summary refs log tree commit diff
Commit message (Collapse)AuthorAge
...
* | | | | | | | | Merge pull request #49645 from peterhoeg/p/broadlinkRobert Schütz2018-11-03
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | pythonPackages.broadlink: init at 0.9
| * | | | | | | | | home-assistant: make broadlink module availablePeter Hoeg2018-11-02
| | | | | | | | | |
| * | | | | | | | | pythonPackages.broadlink: init at 0.9Peter Hoeg2018-11-02
| | | | | | | | | |
* | | | | | | | | | home-assistant: 0.81.2 -> 0.81.5Robert Schütz2018-11-03
| |_|_|_|_|_|_|_|/ |/| | | | | | | |
* | | | | | | | | Merge pull request #49559 from ikarulus/librepcbRenaud2018-11-03
|\ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | bump version librepcb-unstable: 2018-06-28 -> 2018-10-31
| * | | | | | | | | librepcb-unstable: 2018-06-28 -> 2018-10-31Ikarulus2018-11-03
| | | | | | | | | |
* | | | | | | | | | Merge pull request #48496 from rvl/bpftraceRenaud2018-11-03
|\ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | linuxPackages.bpftrace: init at unstable-2018-10-27
| * | | | | | | | | | linuxPackages.bpftrace: init at unstable-2018-10-27Rodney Lorrimar2018-10-28
| | | | | | | | | | |
* | | | | | | | | | | Merge pull request #49672 from gnidorah/maxxmarkuskowa2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | maxx: fix urls
| * | | | | | | | | | | maxx: fix urlsgnidorah2018-11-03
| | | | | | | | | | | |
* | | | | | | | | | | | Merge pull request #49660 from kquick/yices-2.6.1markuskowa2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | yices: 2.6.0 -> 2.6.1
| * | | | | | | | | | | | yices: 2.6.0 -> 2.6.1Kevin Quick2018-11-02
| | | | | | | | | | | | |
* | | | | | | | | | | | | Merge pull request #49652 from dtzWill/update/tor-0.3.4.9Joachim F2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | tor: 0.3.4.8 -> 0.3.4.9
| * | | | | | | | | | | | | tor: 0.3.4.8 -> 0.3.4.9Will Dietz2018-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://gitweb.torproject.org/tor.git/plain/ChangeLog?h=tor-0.3.4.9 Please confirm the sha256 is correct for a verified tarball, I'm not setup (or know how offhand but docs look promising) to do this myself.
* | | | | | | | | | | | | | Merge #49677: thunderbird*: 60.2.1 -> 60.3.0Vladimír Čunát2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Critical security fixes.
| * | | | | | | | | | | | | | thunderbird: 60.2.1 -> 60.3.0taku02018-11-03
| | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | thunderbird-bin: 60.2.1 -> 60.3.0taku02018-11-01
| | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | python.pkgs.bsddb3: enable python3 and testsFrederik Rietdijk2018-11-03
| | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | Merge pull request #49663 from flokli/gitlab-11.4.4Florian Klink2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gitlab: 11.4.3 -> 11.4.4
| * | | | | | | | | | | | | | | gitlab: 11.4.3 -> 11.4.4Florian Klink2018-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SSRF in Kubernetes integration The GitLab Kubernetes integration was vulnerable to a SSRF issue which could allow an attacker to make requests to access any internal URLs. The issue is now mitigated in the latest release and is assigned CVE-2018-18843.
* | | | | | | | | | | | | | | | Merge pull request #49585 from periklis/libid3tag-sec-fixesMateusz Kowalczyk2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | libid3tag: patch CVE-2017-11550 and CVE-2017-11551
| * | | | | | | | | | | | | | | | libid3tag: patch CVE-2017-11550 and CVE-2017-11551Periklis Tsirakidis2018-11-01
| | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | Merge pull request #49680 from symphorien/nix-du-0.3Gabriel Ebner2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nix-du: 0.2.0 -> 0.3.0
| * | | | | | | | | | | | | | | | | nix-du: 0.2.0 -> 0.3.0Symphorien Gibol2018-11-03
| | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | jq: 1.5 -> 1.6Will Dietz2018-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * jq: 1.5 -> 1.6 (!!) (last release was in 2015! :)) * jq: drop darwin patch, appears resolved by upgrade commit history isn't that long, and has a few addressing behavior on osx re:strptime-- and since this patch doesn't apply it seems likely it's been resolved but probably can be checked by any interested folks w/darwin.
* | | | | | | | | | | | | | | | | | Merge pull request #49467 from CharlesHD/submit/cmusfmRenaud2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | cmusfm: init at 2018-10-11
| * | | | | | | | | | | | | | | | | | cmusfm: init at 2018-10-11CharlesHD2018-10-31
| | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | Merge pull request #49666 from averelld/rPackages.ps-build-fixPeter Simons2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | r-ps: patchShebangs in ./configure to fix build
| * | | | | | | | | | | | | | | | | | | r-ps: patchShebangs in ./configure to fix buildAverell Dalton2018-11-02
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | Merge pull request #49674 from typetetris/fix-46130Peter Simons2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | haskellPackages.sdl2: test-suite needs x server, so deactivate it
| * | | | | | | | | | | | | | | | | | | | haskellPackages.sdl2: test-suite needs x server, so deactivate itEric Wolf2018-11-03
| | |_|_|_|_|_|_|_|_|_|_|_|_|/ / / / / / | |/| | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | Merge pull request #49673 from danieldk/cargo-asm-securityVladyslav M2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | |_|_|_|_|_|_|_|_|_|/ / / / / / / / / / |/| | | | | | | | | | | | | | | | | | | cargo-asm: fix build on macOS Mojave
| * | | | | | | | | | | | | | | | | | | cargo-asm: fix build on macOS MojaveDaniël de Kok2018-11-03
|/ / / / / / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Building cargo-asm on Mojave fails with ld: framework not found Security Add Security as a build input.
* | | | | | | | | | | | | | | | | | | autoPatchelfHook: Correctly detect PIE binariesaszlig2018-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | I originally thought it would just be enough to just check for an INTERP section in isExecutable, however this would mean that we don't detect statically linked ELF files, which would break our recent improvement to gracefully handle those. In theory, we are only interested in ELF files that have an INTERP section, so checking for INTERP would be enough. Unfortunately the isExecutable function is already used outside of autoPatchelfHook, so we can't easily get rid of it now, so let's actually strive for more correctness and make isExecutable actually match ELF files that are executable. So what we're doing instead now is to check whether either the ELF type is EXEC *or* we have an INTERP section and if one of them is true we should have an ELF executable, even if it's statically linked. Along the way I also set LANG=C for the invocations of readelf, just to be sure we don't get locale-dependent output. Tested this with the following command (which contains almost[1] all the packages using autoPatchelfHook), checking whether we run into any library-related errors: nix-build -E 'with import ./. { config.allowUnfree = true; }; runCommand "test-executables" { drvs = [ anydesk cups-kyodialog3 elasticsearch franz gurobi masterpdfeditor oracle-instantclient powershell reaper sourcetrail teamviewer unixODBCDrivers.msodbcsql17 virtlyst vk-messenger wavebox zoom-us ]; } ("for i in $drvs; do for b in $i/bin/*; do " + "[ -x \"$b\" ] && timeout 10 \"$b\" || :; done; done") ' Apart from testing against library-related errors I also compared the resulting store paths against the ones prior to this commit. Only anydesk and virtlyst had the same as they didn't have self-references, everything else differed only because of self-references, except elasticsearch, which had the following PIE binaries: * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/autoconfig * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/autodetect * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/categorize * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/controller * modules/x-pack/x-pack-ml/platform/linux-x86_64/bin/normalize These binaries were now patched, which is what this commit is all about. [1]: I didn't include the "maxx" package (MaXX Interactive Desktop) because the upstream URLs are no longer existing and I couldn't find them elsewhere on the web. Signed-off-by: aszlig <aszlig@nix.build> Fixes: https://github.com/NixOS/nixpkgs/issues/48330 Cc: @gnidorah (for MaXX Interactive Desktop)
* | | | | | | | | | | | | | | | | | | Revert "stage.nix: pkgsi686Linux only works on x86 family"Matthew Bauer2018-11-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts commit 78ca6d885ffbeba8b2cfe1fe68c3980e74fd4e5d. Broke eval on aarch64
* | | | | | | | | | | | | | | | | | | Merge pull request #49629 from marsam/feature/fixes-pyreJörg Thalheim2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | pyre: 0.0.14 -> 0.0.17
| * | | | | | | | | | | | | | | | | | | pyre: 0.0.14 -> 0.0.17Mario Rodas2018-11-02
| | | | | | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | | | | | pyre: enable testsMario Rodas2018-11-01
| | | | | | | | | | | | | | | | | | | |
| * | | | | | | | | | | | | | | | | | | pyre: fix darwin buildMario Rodas2018-11-01
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | stage.nix: pkgsi686Linux only works on x86 familyMatthew Bauer2018-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | aarch64 cpus are going to break on pkgsi686Linux packages. See this error: https://hydra.nixos.org/build/82962379/
* | | | | | | | | | | | | | | | | | | | grpc: disable werror for unknown warning optionMatthew Bauer2018-11-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This seems silly to do an error for. It breaks clang builds.
* | | | | | | | | | | | | | | | | | | | libobjc2: mark aarch64 as bad platformMatthew Bauer2018-11-02
| |_|/ / / / / / / / / / / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Apparently some assembly has not been ported. This commit should fix it: https://github.com/gnustep/libobjc2/commit/b952a21abe8b0f9878b1ec5161ea530058512f4a#diff-e49aa4e60f8ccec1be46afc5e6ffcee5 But no release has been made by the gnustep team yet!
* | | | | | | | | | | | | | | | | | | gsasl: disable check on darwinMatthew Bauer2018-11-02
| | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | gemrb: add libiconvMatthew Bauer2018-11-02
| |_|_|_|_|/ / / / / / / / / / / / / |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | https://hydra.nixos.org/build/83508053/
* | | | | | | | | | | | | | | | | | Merge pull request #49658 from mayflower/gitlab-refactorFlorian Klink2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | gitlab: refactor and fix test
| * | | | | | | | | | | | | | | | | | gitlab: refactor and fix testRobin Gloster2018-11-02
| | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | Merge pull request #49661 from dywedir/batJörg Thalheim2018-11-03
|\ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bat: fix build on darwin
| * | | | | | | | | | | | | | | | | | | bat: fix build on darwinVladyslav Mykhailichenko2018-11-03
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | Add myself to a few CODEOWNERS pathsMatthew Bauer2018-11-02
| | | | | | | | | | | | | | | | | | | |
* | | | | | | | | | | | | | | | | | | | nixos/dockerPreloader: preload docker images (#49379)lewo2018-11-03
|/ / / / / / / / / / / / / / / / / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This module permits to preload Docker image in a VM in order to reduce OIs on file copies. This module has to be only used in testing environments, when the test requires several Docker images such as in Kubernetes tests. In this case, `virtualisation.dockerPreloader.images` can replace the `services.kubernetes.kubelet.seedDockerImages` options. The idea is to populate the /var/lib/docker directory by mounting qcow files (we uses qcow file to avoid permission issues) that contain images. For each image specified in config.virtualisation.dockerPreloader.images: 1. The image is loaded by Docker in a VM 2. The resulting /var/lib/docker is written to a QCOW file This set of QCOW files can then be used to populate the /var/lib/docker: 1. Each QCOW is mounted in the VM 2. Symlink are created from these mount points to /var/lib/docker 3. A /var/lib/docker/image/overlay2/repositories.json file is generated 4. The docker daemon is started.
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-07 11:48:05 +0000