printf" \ - --replace "gdbus" "${glib}/bin/gdbus" + --replace "gdbus" "${glib}/bin/gdbus" \ + --replace "mimeopen" "${perlPackages.FileMimeInfo}/bin/mimeopen" substituteInPlace $out/bin/xdg-mime \ --replace "/usr/bin/file" "${file}/bin/file" diff --git a/pkgs/tools/compression/xz/default.nix b/pkgs/tools/compression/xz/default.nix index adc73d926c90..e8e0ae2439f2 100644 --- a/pkgs/tools/compression/xz/default.nix +++ b/pkgs/tools/compression/xz/default.nix @@ -10,11 +10,11 @@ stdenv.mkDerivation rec { pname = "xz"; - version = "5.4.4"; + version = "5.4.5"; src = fetchurl { url = "https://tukaani.org/xz/xz-${version}.tar.bz2"; - sha256 = "sha256-C2/N4aw46QQzolVvUAwGWVC5vNLWAgBu/DNHgr3+YpY="; + sha256 = "sha256-jM9f/4aMAG8pUi44b7TGobZkY/vKZaTPw8S9WW6JXnk="; }; strictDeps = true; diff --git a/pkgs/tools/inputmethods/m17n-db/default.nix b/pkgs/tools/inputmethods/m17n-db/default.nix index a8bffd9989a9..dc0ed25a3efe 100644 --- a/pkgs/tools/inputmethods/m17n-db/default.nix +++ b/pkgs/tools/inputmethods/m17n-db/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "m17n-db"; - version = "1.8.2"; + version = "1.8.5"; src = fetchurl { url = "https://download.savannah.gnu.org/releases/m17n/m17n-db-${version}.tar.gz"; - sha256 = "sha256-vHR+J9ct9YoH9DG3JdeuQJIyLbxGEUykBTgoIbK6XGk="; + sha256 = "sha256-to//QiwKKGTuVuLEUXOCEzuYG7S6ObU/R4lc2LHApzY="; }; nativeBuildInputs = [ gettext ]; diff --git a/pkgs/tools/misc/coreutils/default.nix b/pkgs/tools/misc/coreutils/default.nix index beee4241c541..c1279a69ccf7 100644 --- a/pkgs/tools/misc/coreutils/default.nix +++ b/pkgs/tools/misc/coreutils/default.nix @@ -32,11 +32,11 @@ let in stdenv.mkDerivation rec { pname = "coreutils" + (optionalString (!minimal) "-full"); - version = "9.3"; + version = "9.4"; src = fetchurl { url = "mirror://gnu/coreutils/coreutils-${version}.tar.xz"; - hash = "sha256-rbz8/omSNbceh2jc8HzVMlILf1T5qAZIQ/jRmakEu6o="; + hash = "sha256-6mE6TPRGEjJukXIBu7zfvTAd4h/8O1m25cB+BAsnXlI="; }; postPatch = '' @@ -50,7 +50,7 @@ stdenv.mkDerivation rec { # Some target platforms, especially when building inside a container have # issues with the inotify test. - sed '2i echo Skipping tail inotify dir recreate test && exit 77' -i ./tests/tail-2/inotify-dir-recreate.sh + sed '2i echo Skipping tail inotify dir recreate test && exit 77' -i ./tests/tail/inotify-dir-recreate.sh # sandbox does not allow setgid sed '2i echo Skipping chmod setgid test && exit 77' -i ./tests/chmod/setgid.sh @@ -77,10 +77,8 @@ stdenv.mkDerivation rec { echo "int main() { return 77; }" > gnulib-tests/test-getlogin.c '' ])) + (optionalString stdenv.isAarch64 '' - sed '2i print "Skipping tail assert test"; exit 77' -i ./tests/tail-2/assert.sh - # Sometimes fails: https://github.com/NixOS/nixpkgs/pull/143097#issuecomment-954462584 - sed '2i echo Skipping cut huge range test && exit 77' -i ./tests/misc/cut-huge-range.sh + sed '2i echo Skipping cut huge range test && exit 77' -i ./tests/cut/cut-huge-range.sh ''); outputs = [ "out" "info" ]; diff --git a/pkgs/tools/misc/desktop-file-utils/default.nix b/pkgs/tools/misc/desktop-file-utils/default.nix index b58a7d819bad..ae17b51025dc 100644 --- a/pkgs/tools/misc/desktop-file-utils/default.nix +++ b/pkgs/tools/misc/desktop-file-utils/default.nix @@ -1,7 +1,6 @@ { stdenv , lib , fetchurl -, fetchpatch , pkg-config , meson , ninja @@ -11,26 +10,13 @@ stdenv.mkDerivation rec { pname = "desktop-file-utils"; - version = "0.26"; + version = "0.27"; src = fetchurl { url = "https://www.freedesktop.org/software/${pname}/releases/${pname}-${version}.tar.xz"; - sha256 = "02bkfi6fyk4c0gh2avd897882ww5zl7qg7bzzf28qb57kvkvsvdj"; + hash = "sha256-oIF985zjhbZiGIBAfFbx8pgWjAQMIDLO34jVt2r/6DY="; }; - patches = [ - # Support Desktop Entry Specification v1.5. - # https://gitlab.freedesktop.org/xdg/desktop-file-utils/-/merge_requests/11 - (fetchpatch { - url = "https://gitlab.freedesktop.org/xdg/desktop-file-utils/-/commit/425177a28b6215e0745f95100160a08e810fd47c.patch"; - sha256 = "zu9EqTnQQGi5HqKh431JqigtJi+b16RuXSWQYbuuyxA="; - }) - (fetchpatch { - url = "https://gitlab.freedesktop.org/xdg/desktop-file-utils/-/commit/56d220dd679c7c3a8f995a41a27a7d6f3df49dea.patch"; - sha256 = "p4kamGIm2QBHfIbvDnx+qu5Gi7OU3Z0nQKr39SsEKqk="; - }) - ]; - nativeBuildInputs = [ pkg-config meson diff --git a/pkgs/tools/misc/man-db/default.nix b/pkgs/tools/misc/man-db/default.nix index b52628373594..e5829a56a8b4 100644 --- a/pkgs/tools/misc/man-db/default.nix +++ b/pkgs/tools/misc/man-db/default.nix @@ -1,7 +1,6 @@ { buildPackages , db , fetchurl -, fetchpatch , groff , gzip , lib @@ -17,11 +16,11 @@ stdenv.mkDerivation rec { pname = "man-db"; - version = "2.11.2"; + version = "2.12.0"; src = fetchurl { url = "mirror://savannah/man-db/man-db-${version}.tar.xz"; - hash = "sha256-z/oe5Ol0vnhkbEZQjm3S8358WJqqspOMwQZPBY/vn40="; + hash = "sha256-QVpihKInZK0i/w9mcQ2FO+d5DdRRzXFDbj0lx02ZapU="; }; outputs = [ "out" "doc" ]; @@ -34,32 +33,6 @@ stdenv.mkDerivation rec { patches = [ ./systemwide-man-db-conf.patch - # Remove the patches below when updating to the next man-db release. - # Patches addressing https://gitlab.com/man-db/man-db/-/issues/25 ... - (fetchpatch { - name = "update-warning-regex"; - url = "https://gitlab.com/man-db/man-db/-/commit/b12ffb9df7.patch"; - hash = "sha256-F+whRppaMZwgmGPKTXu2j1vZMNAm3vGNzNZcz9pg8Jc="; - }) - (fetchpatch { - name = "fix-test-failures-when-iconv-not-available"; - url = "https://gitlab.com/man-db/man-db/-/commit/26f46a60e5.patch"; - hash = "sha256-W1a6GkYn4J3py7GLZc37xmQBQR18Xvcvj4fJoZ21+0k="; - # The following files are excluded from the patch as they fail to apply - # cleanly on the 2.11.2 sources and are deemed irrelevant for building man-db. - excludes = [ "NEWS.md" ]; - }) - # ... and https://gitlab.com/man-db/man-db/-/issues/26. - (fetchpatch { - name = "improve-lexgrog-portability"; - url = "https://gitlab.com/man-db/man-db/-/commit/bbf7701c4f.patch"; - hash = "sha256-QLOVgV0S2NxxTBObD8bJFR1QDH0p2RGMJXLVNagfddc="; - }) - (fetchpatch { - name = "avoid-translation-fallout-from-lexgrog-fix"; - url = "https://gitlab.com/man-db/man-db/-/commit/043c3cb83c.patch"; - hash = "sha256-w12/LOGN9gO85zmqX7zookA55w3WUxBMJgWInpH5wms="; - }) ]; postPatch = '' diff --git a/pkgs/tools/networking/dhcpcd/default.nix b/pkgs/tools/networking/dhcpcd/default.nix index 40cfa4077227..2d7a646299ad 100644 --- a/pkgs/tools/networking/dhcpcd/default.nix +++ b/pkgs/tools/networking/dhcpcd/default.nix @@ -40,8 +40,6 @@ stdenv.mkDerivation rec { substituteInPlace hooks/dhcpcd-run-hooks.in --replace /bin/sh ${runtimeShell} ''; - preConfigure = "patchShebangs ./configure"; - configureFlags = [ "--sysconfdir=/etc" "--localstatedir=/var" diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index a1a908340003..9d5c73286b6f 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -47,24 +47,15 @@ , gnutls }: -stdenv.mkDerivation rec { +stdenv.mkDerivation (finalAttrs: { pname = "unbound"; - version = "1.18.0"; + version = "1.19.0"; src = fetchurl { - url = "https://nlnetlabs.nl/downloads/unbound/unbound-${version}.tar.gz"; - hash = "sha256-PalUkKhc/2Qg8m+uC4Skn1ES3xvxt/w0+HJPAggstxI="; + url = "https://nlnetlabs.nl/downloads/unbound/unbound-${finalAttrs.version}.tar.gz"; + hash = "sha256-qXUyRohUxhwt5IykFw3oVP07yVyAQ7sM+w/iZgWWZiQ="; }; - patches = [ - # Backport: fix libunbound with nettle. - (fetchpatch { - url = "https://github.com/NLnetLabs/unbound/commit/654a7eab62cbd1844d483cc4a0f2cf2fbcbaf00a.patch"; - excludes = [ "doc/Changelog" ]; - hash = "sha256-n3FCeZESFrrn6Wcf28Hb8WZs1eMHWjbsf2WCFOXU3lI="; - }) - ]; - outputs = [ "out" "lib" "man" ]; # "dev" would only split ~20 kB nativeBuildInputs = [ makeWrapper pkg-config ] @@ -157,7 +148,7 @@ stdenv.mkDerivation rec { + ''substituteInPlace "$lib/lib/libunbound.la" '' + lib.concatMapStrings (pkg: lib.optionalString (pkg ? dev) " --replace '-L${pkg.dev}/lib' '-L${pkg.out}/lib' --replace '-R${pkg.dev}/lib' '-R${pkg.out}/lib'") - (builtins.filter (p: p != null) buildInputs); + (builtins.filter (p: p != null) finalAttrs.buildInputs); passthru.tests = { inherit gnutls; @@ -172,4 +163,4 @@ stdenv.mkDerivation rec { maintainers = with maintainers; [ ajs124 ]; platforms = platforms.unix; }; -} +}) diff --git a/pkgs/tools/virtualization/mkosi/default.nix b/pkgs/tools/virtualization/mkosi/default.nix index 38ffb1cd4838..c996a5c1124c 100644 --- a/pkgs/tools/virtualization/mkosi/default.nix +++ b/pkgs/tools/virtualization/mkosi/default.nix @@ -30,21 +30,11 @@ let url = "https://github.com/systemd/systemd/commit/81e04781106e3db24e9cf63c1d5fdd8215dc3f42.patch"; hash = "sha256-KO3poIsvdeepPmXWQXNaJJCPpmBb4sVmO+ur4om9f5k="; }) - # Propagate SOURCE_DATE_EPOCH to mcopy. Remove when upgrading to systemd 255. - (fetchpatch { - url = "https://github.com/systemd/systemd/commit/4947de275a5553399854cc748f4f13e4ae2ba069.patch"; - hash = "sha256-YIZZyc3f8pQO9fMAxiNhDdV8TtL4pXoh+hwHBzRWtfo="; - }) # repart: make sure rewinddir() is called before readdir() when performing rm -rf. Remove when upgrading to systemd 255. (fetchpatch { url = "https://github.com/systemd/systemd/commit/6bbb893b90e2dcb05fb310ba4608f9c9dc587845.patch"; hash = "sha256-A6cF2QAeYHGc0u0V1JMxIcV5shzf5x3Q6K+blZOWSn4="; }) - # Set timezone to UTC when invoking mcopy. Remove when upgrading to systemd 255. - (fetchpatch { - url = "https://github.com/systemd/systemd/commit/b2942c76adc5bb6a3e073aa5cee57834ee3a9813.patch"; - hash = "sha256-phGln3Gs9p8CsEe+1laGrm9xcUJWVbNBW0W8oR9/7YU="; - }) ]; })).override { withRepart = true; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 98b3688b0388..b5336abd3678 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10316,9 +10316,9 @@ with pkgs; nodenv = callPackage ../development/tools/nodenv { }; - nodejs = hiPrio nodejs_18; - nodejs-slim = nodejs-slim_18; - corepack = hiPrio corepack_18; + nodejs = hiPrio nodejs_20; + nodejs-slim = nodejs-slim_20; + corepack = hiPrio corepack_20; nodejs_18 = callPackage ../development/web/nodejs/v18.nix { }; nodejs-slim_18 = callPackage ../development/web/nodejs/v18.nix { enableNpm = false; }; @@ -16905,11 +16905,14 @@ with pkgs; inherit (darwin) apple_sdk; }; - rust_1_73 = callPackage ../development/compilers/rust/1_73.nix { + wrapRustcWith = { rustc-unwrapped, ... } @ args: callPackage ../build-support/rust/rustc-wrapper args; + wrapRustc = rustc-unwrapped: wrapRustcWith { inherit rustc-unwrapped; }; + + rust_1_74 = callPackage ../development/compilers/rust/1_74.nix { inherit (darwin.apple_sdk.frameworks) CoreFoundation Security SystemConfiguration; llvm_16 = llvmPackages_16.libllvm; }; - rust = rust_1_73; + rust = rust_1_74; mrustc = callPackage ../development/compilers/mrustc { }; mrustc-minicargo = callPackage ../development/compilers/mrustc/minicargo.nix { }; @@ -16917,13 +16920,13 @@ with pkgs; openssl = openssl_1_1; }; - rustPackages_1_73 = rust_1_73.packages.stable; - rustPackages = rustPackages_1_73; + rustPackages_1_74 = rust_1_74.packages.stable; + rustPackages = rustPackages_1_74; inherit (rustPackages) cargo cargo-auditable cargo-auditable-cargo-wrapper clippy rustc rustPlatform; # https://github.com/NixOS/nixpkgs/issues/89426 - rustc-wasm32 = (rustc.override { + rustc-wasm32 = wrapRustc ((rustc.unwrapped.override { stdenv = stdenv.override { targetPlatform = lib.systems.elaborate { # lib.systems.elaborate won't recognize "unknown" as the last component. @@ -16933,7 +16936,7 @@ with pkgs; }; }).overrideAttrs (old: { configureFlags = old.configureFlags ++ ["--set=build.docs=false"]; - }); + })); makeRustPlatform = callPackage ../development/compilers/rust/make-rust-platform.nix { }; @@ -23631,9 +23634,7 @@ with pkgs; else if stdenv.hostPlatform.system == "riscv32-linux" then llvmPackages_14.libunwind else callPackage ../development/libraries/libunwind { }; - libuv = callPackage ../development/libraries/libuv { - inherit (darwin.apple_sdk.frameworks) ApplicationServices CoreServices; - }; + libuv = darwin.apple_sdk_11_0.callPackage ../development/libraries/libuv { }; libuvc = callPackage ../development/libraries/libuvc { }; |