| Commit message (Collapse) | Author | Age |
|\
| |
| |
| |
| |
| |
| | |
Closes #12895
Amazing work by @globin & @fpletz getting hardened compiler flags by
enabled default on the whole package set
|
| |\ |
|
| |\ \ |
|
| |\ \ \ |
|
| |\ \ \ \ |
|
| |\ \ \ \ \ |
|
| |\ \ \ \ \ \ |
|
| | | | | | | | |
|
| |\ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
The following parameters are now available:
* hardeningDisable
To disable specific hardening flags
* hardeningEnable
To enable specific hardening flags
Only the cc-wrapper supports this right now, but these may be reused by
other wrappers, builders or setup hooks.
cc-wrapper supports the following flags:
* fortify
* stackprotector
* pie (disabled by default)
* pic
* strictoverflow
* format
* relro
* bindnow
|
| |\ \ \ \ \ \ \ \ \ \ \ \ \ \ |
|
| | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | | | |
|
| |_|_|_|_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | | | | |
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
Prior to 1bf5ded1933b18af9a95dc263063756ed9d383ba these contained
`hydraPlatforms = platforms.linux`, which was apparently misleading.
|
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
| | | | | | | | | | | | | | | |
Build-tested on x86_64 Linux & Mac.
|
| |_|_|_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | |
| | | | | | | | | | | | | | |
In all of these files, there is no meta.platforms but only
meta.hydraPlatforms, which doesn't seem to have any purpose except being
inconsistent.
|
| |_|_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | | |
|
| | | | | | | | | | | | | |
|
| |_|_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | | |
|
| | | | | | | | | | | | |
|
| |_|_|_|_|_|_|_|_|_|/
|/| | | | | | | | | | |
|
| | | | | | | | | | | |
|
| |_|_|_|_|_|_|_|_|/
|/| | | | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Fixes double close in r command to output file.
|
|\ \ \ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Includes a security update of libxml2.
|
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | |
| | | | | | | | | | | |
Fallout from #15567. Only Darwin is affected, hashes of the rest remain.
|
| | |_|_|_|_|_|_|_|/
| |/| | | | | | | | |
|
|/ / / / / / / / / |
|
| | | | | | | | | |
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
pxattr provides a single interface to extended file system attributes. It can
be used to save and restore extended file system attributes before using
a utility such as tar for backup which does not understand extended fsattr.
|
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
And ‘maintain’ to help keep an eye on it.
Closes #7332.
|
| | | | | | | | | |
|
| |_|_|_|_|_|_|/
|/| | | | | | | |
|
| | | | | | | | |
|
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
Faster extract. Removes -encrypt (combined with -repack).
Also, we now correctly follow upstream's versioning and no longer
multiply the version number by 100. You may need to update manually.
|
| |_|_|_|_|_|/
|/| | | | | |
| | | | | | |
| | | | | | | |
While at it, add xz support and enable parallel build.
|
| | | | | | | |
|
| | | | | | | |
|
| | | | | | | |
|
|\ \ \ \ \ \ \ |
|
| |\ \ \ \ \ \ \
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | |
| | | | | | | | | |
Comparison to master evaluations on Hydra:
- 1255515 for nixos
- 1255502 for nixpkgs
|
| |\ \ \ \ \ \ \ \
| | | |_|_|_|_|/ /
| | |/| | | | | |
| | | | | | | | |
| | | | | | | | | |
Beware that stdenv doesn't build. It seems something more will be needed
than just resolution of merge conflicts.
|