nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 09:23:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge master into staging-next

Browse Source
This commit is contained in:
github-actions[bot] 2023-09-24 18:00:54 +00:00 committed by GitHub
commit 03a82ba5d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
45 changed files with 440 additions and 252 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
doc/languages-frameworks/python.section.md
View File

@ -32,8 +32,8 @@ Each interpreter has the following attributes:
- `libPrefix`. Name of the folder in `${python}/lib/` for corresponding interpreter.
- `interpreter`. Alias for `${python}/bin/${executable}`.
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See section *python.buildEnv function* for usage and documentation.
- `withPackages`. Simpler interface to `buildEnv`. See section *python.withPackages function* for usage and documentation.
- `buildEnv`. Function to build python interpreter environments with extra packages bundled together. See [](#python.buildenv-function) for usage and documentation.
- `withPackages`. Simpler interface to `buildEnv`. See [](#python.withpackages-function) for usage and documentation.
- `sitePackages`. Alias for `lib/${libPrefix}/site-packages`.
- `executable`. Name of the interpreter executable, e.g. `python3.10`.
- `pkgs`. Set of Python packages for that specific interpreter. The package set can be modified by overriding the interpreter and passing `packageOverrides`.
@ -41,8 +41,8 @@ Each interpreter has the following attributes:
### Building packages and applications {#building-packages-and-applications}
Python libraries and applications that use `setuptools` or
`distutils` are typically built with respectively the `buildPythonPackage` and
`buildPythonApplication` functions. These two functions also support installing a `wheel`.
`distutils` are typically built with respectively the [`buildPythonPackage`](#buildpythonpackage-function) and
[`buildPythonApplication`](#buildpythonapplication-function) functions. These two functions also support installing a `wheel`.
All Python packages reside in `pkgs/top-level/python-packages.nix` and all
applications elsewhere. In case a package is used as both a library and an
@ -141,23 +141,23 @@ buildPythonPackage rec {
The `buildPythonPackage` mainly does four things:
* In the `buildPhase`, it calls `${python.pythonForBuild.interpreter} setup.py bdist_wheel` to
* In the [`buildPhase`](#build-phase), it calls `${python.pythonForBuild.interpreter} setup.py bdist_wheel` to
build a wheel binary zipfile.
* In the `installPhase`, it installs the wheel file using `pip install *.whl`.
* In the `postFixup` phase, the `wrapPythonPrograms` bash function is called to
* In the [`installPhase`](#ssec-install-phase), it installs the wheel file using `pip install *.whl`.
* In the [`postFixup`](#var-stdenv-postFixup) phase, the `wrapPythonPrograms` bash function is called to
wrap all programs in the `$out/bin/*` directory to include `$PATH`
environment variable and add dependent libraries to script's `sys.path`.
* In the `installCheck` phase, `${python.interpreter} setup.py test` is run.
* In the [`installCheck`](#ssec-installCheck-phase) phase, `${python.interpreter} setup.py test` is run.
By default tests are run because `doCheck = true`. Test dependencies, like
e.g. the test runner, should be added to `nativeCheckInputs`.
By default tests are run because [`doCheck = true`](#var-stdenv-doCheck). Test dependencies, like
e.g. the test runner, should be added to [`nativeCheckInputs`](#var-stdenv-nativeCheckInputs).
By default `meta.platforms` is set to the same value
as the interpreter unless overridden otherwise.
##### `buildPythonPackage` parameters {#buildpythonpackage-parameters}
All parameters from `stdenv.mkDerivation` function are still supported. The
All parameters from [`stdenv.mkDerivation`](#sec-using-stdenv) function are still supported. The
following are specific to `buildPythonPackage`:
* `catchConflicts ? true`: If `true`, abort package build if a package name
@ -177,8 +177,8 @@ following are specific to `buildPythonPackage`:
format. When unset, the legacy `setuptools` hooks are used for backwards
compatibility.
* `makeWrapperArgs ? []`: A list of strings. Arguments to be passed to
`makeWrapper`, which wraps generated binaries. By default, the arguments to
`makeWrapper` set `PATH` and `PYTHONPATH` environment variables before calling
[`makeWrapper`](#fun-makeWrapper), which wraps generated binaries. By default, the arguments to
[`makeWrapper`](#fun-makeWrapper) set `PATH` and `PYTHONPATH` environment variables before calling
the binary. Additional arguments here can allow a developer to set environment
variables which will be available when the binary is run. For example,
`makeWrapperArgs = ["--set FOO BAR" "--set BAZ QUX"]`.
@ -190,7 +190,7 @@ following are specific to `buildPythonPackage`:
* `pipBuildFlags ? []`: A list of strings. Arguments to be passed to `pip wheel`.
* `pypaBuildFlags ? []`: A list of strings. Arguments to be passed to `python -m build --wheel`.
* `pythonPath ? []`: List of packages to be added into `$PYTHONPATH`. Packages
in `pythonPath` are not propagated (contrary to `propagatedBuildInputs`).
in `pythonPath` are not propagated (contrary to [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs)).
* `preShellHook`: Hook to execute commands before `shellHook`.
* `postShellHook`: Hook to execute commands after `shellHook`.
* `removeBinByteCode ? true`: Remove bytecode from `/bin`. Bytecode is only
@ -198,7 +198,7 @@ following are specific to `buildPythonPackage`:
* `setupPyGlobalFlags ? []`: List of flags passed to `setup.py` command.
* `setupPyBuildFlags ? []`: List of flags passed to `setup.py build_ext` command.
The `stdenv.mkDerivation` function accepts various parameters for describing
The [`stdenv.mkDerivation`](#sec-using-stdenv) function accepts various parameters for describing
build inputs (see "Specifying dependencies"). The following are of special
interest for Python packages, either because these are primarily used, or
because their behaviour is different:
@ -208,8 +208,8 @@ because their behaviour is different:
* `buildInputs ? []`: Build and/or run-time dependencies that need to be
compiled for the host machine. Typically non-Python libraries which are being
linked.
* `nativeCheckInputs ? []`: Dependencies needed for running the `checkPhase`. These
are added to `nativeBuildInputs` when `doCheck = true`. Items listed in
* `nativeCheckInputs ? []`: Dependencies needed for running the [`checkPhase`](#ssec-check-phase). These
are added to [`nativeBuildInputs`](#var-stdenv-nativeBuildInputs) when [`doCheck = true`](#var-stdenv-doCheck). Items listed in
`tests_require` go here.
* `propagatedBuildInputs ? []`: Aside from propagating dependencies,
`buildPythonPackage` also injects code into and wraps executables with the
@ -266,17 +266,17 @@ compilation issues, because scipy dependencies need to use the same blas impleme
#### `buildPythonApplication` function {#buildpythonapplication-function}
The `buildPythonApplication` function is practically the same as
`buildPythonPackage`. The main purpose of this function is to build a Python
The [`buildPythonApplication`](#buildpythonapplication-function) function is practically the same as
[`buildPythonPackage`](#buildpythonpackage-function). The main purpose of this function is to build a Python
package where one is interested only in the executables, and not importable
modules. For that reason, when adding this package to a `python.buildEnv`, the
modules. For that reason, when adding this package to a [`python.buildEnv`](#python.buildenv-function), the
modules won't be made available.
Another difference is that `buildPythonPackage` by default prefixes the names of
Another difference is that [`buildPythonPackage`](#buildpythonpackage-function) by default prefixes the names of
the packages with the version of the interpreter. Because this is irrelevant for
applications, the prefix is omitted.
When packaging a Python application with `buildPythonApplication`, it should be
When packaging a Python application with [`buildPythonApplication`](#buildpythonapplication-function), it should be
called with `callPackage` and passed `python` or `pythonPackages` (possibly
specifying an interpreter version), like this:
@ -329,7 +329,7 @@ package is used as both. In this case the package is added as a library to
duplication the `toPythonApplication` can be used to convert a library to an
application.
The Nix expression shall use `buildPythonPackage` and be called from
The Nix expression shall use [`buildPythonPackage`](#buildpythonpackage-function) and be called from
`python-packages.nix`. A reference shall be created from `all-packages.nix` to
the attribute in `python-packages.nix`, and the `toPythonApplication` shall be
applied to the reference:
@ -341,7 +341,7 @@ youtube-dl = with pythonPackages; toPythonApplication youtube-dl;
#### `toPythonModule` function {#topythonmodule-function}
In some cases, such as bindings, a package is created using
`stdenv.mkDerivation` and added as attribute in `all-packages.nix`. The Python
[`stdenv.mkDerivation`](#sec-using-stdenv) and added as attribute in `all-packages.nix`. The Python
bindings should be made available from `python-packages.nix`. The
`toPythonModule` function takes a derivation and makes certain Python-specific
modifications.
@ -407,9 +407,9 @@ specified packages in its path.
#### `python.withPackages` function {#python.withpackages-function}
The `python.withPackages` function provides a simpler interface to the `python.buildEnv` functionality.
The [`python.withPackages`](#python.withpackages-function) function provides a simpler interface to the [`python.buildEnv`](#python.buildenv-function) functionality.
It takes a function as an argument that is passed the set of python packages and returns the list
of the packages to be included in the environment. Using the `withPackages` function, the previous
of the packages to be included in the environment. Using the [`withPackages`](#python.withpackages-function) function, the previous
example for the Pyramid Web Framework environment can be written like this:
```nix
@ -418,7 +418,7 @@ with import <nixpkgs> {};
python.withPackages (ps: [ ps.pyramid ])
```
`withPackages` passes the correct package set for the specific interpreter
[`withPackages`](#python.withpackages-function) passes the correct package set for the specific interpreter
version as an argument to the function. In the above example, `ps` equals
`pythonPackages`. But you can also easily switch to using python3:
@ -430,7 +430,7 @@ python3.withPackages (ps: [ ps.pyramid ])
Now, `ps` is set to `python3Packages`, matching the version of the interpreter.
As `python.withPackages` simply uses `python.buildEnv` under the hood, it also
As [`python.withPackages`](#python.withpackages-function) simply uses [`python.buildEnv`](#python.buildenv-function) under the hood, it also
supports the `env` attribute. The `shell.nix` file from the previous section can
thus be also written like this:
@ -443,17 +443,17 @@ with import <nixpkgs> {};
])).env
```
In contrast to `python.buildEnv`, `python.withPackages` does not support the
In contrast to [`python.buildEnv`](#python.buildenv-function), [`python.withPackages`](#python.withpackages-function) does not support the
more advanced options such as `ignoreCollisions = true` or `postBuild`. If you
need them, you have to use `python.buildEnv`.
need them, you have to use [`python.buildEnv`](#python.buildenv-function).
Python 2 namespace packages may provide `__init__.py` that collide. In that case
`python.buildEnv` should be used with `ignoreCollisions = true`.
[`python.buildEnv`](#python.buildenv-function) should be used with `ignoreCollisions = true`.
#### Setup hooks {#setup-hooks}
The following are setup hooks specifically for Python packages. Most of these
are used in `buildPythonPackage`.
are used in [`buildPythonPackage`](#buildpythonpackage-function).
- `eggUnpackhook` to move an egg to the correct folder so it can be installed
with the `eggInstallHook`
@ -486,7 +486,7 @@ are used in `buildPythonPackage`.
### Development mode {#development-mode}
Development or editable mode is supported. To develop Python packages
`buildPythonPackage` has additional logic inside `shellPhase` to run `pip
[`buildPythonPackage`](#buildpythonpackage-function) has additional logic inside `shellPhase` to run `pip
install -e . --prefix $TMPDIR/`for the package.
Warning: `shellPhase` is executed only if `setup.py` exists.
@ -567,7 +567,7 @@ without impacting other applications or polluting your user environment.
But Python libraries you would like to use for development cannot be installed,
at least not individually, because they won't be able to find each other
resulting in import errors. Instead, it is possible to create an environment
with `python.buildEnv` or `python.withPackages` where the interpreter and other
with [`python.buildEnv`](#python.buildenv-function) or [`python.withPackages`](#python.withpackages-function) where the interpreter and other
executables are wrapped to be able to find each other and all of the modules.
In the following examples we will start by creating a simple, ad-hoc environment
@ -747,8 +747,8 @@ What's happening here?
imports the `<nixpkgs>` function, `{}` calls it and the `with` statement
brings all attributes of `nixpkgs` in the local scope. These attributes form
the main package set.
2. Then we create a Python 3.11 environment with the `withPackages` function, as before.
3. The `withPackages` function expects us to provide a function as an argument
2. Then we create a Python 3.11 environment with the [`withPackages`](#python.withpackages-function) function, as before.
3. The [`withPackages`](#python.withpackages-function) function expects us to provide a function as an argument
that takes the set of all Python packages and returns a list of packages to
include in the environment. Here, we select the packages `numpy` and `toolz`
from the package set.
@ -859,7 +859,7 @@ we will look at how you can use development mode with your code.
#### Python library packages in Nixpkgs {#python-library-packages-in-nixpkgs}
With Nix all packages are built by functions. The main function in Nix for
building Python libraries is `buildPythonPackage`. Let's see how we can build the
building Python libraries is [`buildPythonPackage`](#buildpythonpackage-function). Let's see how we can build the
`toolz` package.
```nix
@ -904,13 +904,13 @@ buildPythonPackage rec {
}
```
What happens here? The function `buildPythonPackage` is called and as argument
What happens here? The function [`buildPythonPackage`](#buildpythonpackage-function) is called and as argument
it accepts a set. In this case the set is a recursive set, `rec`. One of the
arguments is the name of the package, which consists of a basename (generally
following the name on PyPi) and a version. Another argument, `src` specifies the
source, which in this case is fetched from PyPI using the helper function
`fetchPypi`. The argument `doCheck` is used to set whether tests should be run
when building the package. Since there are no tests, we rely on `pythonImportsCheck`
when building the package. Since there are no tests, we rely on [`pythonImportsCheck`](#using-pythonimportscheck)
to test whether the package can be imported. Furthermore, we specify some meta
information. The output of the function is a derivation.
@ -969,7 +969,7 @@ for which Python version we want to build a package.
So, what did we do here? Well, we took the Nix expression that we used earlier
to build a Python environment, and said that we wanted to include our own
version of `toolz`, named `my_toolz`. To introduce our own package in the scope
of `withPackages` we used a `let` expression. You can see that we used
of [`withPackages`](#python.withpackages-function) we used a `let` expression. You can see that we used
`ps.numpy` to select numpy from the nixpkgs package set (`ps`). We did not take
`toolz` from the Nixpkgs package set this time, but instead took our own version
that we introduced with the `let` expression.
@ -977,14 +977,14 @@ that we introduced with the `let` expression.
#### Handling dependencies {#handling-dependencies}
Our example, `toolz`, does not have any dependencies on other Python packages or
system libraries. According to the manual, `buildPythonPackage` uses the
arguments `buildInputs` and `propagatedBuildInputs` to specify dependencies. If
system libraries. According to the manual, [`buildPythonPackage`](#buildpythonpackage-function) uses the
arguments [`buildInputs`](#var-stdenv-buildInputs) and [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs) to specify dependencies. If
something is exclusively a build-time dependency, then the dependency should be
included in `buildInputs`, but if it is (also) a runtime dependency, then it
should be added to `propagatedBuildInputs`. Test dependencies are considered
build-time dependencies and passed to `nativeCheckInputs`.
included in [`buildInputs`](#var-stdenv-buildInputs), but if it is (also) a runtime dependency, then it
should be added to [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs). Test dependencies are considered
build-time dependencies and passed to [`nativeCheckInputs`](#var-stdenv-nativeCheckInputs).
The following example shows which arguments are given to `buildPythonPackage` in
The following example shows which arguments are given to [`buildPythonPackage`](#buildpythonpackage-function) in
order to build [`datashape`](https://github.com/blaze/datashape).
```nix
@ -1038,14 +1038,14 @@ buildPythonPackage rec {
```
We can see several runtime dependencies, `numpy`, `multipledispatch`, and
`python-dateutil`. Furthermore, we have `nativeCheckInputs` with `pytest`.
`pytest` is a test runner and is only used during the `checkPhase` and is
therefore not added to `propagatedBuildInputs`.
`python-dateutil`. Furthermore, we have [`nativeCheckInputs`](#var-stdenv-nativeCheckInputs) with `pytest`.
`pytest` is a test runner and is only used during the [`checkPhase`](#ssec-check-phase) and is
therefore not added to [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs).
In the previous case we had only dependencies on other Python packages to consider.
Occasionally you have also system libraries to consider. E.g., `lxml` provides
Python bindings to `libxml2` and `libxslt`. These libraries are only required
when building the bindings and are therefore added as `buildInputs`.
when building the bindings and are therefore added as [`buildInputs`](#var-stdenv-buildInputs).
```nix
{ lib
@ -1093,7 +1093,7 @@ files of the dependencies are. This is not always the case.
The example below shows bindings to The Fastest Fourier Transform in the West,
commonly known as FFTW. On Nix we have separate packages of FFTW for the
different types of floats (`"single"`, `"double"`, `"long-double"`). The
bindings need all three types, and therefore we add all three as `buildInputs`.
bindings need all three types, and therefore we add all three as [`buildInputs`](#var-stdenv-buildInputs).
The bindings don't expect to find each of them in a different folder, and
therefore we have to set `LDFLAGS` and `CFLAGS`.
@ -1158,7 +1158,7 @@ buildPythonPackage rec {
}
```
Note also the line `doCheck = false;`, we explicitly disabled running the test-suite.
Note also the line [`doCheck = false;`](#var-stdenv-doCheck), we explicitly disabled running the test-suite.
#### Testing Python Packages {#testing-python-packages}
@ -1167,10 +1167,10 @@ helps to avoid situations where the package was able to build and install,
but is not usable at runtime. Currently, all packages will use the `test`
command provided by the setup.py (i.e. `python setup.py test`). However,
this is currently deprecated https://github.com/pypa/setuptools/pull/1878
and your package should provide its own checkPhase.
and your package should provide its own [`checkPhase`](#ssec-check-phase).
::: {.note}
The `checkPhase` for python maps to the `installCheckPhase` on a
The [`checkPhase`](#ssec-check-phase) for python maps to the `installCheckPhase` on a
normal derivation. This is due to many python packages not behaving well
to the pre-installed version of the package. Version info, and natively
compiled extensions generally only exist in the install directory, and
@ -1235,7 +1235,7 @@ been removed, in this case, it's recommended to use `pytestCheckHook`.
#### Using pytestCheckHook {#using-pytestcheckhook}
`pytestCheckHook` is a convenient hook which will substitute the setuptools
`test` command for a `checkPhase` which runs `pytest`. This is also beneficial
`test` command for a [`checkPhase`](#ssec-check-phase) which runs `pytest`. This is also beneficial
when a package may need many items disabled to run the test suite.
Using the example above, the analogous `pytestCheckHook` usage would be:
@ -1280,14 +1280,14 @@ for example:
```
Trying to concatenate the related strings to disable tests in a regular
`checkPhase` would be much harder to read. This also enables us to comment on
[`checkPhase`](#ssec-check-phase) would be much harder to read. This also enables us to comment on
why specific tests are disabled.
#### Using pythonImportsCheck {#using-pythonimportscheck}
Although unit tests are highly preferred to validate correctness of a package, not
all packages have test suites that can be run easily, and some have none at all.
To help ensure the package still works, `pythonImportsCheck` can attempt to import
To help ensure the package still works, [`pythonImportsCheck`](#using-pythonimportscheck) can attempt to import
the listed modules.
```
@ -1306,7 +1306,7 @@ roughly translates to:
'';
```
However, this is done in its own phase, and not dependent on whether `doCheck = true;`.
However, this is done in its own phase, and not dependent on whether [`doCheck = true;`](#var-stdenv-doCheck).
This can also be useful in verifying that the package doesn't assume commonly
present packages (e.g. `setuptools`).
@ -1378,11 +1378,11 @@ instead of a dev dependency).
Keep in mind that while the examples above are done with `requirements.txt`,
`pythonRelaxDepsHook` works by modifying the resulting wheel file, so it should
work with any of the existing [hooks](#setup-hooks).
work with any of the [existing hooks](#setup-hooks).
#### Using unittestCheckHook {#using-unittestcheckhook}
`unittestCheckHook` is a hook which will substitute the setuptools `test` command for a `checkPhase` which runs `python -m unittest discover`:
`unittestCheckHook` is a hook which will substitute the setuptools `test` command for a [`checkPhase`](#ssec-check-phase) which runs `python -m unittest discover`:
```
nativeCheckInputs = [
@ -1452,15 +1452,15 @@ mode is also available. Let's see how you can use it.
In the previous Nix expression the source was fetched from a url. We can also
refer to a local source instead using `src = ./path/to/source/tree;`
If we create a `shell.nix` file which calls `buildPythonPackage`, and if `src`
If we create a `shell.nix` file which calls [`buildPythonPackage`](#buildpythonpackage-function), and if `src`
is a local source, and if the local source has a `setup.py`, then development
mode is activated.
In the following example, we create a simple environment that has a Python 3.11
version of our package in it, as well as its dependencies and other packages we
like to have in the environment, all specified with `propagatedBuildInputs`.
like to have in the environment, all specified with [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs).
Indeed, we can just add any package we like to have in our environment to
`propagatedBuildInputs`.
[`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs).
```nix
with import <nixpkgs> {};
@ -1494,7 +1494,7 @@ own packages. The important functions here are `import` and `callPackage`.
### Including a derivation using `callPackage` {#including-a-derivation-using-callpackage}
Earlier we created a Python environment using `withPackages`, and included the
Earlier we created a Python environment using [`withPackages`](#python.withpackages-function), and included the
`toolz` package via a `let` expression.
Let's split the package definition from the environment definition.
@ -1533,7 +1533,7 @@ buildPythonPackage rec {
}
```
It takes an argument `buildPythonPackage`. We now call this function using
It takes an argument [`buildPythonPackage`](#buildpythonpackage-function). We now call this function using
`callPackage` in the definition of our environment
```nix
@ -1552,10 +1552,10 @@ Packages.buildPythonPackage;
```
Important to remember is that the Python version for which the package is made
depends on the `python` derivation that is passed to `buildPythonPackage`. Nix
depends on the `python` derivation that is passed to [`buildPythonPackage`](#buildpythonpackage-function). Nix
tries to automatically pass arguments when possible, which is why generally you
don't explicitly define which `python` derivation should be used. In the above
example we use `buildPythonPackage` that is part of the set `python3Packages`,
example we use [`buildPythonPackage`](#buildpythonpackage-function) that is part of the set `python3Packages`,
and in this case the `python3` interpreter is automatically used.
## FAQ {#faq}
@ -1698,7 +1698,7 @@ Python, guarantees the right versions of the interpreter and libraries or
packages are available. There is therefore no need to maintain a global `site-packages`.
If you want to create a Python environment for development, then the recommended
method is to use `nix-shell`, either with or without the `python.buildEnv`
method is to use `nix-shell`, either with or without the [`python.buildEnv`](#python.buildenv-function)
function.
### How to consume Python modules using pip in a virtual environment like I am used to on other Operating Systems? {#how-to-consume-python-modules-using-pip-in-a-virtual-environment-like-i-am-used-to-on-other-operating-systems}
@ -1875,7 +1875,7 @@ self: super: {
### How to override a Python package for all Python versions using extensions? {#how-to-override-a-python-package-for-all-python-versions-using-extensions}
The following overlay overrides the call to `buildPythonPackage` for the
The following overlay overrides the call to [`buildPythonPackage`](#buildpythonpackage-function) for the
`foo` package for all interpreters by appending a Python extension to the
`pythonPackagesExtensions` list of extensions.
@ -1902,9 +1902,9 @@ configure alternatives](#sec-overlays-alternatives-blas-lapack)".
In a `setup.py` or `setup.cfg` it is common to declare dependencies:
* `setup_requires` corresponds to `nativeBuildInputs`
* `install_requires` corresponds to `propagatedBuildInputs`
* `tests_require` corresponds to `nativeCheckInputs`
* `setup_requires` corresponds to [`nativeBuildInputs`](#var-stdenv-nativeBuildInputs)
* `install_requires` corresponds to [`propagatedBuildInputs`](#var-stdenv-propagatedBuildInputs)
* `tests_require` corresponds to [`nativeCheckInputs`](#var-stdenv-nativeCheckInputs)
### How to enable interpreter optimizations? {#optimizations}
@ -1951,7 +1951,7 @@ collisions.
### How to contribute a Python package to nixpkgs? {#tools}
Packages inside nixpkgs must use the `buildPythonPackage` or `buildPythonApplication` function directly,
Packages inside nixpkgs must use the [`buildPythonPackage`](#buildpythonpackage-function) or [`buildPythonApplication`](#buildpythonapplication-function) function directly,
because we can only provide security support for non-vendored dependencies.
We recommend [nix-init](https://github.com/nix-community/nix-init) for creating new python packages within nixpkgs,
@ -1965,7 +1965,7 @@ has security implications and is relevant for those using Python in a
`nix-shell`.
When the environment variable `DETERMINISTIC_BUILD` is set, all bytecode will
have timestamp 1. The `buildPythonPackage` function sets `DETERMINISTIC_BUILD=1`
have timestamp 1. The [`buildPythonPackage`](#buildpythonpackage-function) function sets `DETERMINISTIC_BUILD=1`
and [PYTHONHASHSEED=0](https://docs.python.org/3.11/using/cmdline.html#envvar-PYTHONHASHSEED).
Both are also exported in `nix-shell`.
@ -1975,12 +1975,12 @@ It is recommended to test packages as part of the build process.
Source distributions (`sdist`) often include test files, but not always.
By default the command `python setup.py test` is run as part of the
`checkPhase`, but often it is necessary to pass a custom `checkPhase`. An
[`checkPhase`](#ssec-check-phase), but often it is necessary to pass a custom [`checkPhase`](#ssec-check-phase). An
example of such a situation is when `py.test` is used.
#### Common issues {#common-issues}
* Non-working tests can often be deselected. By default `buildPythonPackage`
* Non-working tests can often be deselected. By default [`buildPythonPackage`](#buildpythonpackage-function)
runs `python setup.py test`. which is deprecated. Most Python modules however
do follow the standard test protocol where the pytest runner can be used
instead. `pytest` supports the `-k` and `--ignore` parameters to ignore test
@ -2015,10 +2015,10 @@ example of such a situation is when `py.test` is used.
The following rules are desired to be respected:
* Python libraries are called from `python-packages.nix` and packaged with
`buildPythonPackage`. The expression of a library should be in
[`buildPythonPackage`](#buildpythonpackage-function). The expression of a library should be in
`pkgs/development/python-modules/<name>/default.nix`.
* Python applications live outside of `python-packages.nix` and are packaged
with `buildPythonApplication`.
with [`buildPythonApplication`](#buildpythonapplication-function).
* Make sure libraries build for all Python interpreters.
* By default we enable tests. Make sure the tests are found and, in the case of
libraries, are passing for all interpreters. If certain tests fail they can be

2
nixos/doc/manual/release-notes/rl-2311.section.md
View File

@ -229,6 +229,8 @@
- `rome` was removed because it is no longer maintained and is succeeded by `biome`.
- The `services.mtr-exporter.target` has been removed in favor of `services.mtr-exporter.jobs` which allows specifying multiple targets.
## Other Notable Changes {#sec-release-23.11-notable-changes}
- The Cinnamon module now enables XDG desktop integration by default. If you are experiencing collisions related to xdg-desktop-portal-gtk you can safely remove `xdg.portal.extraPortals = [ pkgs.xdg-desktop-portal-gtk ];` from your NixOS configuration.

117
nixos/modules/services/networking/mtr-exporter.nix
View File

@ -2,32 +2,26 @@
let
inherit (lib)
maintainers types mkEnableOption mkOption mkIf
literalExpression escapeShellArg escapeShellArgs;
maintainers types literalExpression
escapeShellArg escapeShellArgs
mkEnableOption mkOption mkRemovedOptionModule mkIf mdDoc
optionalString concatMapStrings concatStringsSep;
cfg = config.services.mtr-exporter;
jobsConfig = pkgs.writeText "mtr-exporter.conf" (concatMapStrings (job: ''
${job.name} -- ${job.schedule} -- ${concatStringsSep " " job.flags} ${job.address}
'') cfg.jobs);
in {
imports = [
(mkRemovedOptionModule [ "services" "mtr-exporter" "target" ] "Use services.mtr-exporter.jobs instead.")
(mkRemovedOptionModule [ "services" "mtr-exporter" "mtrFlags" ] "Use services.mtr-exporter.jobs.<job>.flags instead.")
];
options = {
services = {
mtr-exporter = {
enable = mkEnableOption (lib.mdDoc "a Prometheus exporter for MTR");
target = mkOption {
type = types.str;
example = "example.org";
description = lib.mdDoc "Target to check using MTR.";
};
interval = mkOption {
type = types.int;
default = 60;
description = lib.mdDoc "Interval between MTR checks in seconds.";
};
port = mkOption {
type = types.port;
default = 8080;
description = lib.mdDoc "Listen port for MTR exporter.";
};
enable = mkEnableOption (mdDoc "a Prometheus exporter for MTR");
address = mkOption {
type = types.str;
@ -35,30 +29,87 @@ in {
description = lib.mdDoc "Listen address for MTR exporter.";
};
mtrFlags = mkOption {
type = with types; listOf str;
port = mkOption {
type = types.port;
default = 8080;
description = mdDoc "Listen port for MTR exporter.";
};
extraFlags = mkOption {
type = types.listOf types.str;
default = [];
example = ["-G1"];
description = lib.mdDoc "Additional flags to pass to MTR.";
example = ["-flag.deprecatedMetrics"];
description = mdDoc ''
Extra command line options to pass to MTR exporter.
'';
};
package = mkOption {
type = types.package;
default = pkgs.mtr-exporter;
defaultText = literalExpression "pkgs.mtr-exporter";
description = mdDoc "The MTR exporter package to use.";
};
mtrPackage = mkOption {
type = types.package;
default = pkgs.mtr;
defaultText = literalExpression "pkgs.mtr";
description = mdDoc "The MTR package to use.";
};
jobs = mkOption {
description = mdDoc "List of MTR jobs. Will be added to /etc/mtr-exporter.conf";
type = types.nonEmptyListOf (types.submodule {
options = {
name = mkOption {
type = types.str;
description = mdDoc "Name of ICMP pinging job.";
};
address = mkOption {
type = types.str;
example = "host.example.org:1234";
description = mdDoc "Target address for MTR client.";
};
schedule = mkOption {
type = types.str;
default = "@every 60s";
example = "@hourly";
description = mdDoc "Schedule of MTR checks. Also accepts Cron format.";
};
flags = mkOption {
type = with types; listOf str;
default = [];
example = ["-G1"];
description = mdDoc "Additional flags to pass to MTR.";
};
};
});
};
};
};
};
config = mkIf cfg.enable {
environment.etc."mtr-exporter.conf" = {
source = jobsConfig;
};
systemd.services.mtr-exporter = {
script = ''
exec ${pkgs.mtr-exporter}/bin/mtr-exporter \
-mtr ${pkgs.mtr}/bin/mtr \
-schedule '@every ${toString cfg.interval}s' \
-bind ${escapeShellArg cfg.address}:${toString cfg.port} \
-- \
${escapeShellArgs (cfg.mtrFlags ++ [ cfg.target ])}
'';
wantedBy = [ "multi-user.target" ];
requires = [ "network.target" ];
after = [ "network.target" ];
serviceConfig = {
ExecStart = ''
${cfg.package}/bin/mtr-exporter \
-mtr '${cfg.mtrPackage}/bin/mtr' \
-bind ${escapeShellArg "${cfg.address}:${toString cfg.port}"} \
-jobs '${jobsConfig}' \
${escapeShellArgs cfg.extraFlags}
'';
Restart = "on-failure";
# Hardening
CapabilityBoundingSet = [ "" ];

21
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -27,13 +27,11 @@ let
mkValueString = mkValueStringSshd;
} " ";});
configFile = settingsFormat.generate "config" cfg.settings;
sshconf = pkgs.runCommand "sshd.conf-validated" { nativeBuildInputs = [ validationPackage ]; } ''
configFile = settingsFormat.generate "sshd.conf-settings" cfg.settings;
sshconf = pkgs.runCommand "sshd.conf-final" { } ''
cat ${configFile} - >$out <<EOL
${cfg.extraConfig}
EOL
sshd -G -f $out
'';
cfg = config.services.openssh;
@ -576,6 +574,21 @@ in
'')}
'';
system.checks = [
(pkgs.runCommand "check-sshd-config"
{
nativeBuildInputs = [ validationPackage ];
} ''
${concatMapStringsSep "\n"
(lport: "sshd -G -T -C lport=${toString lport} -f ${sshconf} > /dev/null")
cfg.ports}
${concatMapStringsSep "\n"
(la: "sshd -G -T -C laddr=${la.addr},lport=${toString la.port} -f ${sshconf} > /dev/null")
cfg.listenAddresses}
touch $out
'')
];
assertions = [{ assertion = if cfg.settings.X11Forwarding then cfgc.setXAuthLocation else true;
message = "cannot enable X11 forwarding without setting xauth location";}
(let

9
nixos/modules/services/web-servers/garage.nix
View File

@ -23,6 +23,12 @@ in
example = { RUST_BACKTRACE="yes"; };
};
environmentFile = mkOption {
type = types.nullOr types.path;
description = lib.mdDoc "File containing environment variables to be passed to the Garage server.";
default = null;
};
logLevel = mkOption {
type = types.enum (["info" "debug" "trace"]);
default = "info";
@ -80,7 +86,7 @@ in
after = [ "network.target" "network-online.target" ];
wants = [ "network.target" "network-online.target" ];
wantedBy = [ "multi-user.target" ];
restartTriggers = [ configFile ];
restartTriggers = [ configFile ] ++ (lib.optional (cfg.environmentFile != null) cfg.environmentFile);
serviceConfig = {
ExecStart = "${cfg.package}/bin/garage server";
@ -88,6 +94,7 @@ in
DynamicUser = lib.mkDefault true;
ProtectHome = true;
NoNewPrivileges = true;
EnvironmentFile = lib.optional (cfg.environmentFile != null) cfg.environmentFile;
};
environment = {
RUST_LOG = lib.mkDefault "garage=${cfg.logLevel}";

33
nixos/tests/openssh.nix
View File

@ -52,6 +52,36 @@ in {
};
};
server_match_rule =
{ ... }:
{
services.openssh = {
enable = true; listenAddresses = [ { addr = "127.0.0.1"; port = 22; } ];
extraConfig = ''
# Combined test for two (predictable) Match criterias
Match LocalAddress 127.0.0.1 LocalPort 22
PermitRootLogin yes
# Separate tests for Match criterias
Match User root
PermitRootLogin yes
Match Group root
PermitRootLogin yes
Match Host nohost.example
PermitRootLogin yes
Match LocalAddress 127.0.0.1
PermitRootLogin yes
Match LocalPort 22
PermitRootLogin yes
Match RDomain nohost.example
PermitRootLogin yes
Match Address 127.0.0.1
PermitRootLogin yes
'';
};
};
client =
{ ... }: { };
@ -114,5 +144,8 @@ in {
with subtest("localhost-only"):
server_localhost_only.succeed("ss -nlt | grep '127.0.0.1:22'")
server_localhost_only_lazy.succeed("ss -nlt | grep '127.0.0.1:22'")
with subtest("match-rules"):
server_match_rule.succeed("ss -nlt | grep '127.0.0.1:22'")
'';
})

13
pkgs/applications/display-managers/lemurs/default.nix
View File

@ -3,19 +3,21 @@
lib,
linux-pam,
rustPlatform,
testers,
lemurs,
}:
rustPlatform.buildRustPackage rec {
pname = "lemurs";
version = "0.3.1";
version = "0.3.2";
src = fetchFromGitHub {
owner = "coastalwhite";
repo = "lemurs";
rev = "v${version}";
hash = "sha256-6mNSLEWafw8yDGnemOhEiK8FTrBC+6+PuhlbOXTGmN0=";
hash = "sha256-YDopY+wdWlVL2X+/wc1tLSSqFclAkt++JXMK3VodD4s=";
};
cargoHash = "sha256-nfUBC1HSs7PcIbD7MViJFkfFAPda83XbAupNeShfwOs=";
cargoHash = "sha256-uuHPJe+1VsnLRGbHtgTMrib6Tk359cwTDVfvtHnDToo=";
# Fixes a lock issue
preConfigure = "cargo update --offline";
@ -24,10 +26,15 @@ rustPlatform.buildRustPackage rec {
linux-pam
];
passthru.tests.version = testers.testVersion {
package = lemurs;
};
meta = with lib; {
description = "A customizable TUI display/login manager written in Rust";
homepage = "https://github.com/coastalwhite/lemurs";
license = with licenses; [asl20 mit];
maintainers = with maintainers; [jeremiahs];
mainProgram = "lemurs";
};
}

6
pkgs/applications/editors/setzer/default.nix
View File

@ -20,13 +20,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "setzer";
version = "59";
version = "60";
src = fetchFromGitHub {
owner = "cvfosammmm";
repo = "Setzer";
rev = "v${version}";
hash = "sha256-PmkEOOi30Fa8VXNmKPvp6UAaw74MID9uTaCzXs9vPpk=";
hash = "sha256-SfMqGQKJtPTMSv4B70jOvTAIzNQc0AC16mum4fuNch4=";
};
format = "other";
@ -54,8 +54,10 @@ python3.pkgs.buildPythonApplication rec {
propagatedBuildInputs = with python3.pkgs; [
bibtexparser
numpy
pdfminer-six
pexpect
pillow
pycairo
pygobject3
pyxdg

4
pkgs/applications/file-managers/clifm/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "clifm";
version = "1.13";
version = "1.14.6";
src = fetchFromGitHub {
owner = "leo-arch";
repo = pname;
rev = "v${version}";
sha256 = "sha256-Y9z3HT36Z1fwweOnniRgyNQX1cbrLSGGgB5UAxkq9mI=";
sha256 = "sha256-0EOG7BAZL3OPP2/qePNkljAa0/Qb3zwuJWz2P4l8GZc=";
};
buildInputs = [ libcap acl file readline ];

8
pkgs/applications/misc/prusa-slicer/default.nix
View File

@ -67,7 +67,7 @@ let
});
wxGTK-override' = if wxGTK-override == null then wxGTK-prusa else wxGTK-override;
in
stdenv.mkDerivation rec {
stdenv.mkDerivation (finalAttrs: {
pname = "prusa-slicer";
version = "2.6.1";
@ -105,7 +105,7 @@ stdenv.mkDerivation rec {
xorg.libX11
] ++ lib.optionals withSystemd [
systemd
] ++ nativeCheckInputs;
] ++ finalAttrs.nativeCheckInputs;
doCheck = true;
nativeCheckInputs = [ gtest ];
@ -167,7 +167,7 @@ stdenv.mkDerivation rec {
owner = "prusa3d";
repo = "PrusaSlicer";
hash = "sha256-t5lnBL7SZVfyR680ZK29YXgE3pag+uVv4+BGJZq40/A=";
rev = "version_${version}";
rev = "version_${finalAttrs.version}";
};
cmakeFlags = [
@ -201,4 +201,4 @@ stdenv.mkDerivation rec {
} // lib.optionalAttrs (stdenv.isDarwin) {
mainProgram = "PrusaSlicer";
};
}
})

12
pkgs/applications/networking/browsers/microsoft-edge/default.nix
View File

@ -1,20 +1,20 @@
{
stable = import ./browser.nix {
channel = "stable";
version = "117.0.2045.35";
version = "117.0.2045.40";
revision = "1";
sha256 = "sha256-2am+TLZC024mpxOk6GLB0TZY+Kfnm/CyH8sMBLod1Js=";
sha256 = "sha256-gRlw+hxix4CnviCrH+evmiwSctXJts8/68Oiwr5VKzk=";
};
beta = import ./browser.nix {
channel = "beta";
version = "117.0.2045.31";
version = "118.0.2088.11";
revision = "1";
sha256 = "sha256-Nee99jE6kswYfmZlMjv4EV4HDz1l+9YhhWHonhe2uUM=";
sha256 = "sha256-r++W+tnFxh85c9k4VooCy+6mre/8nU/7nrrt+AK1x+M=";
};
dev = import ./browser.nix {
channel = "dev";
version = "118.0.2088.9";
version = "119.0.2109.1";
revision = "1";
sha256 = "sha256-JNIccQrdLpiEItgt4Lh0eZQgnXE+5Lx3vGDjzm5sKWM=";
sha256 = "sha256-ZIL8CD8eb/JvJs8P9GoT+yXWccS9roqPl6iDz+0K7LI=";
};
}

6
pkgs/applications/networking/cluster/werf/default.nix
View File

@ -10,16 +10,16 @@
buildGoModule rec {
pname = "werf";
version = "1.2.255";
version = "1.2.259";
src = fetchFromGitHub {
owner = "werf";
repo = "werf";
rev = "v${version}";
hash = "sha256-XrW/owPeh+lpkGDy0iNigu68Zx0dZIyBhrUkOXaHsaM=";
hash = "sha256-A5sK+M/mjAsDMuqPvBNKML7rDzYMPKtN5VW4pX/sWCM=";
};
vendorHash = "sha256-rLUZnjrKZd1Br4upb+cGY3AMKtKVNxO/VxntmRLGu8A=";
vendorHash = "sha256-gfh55taGIuigMCJw0hZuSA0q39V19LCPAUYqZiTinB4=";
proxyVendor = true;

4
pkgs/applications/office/morgen/default.nix
View File

@ -3,11 +3,11 @@
stdenv.mkDerivation rec {
pname = "morgen";
version = "3.0.0";
version = "3.0.1";
src = fetchurl {
url = "https://download.todesktop.com/210203cqcj00tw1/morgen-${version}.deb";
sha256 = "sha256-6d1KYUlXv+bHPITt2zs++AtyaAT8SSCG9T8ZsgOKDiw=";
sha256 = "sha256-lj+V5mntZzED2ZS62Uwlt/vTXwSuwzXeuEw8y/bA6og=";
};
nativeBuildInputs = [

9
pkgs/applications/science/electronics/librepcb/default.nix
View File

@ -1,21 +1,22 @@
{ stdenv, lib, fetchFromGitHub
, qtbase, qttools, cmake, wrapQtAppsHook
, qtbase, qttools, qtquickcontrols2, opencascade-occt, libGLU, libSM, freeimage, cmake, wrapQtAppsHook
}:
stdenv.mkDerivation rec {
pname = "librepcb";
version = "0.1.7";
version = "1.0.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = version;
sha256 = "sha256-zqvvc3CHqdRWVUFt4BkH5Vq50/FKNvMNW2NvGyfWwFM=";
sha256 = "sha256-2o2Gue/RnDWxe8jk/Ehx9CM+B3ac5rEQn0H7yodUEZ8=";
fetchSubmodules = true;
};
nativeBuildInputs = [ cmake qttools wrapQtAppsHook ];
nativeBuildInputs = [ cmake qttools wrapQtAppsHook qtquickcontrols2 opencascade-occt libGLU ];
buildInputs = [ qtbase ];
propagatedBuildInputs = [ libSM freeimage ];
meta = with lib; {
description = "A free EDA software to develop printed circuit boards";

4
pkgs/applications/window-managers/phosh/default.nix
View File

@ -36,7 +36,7 @@
stdenv.mkDerivation rec {
pname = "phosh";
version = "0.30.0";
version = "0.31.1";
src = fetchFromGitLab {
domain = "gitlab.gnome.org";
@ -45,7 +45,7 @@ stdenv.mkDerivation rec {
repo = pname;
rev = "v${version}";
fetchSubmodules = true; # including gvc and libcall-ui which are designated as subprojects
sha256 = "sha256-AfyVtgWqvlN1n+O+apf6H9eXnXN2D0BC4dea2V4Plog=";
sha256 = "sha256-ZdZKymmOzhlJtsFl+ix5kERnfgjCggDpvDhL4vzS4mc=";
};
nativeBuildInputs = [

4
pkgs/by-name/al/algol68g/package.nix
View File

@ -9,11 +9,11 @@
stdenv.mkDerivation (finalAttrs: {
pname = "algol68g";
version = "3.3.22";
version = "3.3.23";
src = fetchurl {
url = "https://jmvdveer.home.xs4all.nl/algol68g-${finalAttrs.version}.tar.gz";
hash = "sha256-cSD6lngCy7SC2P7GyUCajk6i863a3vvCjtgZLF0TrIA=";
hash = "sha256-NXSIm+Vl7/NT8ks0bNqWAIYlbtzGv0q0czxhGolF1bs=";
};
outputs = [ "out" "man" ] ++ lib.optional withPDFDoc "doc";

47
pkgs/by-name/sa/samrewritten/package.nix Normal file
View File

@ -0,0 +1,47 @@
{ lib
, stdenv
, fetchFromGitHub
, unstableGitUpdater
, curl
, gtkmm3
, glibmm
, gnutls
, yajl
, pkg-config
}:
stdenv.mkDerivation (finalAttrs: {
pname = "samrewritten";
version = "unstable-2023-05-23";
src = fetchFromGitHub {
owner = "PaulCombal";
repo = "SamRewritten";
# The latest release is too old, use latest commit instead
rev = "39d524a72678a226bf9140db6b97641f554563c3";
hash = "sha256-sS/lVY5EWXdTOg7cDWPbi/n5TNt+pRAF1x7ZEaYG4wM=";
};
makeFlags = [ "PREFIX=$(out)" ];
nativeBuildInputs = [
pkg-config
];
buildInputs = [
curl
gtkmm3
glibmm
gnutls
yajl
];
passthru.updateScript = unstableGitUpdater { };
meta = {
description = "Steam Achievement Manager For Linux. Rewritten in C++";
homepage = "https://github.com/PaulCombal/SamRewritten";
license = lib.licenses.gpl3Plus;
maintainers = with lib.maintainers; [ ludovicopiero ];
platforms = lib.platforms.linux;
};
})

6
pkgs/development/compilers/erg/default.nix
View File

@ -9,16 +9,16 @@
rustPlatform.buildRustPackage rec {
pname = "erg";
version = "0.6.20";
version = "0.6.21";
src = fetchFromGitHub {
owner = "erg-lang";
repo = "erg";
rev = "v${version}";
hash = "sha256-xu6lbCdXUf5fqGoEGui44tVpVXlSOdfNFTyAurFRsDA=";
hash = "sha256-NS9LpnCAYmninAcliwdEXPSYqqQZ8impaaK2eceoi3k=";
};
cargoHash = "sha256-pRuruqBXnSkTzEPTyZlX130z5IJPxEqWB2/38B7aCeI=";
cargoHash = "sha256-JJPbArXb3Hmf7bDRlYM0ZOnaolYnDtc41EFazFtApWc=";
nativeBuildInputs = [
makeWrapper

6
pkgs/development/embedded/arduino/arduino-cli/default.nix
View File

@ -4,13 +4,13 @@ let
pkg = buildGoModule rec {
pname = "arduino-cli";
version = "0.33.0";
version = "0.34.2";
src = fetchFromGitHub {
owner = "arduino";
repo = pname;
rev = version;
hash = "sha256-iwVxaNkz4AgLXPRjzD3vNJ7k+whWvpQUl66nSmRFW+U=";
hash = "sha256-X7vrcaJkVqzZoaIFLWJhhdlgRpckLG69uVmUUZd/XXY=";
};
nativeBuildInputs = [
@ -23,7 +23,7 @@ let
subPackages = [ "." ];
vendorHash = "sha256-efZnuxXbC31u7FciULGYvpaWiCm9boQRLUpxW9evyJQ=";
vendorHash = "sha256-cr5D7QDh65xWZJ4gq32ehklwrHWyQEWW/FZZ4gPTJBk=";
postPatch = let
skipTests = [

6
pkgs/development/interpreters/php/8.3.nix
View File

@ -2,12 +2,12 @@
let
base = (callPackage ./generic.nix (_args // {
version = "8.3.0RC1";
version = "8.3.0RC2";
hash = null;
})).overrideAttrs (oldAttrs: {
src = fetchurl {
url = "https://downloads.php.net/~jakub/php-8.3.0RC1.tar.xz";
hash = "sha256-pWnkxSIhzKU8Cp+AiGzqhqRtWoJu+zBfCM45n2ugH7c=";
url = "https://downloads.php.net/~eric/php-8.3.0RC2.tar.xz";
hash = "sha256-0Lo9msTyjfU9kuq0QkvUv4yeshM2tUizMJb9oCggMtw=";
};
});
in

4
pkgs/development/libraries/libglibutil/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "libglibutil";
version = "1.0.71";
version = "1.0.74";
src = fetchFromGitHub {
owner = "sailfishos";
repo = pname;
rev = version;
sha256 = "sha256-I58XN1Ku5VVmxuTZ6yPm8jWGKscwLOhetWC+6B6EZRE=";
sha256 = "sha256-+nIB516XUPjfI3fHru48sU/5PYL/w14/sMK/B8FLflI=";
};
outputs = [ "out" "dev" ];

4
pkgs/development/libraries/libharu/default.nix
View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "libharu";
version = "2.4.3";
version = "2.4.4";
src = fetchFromGitHub {
owner = "libharu";
repo = pname;
rev = "v${version}";
hash = "sha256-v8eD1ZEFQFA7ceWOgOmq7hP0ZMPfxjdAp7ov4PBPaAE=";
hash = "sha256-tw/E79Cg/8kIei6NUu1W+mP0sUDCm8KTB7ZjzxsqpeM=";
};
nativeBuildInputs = [ cmake ];

4
pkgs/development/php-packages/php-cs-fixer/default.nix
View File

@ -2,14 +2,14 @@
let
pname = "php-cs-fixer";
version = "3.22.0";
version = "3.28.0";
in
mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://github.com/FriendsOfPHP/PHP-CS-Fixer/releases/download/v${version}/php-cs-fixer.phar";
sha256 = "sha256-iP5dmJkYZ/E1TAm4oLOCCQ5DCc4+I3CcEr8tOezzCt4=";
sha256 = "sha256-5dhS4QroRY9tGGSsXQfzWw5ObWO5fIoc+nkOUpAjUlQ=";
};
dontUnpack = true;

4
pkgs/development/python-modules/pdoc/default.nix
View File

@ -13,7 +13,7 @@
buildPythonPackage rec {
pname = "pdoc";
version = "14.0.0";
version = "14.1.0";
disabled = pythonOlder "3.8";
format = "pyproject";
@ -22,7 +22,7 @@ buildPythonPackage rec {
owner = "mitmproxy";
repo = "pdoc";
rev = "v${version}";
hash = "sha256-rMHp0diXvWIOyucuTAXO/IOljKhDYOZKtkih5+rUJCM=";
hash = "sha256-LQXhdzocw01URrmpDayK9rpsArvM/E44AE8Eok9DBwk=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/peaqevcore/default.nix
View File

@ -6,14 +6,14 @@
buildPythonPackage rec {
pname = "peaqevcore";
version = "19.4.2";
version = "19.5.0";
format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-SJ3G301HO0TnrupzhK4K6JPDs25Nltv+lNj1nQB7gV4=";
hash = "sha256-b/sTrSXj3+dkg8++zDZfroSBHIMJIeyPbY5aRnv8mI4=";
};
postPatch = ''

4
pkgs/development/python-modules/types-pytz/default.nix
View File

@ -5,12 +5,12 @@
buildPythonPackage rec {
pname = "types-pytz";
version = "2023.3.1.0";
version = "2023.3.1.1";
format = "setuptools";
src = fetchPypi {
inherit pname version;
hash = "sha256-jn0hmMukSnLfdiiIfJD2ilaOFEXxTbZGMa9Qw8q4wJA=";
hash = "sha256-zCPQGSzUnI9rukTuDIHkWGqPMCBJcPwIlNIJprCNq5o=";
};
# Modules doesn't have tests

4
pkgs/development/python-modules/types-requests/default.nix
View File

@ -6,12 +6,12 @@
buildPythonPackage rec {
pname = "types-requests";
version = "2.31.0.2";
version = "2.31.0.4";
format = "setuptools";
src = fetchPypi {
inherit pname version;
hash = "sha256-aqP3+vDqUtcouxjAoNFSLZv9jHLSb/b2G/w9BqQRz0A=";
hash = "sha256-oREEEUjX4EvxAMR2vE2z7msKHNC0AYd39qZgscTxMY0=";
};
propagatedBuildInputs = [

4
pkgs/development/tools/faas-cli/default.nix
View File

@ -18,13 +18,13 @@ let
in
buildGoModule rec {
pname = "faas-cli";
version = "0.16.12";
version = "0.16.14";
src = fetchFromGitHub {
owner = "openfaas";
repo = "faas-cli";
rev = version;
sha256 = "sha256-1vjqSHm4/MrlbdPTNlFznQqgtu4aYsHnlw366gBgaHA=";
sha256 = "sha256-6zMmm1I2lYt/+9OcesW54Pw0V5bdRYQK5eSYAtZ7Xmo=";
};
vendorHash = null;

6
pkgs/development/tools/ginkgo/default.nix
View File

@ -2,15 +2,15 @@
buildGoModule rec {
pname = "ginkgo";
version = "2.12.0";
version = "2.12.1";
src = fetchFromGitHub {
owner = "onsi";
repo = "ginkgo";
rev = "v${version}";
sha256 = "sha256-ikZ3vuoGYCbjvcpqol11WZ1PfxqSm1VNfdLDJIlNeP0=";
sha256 = "sha256-2nPTCd5kV6qxv4fkneu6A4gzFsRQSJiDfzh08ona0r8=";
};
vendorHash = "sha256-huXVFvSd2KkNqb6BWsTY2megnD9dJLy7edX2mGBv0rU=";
vendorHash = "sha256-wUpWvq6iiS9HkCi4ztXLNs1nCgAomyUo8YaFcElnfeI=";
# integration tests expect more file changes
# types tests are missing CodeLocation

19
pkgs/development/tools/language-servers/postgres-lsp/default.nix
View File

@ -6,16 +6,25 @@
rustPlatform.buildRustPackage rec {
pname = "postgres-lsp";
version = "unstable-2023-08-23";
version = "unstable-2023-09-21";
src = fetchFromGitHub {
src = (fetchFromGitHub {
owner = "supabase";
repo = "postgres_lsp";
rev = "47dd0132b12661ab6c97f5fba892e567a5109c84";
hash = "sha256-aV3QAp6DkNrHiDe1Ytiu6UyTWrelV6vO83Baiv4ONLg=";
rev = "f25f23a683c4e14dea52e3e423584588ab349081";
hash = "sha256-z8WIUfgnPYdzhBit1V6A5UktjoYCblTKXxwpbHOmFJA=";
fetchSubmodules = true;
}).overrideAttrs {
# workaround to be able to fetch git@github.com submodules
# https://github.com/NixOS/nixpkgs/issues/195117
env = {
GIT_CONFIG_COUNT = 1;
GIT_CONFIG_KEY_0 = "url.https://github.com/.insteadOf";
GIT_CONFIG_VALUE_0 = "git@github.com:";
};
};
cargoHash = "sha256-9d/KiQ7IXhmYvTb97FKJh/cGTdnxAgCXSx4+V74b+RE=";
cargoHash = "sha256-Nyxiere6/e5Y7YcgHitVkaiS1w3JXkbohIcBNc00YXY=";
nativeBuildInputs = [
protobuf

4
pkgs/development/tools/rain/default.nix
View File

@ -7,13 +7,13 @@
buildGoModule rec {
pname = "rain";
version = "1.5.0";
version = "1.6.0";
src = fetchFromGitHub {
owner = "aws-cloudformation";
repo = pname;
rev = "v${version}";
sha256 = "sha256-vvLvsZhdkxgTREEwLFdF1MwKj1A4rHgJ3y9VdKOl5HE=";
sha256 = "sha256-sAqWVGzEQJwf7ioQjOFs+1hAn69LmDCMSu0ym59aDsU=";
};
vendorHash = "sha256-xmpjoNfz+4d7Un0J6yEhkQG2Ax8hL0dw4OQmwrKq3QI=";

4
pkgs/games/lunar-client/default.nix
View File

@ -5,11 +5,11 @@
let
pname = "lunar-client";
version = "3.0.10";
version = "3.1.0";
src = fetchurl {
url = "https://launcherupdates.lunarclientcdn.com/Lunar%20Client-${version}.AppImage";
hash = "sha256-mbEV+iciL4+PtfvStyXZXK5Zb91N9H1VJ5amZj+2EyA=";
hash = "sha256-6OAGNkMyHOZI5wh92OtalnvUVFWNAS9PvkFS0e4YXhk=";
};
appimageContents = appimageTools.extract { inherit pname version src; };

12
pkgs/os-specific/linux/kernel/zen-kernels.nix
View File

@ -4,16 +4,16 @@ let
# comments with variant added for update script
# ./update-zen.py zen
zenVariant = {
version = "6.5.4"; #zen
suffix = "zen2"; #zen
sha256 = "0p67v2rhkf0q61cvf310nkg08dpwgmkabid71qp01ig3sdp6rcsy"; #zen
version = "6.5.5"; #zen
suffix = "zen1"; #zen
sha256 = "069hxkww14dpz7k5hd93qnv6clc0dkpd3ncf1wzr5k84a0i9syj8"; #zen
isLqx = false;
};
# ./update-zen.py lqx
lqxVariant = {
version = "6.5.4"; #lqx
suffix = "lqx2"; #lqx
sha256 = "0zz7jn2fic7llppv4ih91jfz0k0q6c04xsyqljhiw6279dsv8h7c"; #lqx
version = "6.5.5"; #lqx
suffix = "lqx1"; #lqx
sha256 = "1sr23yjwl7sh58s5f9yy9ld163c5lm0qbn0gqg8bnkshx08r39h8"; #lqx
isLqx = true;
};
zenKernelsFor = { version, suffix, sha256, isLqx }: buildLinux (args // {

2
pkgs/tools/filesystems/curlftpfs/default.nix
View File

@ -14,6 +14,8 @@ stdenv.mkDerivation rec {
# it is known to cause problems. Search online for "rpl_malloc" and
# "rpl_realloc" to find out more.
./fix-rpl_malloc.patch
./suse-bug-580609.patch
./suse-bug-955687.patch
];
nativeBuildInputs = [ autoreconfHook pkg-config ];

10
pkgs/tools/filesystems/curlftpfs/suse-bug-580609.patch Normal file
View File

@ -0,0 +1,10 @@
--- a/ftpfs.c 2008-04-30 01:05:47.000000000 +0200
+++ b/ftpfs.c 2010-05-21 13:01:42.569006163 +0200
@@ -503,7 +503,6 @@ static void *ftpfs_write_thread(void *da
curl_easy_setopt_or_die(fh->write_conn, CURLOPT_URL, fh->full_path);
curl_easy_setopt_or_die(fh->write_conn, CURLOPT_UPLOAD, 1);
- curl_easy_setopt_or_die(fh->write_conn, CURLOPT_INFILESIZE, -1);
curl_easy_setopt_or_die(fh->write_conn, CURLOPT_READFUNCTION, write_data_bg);
curl_easy_setopt_or_die(fh->write_conn, CURLOPT_READDATA, fh);
curl_easy_setopt_or_die(fh->write_conn, CURLOPT_LOW_SPEED_LIMIT, 1);

11
pkgs/tools/filesystems/curlftpfs/suse-bug-955687.patch Normal file
View File

@ -0,0 +1,11 @@
--- a/ftpfs.c
+++ b/ftpfs.c
@@ -614,6 +614,8 @@ static void free_ftpfs_file(struct ftpfs
sem_destroy(&fh->data_need);
sem_destroy(&fh->data_written);
sem_destroy(&fh->ready);
+ if (fh->buf.size) { buf_free(&fh->buf); }
+ if (fh->stream_buf.size) { buf_free(&fh->stream_buf); }
free(fh);
}

76
pkgs/tools/misc/etcher/default.nix
View File

@ -1,58 +1,48 @@
{ lib, stdenv
{ lib
, stdenv
, fetchurl
, gcc-unwrapped
, dpkg
, util-linux
, bash
, util-linux
, autoPatchelfHook
, dpkg
, makeWrapper
, udev
, electron
}:
let
inherit (stdenv.hostPlatform) system;
throwSystem = throw "Unsupported system: ${stdenv.hostPlatform.system}";
sha256 = {
"x86_64-linux" = "1rcidar97nnpjb163x9snnnhw1z1ld4asgbd5dxpzdh8hikh66ll";
"i686-linux" = "1jll4i0j9kh78kl10s596xxs60gy7cnlafgpk89861yihj0i73a5";
}."${system}" or throwSystem;
arch = {
"x86_64-linux" = "amd64";
"i686-linux" = "i386";
}."${system}" or throwSystem;
in
stdenv.mkDerivation rec {
pname = "etcher";
version = "1.7.9";
version = "1.18.12";
src = fetchurl {
url = "https://github.com/balena-io/etcher/releases/download/v${version}/balena-etcher-electron_${version}_${arch}.deb";
inherit sha256;
url = "https://github.com/balena-io/etcher/releases/download/v${version}/balena-etcher_${version}_amd64.deb";
hash = "sha256-Ucs187xTpbRJ7P32hCl8cHPxO3HCs44ZneAas043FXk=";
};
nativeBuildInputs = [ makeWrapper ];
dontConfigure = true;
dontBuild = true;
unpackPhase = ''
${dpkg}/bin/dpkg-deb -x $src .
'';
# sudo-prompt has hardcoded binary paths on Linux and we patch them here
# along with some other paths
postPatch = ''
# use Nix(OS) paths
substituteInPlace opt/balenaEtcher/resources/app/generated/gui.js \
--replace '/usr/bin/pkexec' '/usr/bin/pkexec", "/run/wrappers/bin/pkexec' \
--replace '/bin/bash' '${bash}/bin/bash' \
--replace '"lsblk"' '"${util-linux}/bin/lsblk"'
'';
nativeBuildInputs = [
autoPatchelfHook
dpkg
makeWrapper
];
buildInputs = [
stdenv.cc.cc.lib
udev
];
dontConfigure = true;
dontBuild = true;
installPhase = ''
runHook preInstall
@ -61,24 +51,22 @@ stdenv.mkDerivation rec {
cp -a usr/share/* $out/share
cp -a opt/balenaEtcher/{locales,resources} $out/share/${pname}
substituteInPlace $out/share/applications/balena-etcher-electron.desktop \
--replace /opt/balenaEtcher/balena-etcher-electron ${pname}
makeWrapper ${electron}/bin/electron $out/bin/${pname} \
--add-flags $out/share/${pname}/resources/app
substituteInPlace $out/share/applications/balena-etcher.desktop \
--replace /opt/balenaEtcher/balena-etcher ${pname}
runHook postInstall
'';
postFixup = ''
makeWrapper ${electron}/bin/electron $out/bin/${pname} \
--add-flags $out/share/${pname}/resources/app \
--prefix LD_LIBRARY_PATH : "${lib.makeLibraryPath [ gcc-unwrapped.lib ]}"
'';
meta = with lib; {
description = "Flash OS images to SD cards and USB drives, safely and easily";
homepage = "https://etcher.io/";
license = licenses.asl20;
maintainers = [ maintainers.shou ];
platforms = [ "i686-linux" "x86_64-linux" ];
mainProgram = pname;
maintainers = with maintainers; [ wegank ];
platforms = [ "x86_64-linux" ];
sourceProvenance = with sourceTypes; [ binaryNativeCode ];
};
}

4
pkgs/tools/networking/grpc_cli/default.nix
View File

@ -2,12 +2,12 @@
stdenv.mkDerivation rec {
pname = "grpc_cli";
version = "1.58.0";
version = "1.58.1";
src = fetchFromGitHub {
owner = "grpc";
repo = "grpc";
rev = "v${version}";
hash = "sha256-JxkQZSmI3FSAoSd45uciCpsTeGuAvRhG/BGyC4NKOjo=";
hash = "sha256-h1Zg5f+3NyyvrStEPXqTNSly7TSEPbE1/SqrZfS37Bk=";
fetchSubmodules = true;
};
nativeBuildInputs = [ automake cmake autoconf ];

9
pkgs/tools/security/gopass/default.nix
View File

@ -13,7 +13,7 @@
buildGoModule rec {
pname = "gopass";
version = "1.15.7";
version = "1.15.8";
nativeBuildInputs = [ installShellFiles makeWrapper ];
@ -21,10 +21,10 @@ buildGoModule rec {
owner = "gopasspw";
repo = "gopass";
rev = "v${version}";
hash = "sha256-Q3EX5giteIsH5+fXb7n2qpd9kBjaZZ/A5VuCljc72C8=";
hash = "sha256-l8Ce0ioMnSlet+PMrQCMvyH3IvmQaE1MQSJR9myyLB8=";
};
vendorHash = "sha256-crnr5qXlYrhNT3nLlA7U13CaYAmAqcV+MBs/hee9ixU=";
vendorHash = "sha256-xyQTlbTPAC2iG8XQ4oEHBXjfXauwuBhaTbsew23nlVw=";
subPackages = [ "." ];
@ -62,7 +62,7 @@ buildGoModule rec {
homepage = "https://www.gopass.pw/";
license = licenses.mit;
maintainers = with maintainers; [ rvolosatovs sikmir ];
changelog = "https://github.com/gopasspw/gopass/raw/v${version}/CHANGELOG.md";
changelog = "https://github.com/gopasspw/gopass/blob/v${version}/CHANGELOG.md";
longDescription = ''
gopass is a rewrite of the pass password manager in Go with the aim of
@ -73,5 +73,6 @@ buildGoModule rec {
users. We go by the UNIX philosophy and try to do one thing and do it
well, providing a stellar user experience and a sane, simple interface.
'';
mainProgram = "gopass";
};
}

1
pkgs/tools/security/gopass/git-credential.nix
View File

@ -37,5 +37,6 @@ buildGoModule rec {
changelog = "https://github.com/gopasspw/git-credential-gopass/blob/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = with maintainers; [ benneti ];
mainProgram = "git-credential-gopass";
};
}

7
pkgs/tools/security/gopass/hibp.nix
View File

@ -7,16 +7,16 @@
buildGoModule rec {
pname = "gopass-hibp";
version = "1.15.7";
version = "1.15.8";
src = fetchFromGitHub {
owner = "gopasspw";
repo = "gopass-hibp";
rev = "v${version}";
hash = "sha256-525e2LXQ/Ldrqhxqndwpdo2HeS4xRkbPzfwvWeiEayE=";
hash = "sha256-dNzvC+ubkZPHx40bVwFT2R7TMrPdeD5oJz0lAd0vtw0=";
};
vendorHash = "sha256-jfqxl21euOtOvt+RltVlSjca2o8VuLtWHgpnW4ve5JM=";
vendorHash = "sha256-zaB8xrzqk3moR/ScXdHtqIgA9lZqWFzLWi4NAqbs0XU=";
subPackages = [ "." ];
@ -37,5 +37,6 @@ buildGoModule rec {
changelog = "https://github.com/gopasspw/gopass-hibp/blob/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = with maintainers; [ sikmir ];
mainProgram = "gopass-hibp";
};
}

7
pkgs/tools/security/gopass/jsonapi.nix
View File

@ -8,16 +8,16 @@
buildGoModule rec {
pname = "gopass-jsonapi";
version = "1.15.7";
version = "1.15.8";
src = fetchFromGitHub {
owner = "gopasspw";
repo = "gopass-jsonapi";
rev = "v${version}";
hash = "sha256-lwY5uc6eKqXO8FbvzlrpQY0y5AEcV0RQFvvnE+At6z0=";
hash = "sha256-CL9PcztiFCCy1T7w0v2SzLmwkA6z8aPUx65ye5AJDr4=";
};
vendorHash = "sha256-BKwgP22l4t4jaAHHh+ZD/2nroCtAp/A6DqHt+9HZzKw=";
vendorHash = "sha256-Czlp3MyxRGcIV5uFZzF8t0JrucLzPzxyCUCtjICjPM0=";
subPackages = [ "." ];
@ -38,5 +38,6 @@ buildGoModule rec {
changelog = "https://github.com/gopasspw/gopass-jsonapi/blob/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = with maintainers; [ maxhbr ];
mainProgram = "gopass-jsonapi";
};
}

7
pkgs/tools/security/gopass/summon.nix
View File

@ -7,16 +7,16 @@
buildGoModule rec {
pname = "gopass-summon-provider";
version = "1.15.7";
version = "1.15.8";
src = fetchFromGitHub {
owner = "gopasspw";
repo = "gopass-summon-provider";
rev = "v${version}";
hash = "sha256-JoSNWgwTnFQbnrwGIk6L5SwQeNg0RfLMULceqFF/XnA=";
hash = "sha256-7Oj/1h1468zz6r3+Cv5IaIFbkrs0dPteY0SRsOZ8UXI=";
};
vendorHash = "sha256-gb9AZBh5oUAiuCXbsvkmYxcHRNd9KLYq35nMd4iabKw=";
vendorHash = "sha256-IXY8w5TLXA3SIT2Jyjqt+pPtZ35zQnG0wY08OB1spDw=";
subPackages = [ "." ];
@ -37,5 +37,6 @@ buildGoModule rec {
changelog = "https://github.com/gopasspw/gopass-summon-provider/blob/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = with maintainers; [ sikmir ];
mainProgram = "gopass-summon-provider";
};
}

6
pkgs/tools/text/mdbook-emojicodes/default.nix
View File

@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec {
pname = "mdbook-emojicodes";
version = "0.2.2";
version = "0.3.0";
src = fetchFromGitHub {
owner = "blyxyas";
repo = "mdbook-emojicodes";
rev = "${version}";
hash = "sha256-wj3WVDDJmRh1g4E1iqxqmu6QNNVi9pOqZDnnDX3AnFo=";
hash = "sha256-dlvfY2AMBvTl0j9YaT+u4CeWQGGihFD8AZaAK4/hUWU=";
};
cargoHash = "sha256-Ia7GdMadx1Jb1BB040eRmyIpK98CsN3yjruUxUNh3co=";
cargoHash = "sha256-SkvAtV613+ARk79dB2zRKoLjPgdzoEKQa3JrRw9qBkA=";
buildInputs = lib.optionals stdenv.isDarwin [
darwin.apple_sdk.frameworks.CoreFoundation

2
pkgs/top-level/all-packages.nix
View File

@ -7978,7 +7978,7 @@ with pkgs;
esshader = callPackage ../tools/graphics/esshader { };
etcher = callPackage ../tools/misc/etcher {
electron = electron_12;
electron = electron_19;
};
ethercalc = callPackage ../servers/web-apps/ethercalc { };