From f68f6d47652abfe86149efa18a1094fe4b1b60c4 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:30:36 +0800 Subject: [PATCH 01/10] cinnamon.bulky: 2.4 -> 2.5 --- pkgs/desktops/cinnamon/bulky/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/cinnamon/bulky/default.nix b/pkgs/desktops/cinnamon/bulky/default.nix index bc60bc6bf9d1..45008a0b7bd0 100644 --- a/pkgs/desktops/cinnamon/bulky/default.nix +++ b/pkgs/desktops/cinnamon/bulky/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "bulky"; - version = "2.4"; + version = "2.5"; src = fetchFromGitHub { owner = "linuxmint"; repo = "bulky"; rev = version; - hash = "sha256-ynPorkhT/LUkFGNRG6JLDYaQjNPm2vMzthvl0wr7J/M="; + hash = "sha256-WgpB/oMA3w7KO7KmkGXsl92siFGQo3Y4mLvMLTi54k8="; }; nativeBuildInputs = [ From 239c3a5d0c205405d4b4de6a9929ecde6e989d04 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:41:21 +0800 Subject: [PATCH 02/10] cinnamon.cinnamon-common: 5.4.11 -> 5.4.12 --- pkgs/desktops/cinnamon/cinnamon-common/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/cinnamon/cinnamon-common/default.nix b/pkgs/desktops/cinnamon/cinnamon-common/default.nix index 49ef0dee205e..284371f48216 100644 --- a/pkgs/desktops/cinnamon/cinnamon-common/default.nix +++ b/pkgs/desktops/cinnamon/cinnamon-common/default.nix @@ -54,13 +54,13 @@ stdenv.mkDerivation rec { pname = "cinnamon-common"; - version = "5.4.11"; + version = "5.4.12"; src = fetchFromGitHub { owner = "linuxmint"; repo = "cinnamon"; rev = version; - hash = "sha256-3uQ4t+WXauCM3jV44pSz1yqLxXwLBWv7xMvP7ug3AY0="; + hash = "sha256-uyQZXri3V3dKnowB97QlPWboZz1neblyvCuSacsPROg="; }; patches = [ From e07cc970b8468026cad963fbb874e55dd5808ef3 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:42:42 +0800 Subject: [PATCH 03/10] cinnamon.cinnamon-control-center: 5.4.6 -> 5.4.7 --- pkgs/desktops/cinnamon/cinnamon-control-center/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/cinnamon/cinnamon-control-center/default.nix b/pkgs/desktops/cinnamon/cinnamon-control-center/default.nix index dded4a9ff610..d5a6c7a57c51 100644 --- a/pkgs/desktops/cinnamon/cinnamon-control-center/default.nix +++ b/pkgs/desktops/cinnamon/cinnamon-control-center/default.nix @@ -36,13 +36,13 @@ stdenv.mkDerivation rec { pname = "cinnamon-control-center"; - version = "5.4.6"; + version = "5.4.7"; src = fetchFromGitHub { owner = "linuxmint"; repo = pname; rev = version; - hash = "sha256-8BDmQT/xDnpwR2YC0TGaqWPnZ61IBmVvft2Mcf6YN+A="; + hash = "sha256-38n1QCygkBq+wOLwui1oF6MtDWxAFWxp5U1omSVtbro="; }; buildInputs = [ From 8de77a8869a4e4e3fcf6a36675017acc9d5cb7ca Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:44:25 +0800 Subject: [PATCH 04/10] cinnamon.muffin: 5.4.6 -> 5.4.7 --- pkgs/desktops/cinnamon/muffin/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/cinnamon/muffin/default.nix b/pkgs/desktops/cinnamon/muffin/default.nix index c4f4b5ce0d51..a2e7811b3d85 100644 --- a/pkgs/desktops/cinnamon/muffin/default.nix +++ b/pkgs/desktops/cinnamon/muffin/default.nix @@ -35,7 +35,7 @@ stdenv.mkDerivation rec { pname = "muffin"; - version = "5.4.6"; + version = "5.4.7"; outputs = [ "out" "dev" "man" ]; @@ -50,7 +50,7 @@ stdenv.mkDerivation rec { owner = "linuxmint"; repo = pname; rev = version; - hash = "sha256-xTpL+o7gFvu8VNbCb8c0Y0Z8ncqb9y2qTiXP3rHAz+M="; + hash = "sha256-Zx6au1FXLgK8PRmkh8jaGJ3Zh0YYFj2zmbxhgXAFgDg="; }; nativeBuildInputs = [ From 1e4bc8569a0e23a00f58f222dac9dc3e17de07c2 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:48:04 +0800 Subject: [PATCH 05/10] cinnamon.warpinator: 1.2.13 -> 1.2.14 --- pkgs/desktops/cinnamon/warpinator/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/cinnamon/warpinator/default.nix b/pkgs/desktops/cinnamon/warpinator/default.nix index ecd4aeec16c9..a720c2fb4cbe 100644 --- a/pkgs/desktops/cinnamon/warpinator/default.nix +++ b/pkgs/desktops/cinnamon/warpinator/default.nix @@ -14,7 +14,7 @@ python3.pkgs.buildPythonApplication rec { pname = "warpinator"; - version = "1.2.13"; + version = "1.2.14"; format = "other"; @@ -22,7 +22,7 @@ python3.pkgs.buildPythonApplication rec { owner = "linuxmint"; repo = pname; rev = version; - hash = "sha256-iLImyfUsfn+mWrgMv5NnbOvvOlJnwJG4Btx1wwlgTeM="; + hash = "sha256-0OmrviDti843c+nvpt7ennSrso0PD7eZOJ94JiWJT58="; }; nativeBuildInputs = [ From f69dfdfa8c6b28a0a37d79d6d7bee95a6ae3386f Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Tue, 6 Sep 2022 09:49:48 +0800 Subject: [PATCH 06/10] cinnamon.xapps: 2.2.14 -> 2.2.15 --- pkgs/desktops/cinnamon/xapp/default.nix | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/pkgs/desktops/cinnamon/xapp/default.nix b/pkgs/desktops/cinnamon/xapp/default.nix index 655284f20d82..5408c9c50cfd 100644 --- a/pkgs/desktops/cinnamon/xapp/default.nix +++ b/pkgs/desktops/cinnamon/xapp/default.nix @@ -1,5 +1,4 @@ { fetchFromGitHub -, fetchpatch , glib , gobject-introspection , gtk3 @@ -23,24 +22,15 @@ stdenv.mkDerivation rec { pname = "xapp"; - version = "2.2.14"; + version = "2.2.15"; outputs = [ "out" "dev" ]; - patches = [ - # Add missing gio-unix-2.0 dependency, can be removed on next update - # https://github.com/linuxmint/xapp/pull/156 - (fetchpatch { - url = "https://github.com/linuxmint/xapp/commit/052081f75d1c1212aeb6a913772723c81607bcb3.patch"; - sha256 = "sha256-VL70Y1FIa7lQ/zKjEx0GhaU1QRu4z6Yu400/bDbgZgM="; - }) - ]; - src = fetchFromGitHub { owner = "linuxmint"; repo = pname; rev = version; - hash = "sha256-BebsS7y/hRQSc4rYOIWJ+sSJ5fLZaCpNAE48JnviUUc="; + hash = "sha256-X/exXQY/v+TU8HnnquleP21tCYR9h7t43AIw4tTKVOY="; }; nativeBuildInputs = [ From 7937f122cc751b945f627a95f5d9c8d2c73c14aa Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Tue, 6 Sep 2022 17:38:17 +0100 Subject: [PATCH 07/10] govulncheck: init at unstable-2022-09-02 --- pkgs/tools/security/govulncheck/default.nix | 64 +++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 66 insertions(+) create mode 100644 pkgs/tools/security/govulncheck/default.nix diff --git a/pkgs/tools/security/govulncheck/default.nix b/pkgs/tools/security/govulncheck/default.nix new file mode 100644 index 000000000000..9565c11dad5a --- /dev/null +++ b/pkgs/tools/security/govulncheck/default.nix @@ -0,0 +1,64 @@ +{ lib, buildGoModule, fetchFromGitHub }: + +buildGoModule rec { + pname = "govulncheck"; + version = "unstable-2022-09-02"; + + src = fetchFromGitHub { + owner = "golang"; + repo = "vuln"; + rev = "27dd78d2ca392c1738e54efe513a2ecb7bf46000"; + sha256 = "sha256-G35y1V4W1nLZ+QGvIQwER9whBIBDFUVptrHx78orcI0="; + }; + + vendorSha256 = "sha256-9FH9nq5cEyhMxrrvfQAOWZ4aThMsU0HwlI+0W0uVHZ4="; + + subPackages = [ "cmd/govulncheck" ]; + + preCheck = '' + # test all paths + unset subPackages + + # remove test that calls checks.bash + # the header check and misspell gets upset at the vendor dir + rm all_test.go + + # remove tests that generally have "inconsistent vendoring" issues + # - tries to builds govulncheck again + rm cmd/govulncheck/main_command_118_test.go + # - does go builds of example go files + rm vulncheck/binary_test.go + # - just have resolution issues + rm vulncheck/{source,vulncheck}_test.go + ''; + + ldflags = [ "-s" "-w" ]; + + meta = with lib; { + homepage = "https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck"; + description = "The database client and tools for the Go vulnerability database, also known as vuln"; + longDescription = '' + Govulncheck reports known vulnerabilities that affect Go code. It uses + static analysis of source code or a binary's symbol table to narrow down + reports to only those that could affect the application. + + By default, govulncheck makes requests to the Go vulnerability database at + https://vuln.go.dev. Requests to the vulnerability database contain only + module paths, not code or other properties of your program. See + https://vuln.go.dev/privacy.html for more. Set the GOVULNDB environment + variable to specify a different database, which must implement the + specification at https://go.dev/security/vuln/database. + + Govulncheck looks for vulnerabilities in Go programs using a specific + build configuration. For analyzing source code, that configuration is the + operating system, architecture, and Go version specified by GOOS, GOARCH, + and the “go” command found on the PATH. For binaries, the build + configuration is the one used to build the binary. Note that different + build configurations may have different known vulnerabilities. For + example, a dependency with a Windows-specific vulnerability will not be + reported for a Linux build. + ''; + license = with licenses; [ bsd3 ]; + maintainers = with maintainers; [ jk ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 5d2f6ac66b91..a70f2ef7ebd4 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -464,6 +464,8 @@ with pkgs; gojq = callPackage ../development/tools/gojq { }; + govulncheck = callPackage ../tools/security/govulncheck { }; + gpick = callPackage ../tools/misc/gpick { }; hwatch = callPackage ../tools/misc/hwatch { }; From bb6a40ebb6a738f95ba973481c5f239c5efe8eda Mon Sep 17 00:00:00 2001 From: figsoda Date: Tue, 6 Sep 2022 14:30:05 -0400 Subject: [PATCH 08/10] iwgtk: 0.4.0 -> 0.8.0 --- pkgs/tools/networking/iwgtk/default.nix | 29 +++++++++++++++---- .../networking/iwgtk/systemd-service.patch | 12 ++++++++ 2 files changed, 35 insertions(+), 6 deletions(-) create mode 100644 pkgs/tools/networking/iwgtk/systemd-service.patch diff --git a/pkgs/tools/networking/iwgtk/default.nix b/pkgs/tools/networking/iwgtk/default.nix index 5c89facd3fa3..ef220a8c28e2 100644 --- a/pkgs/tools/networking/iwgtk/default.nix +++ b/pkgs/tools/networking/iwgtk/default.nix @@ -1,21 +1,38 @@ -{ fetchFromGitHub, gtk3, lib, pkg-config, stdenv }: +{ lib +, stdenv +, fetchFromGitHub +, meson +, ninja +, pkg-config +, scdoc +, wrapGAppsHook +, gtk4 +, qrencode +}: stdenv.mkDerivation rec { pname = "iwgtk"; - version = "0.4"; + version = "0.8"; src = fetchFromGitHub { owner = "j-lentz"; repo = pname; rev = "v${version}"; - sha256 = "129h7vq9b1r9a5c79hk8d06bj8lgzrnhq55x54hqri9c471jjh0s"; + sha256 = "sha256-89rzDxalZtQkwAKS6hKPVY87kOWPySwDeZrPs2rGs/k="; }; - nativeBuildInputs = [ pkg-config ]; + # patch systemd service to pass necessary environments and use absolute paths + patches = [ ./systemd-service.patch ]; - buildInputs = [ gtk3 ]; + nativeBuildInputs = [ meson ninja pkg-config scdoc wrapGAppsHook ]; - makeFlags = [ "prefix=$(out)" ]; + buildInputs = [ gtk4 qrencode ]; + + postInstall = '' + mv $out/share/lib/systemd $out/share + rmdir $out/share/lib + substituteInPlace $out/share/systemd/user/iwgtk.service --subst-var out + ''; meta = with lib; { description = "Lightweight, graphical wifi management utility for Linux"; diff --git a/pkgs/tools/networking/iwgtk/systemd-service.patch b/pkgs/tools/networking/iwgtk/systemd-service.patch new file mode 100644 index 000000000000..fbe9abe0a217 --- /dev/null +++ b/pkgs/tools/networking/iwgtk/systemd-service.patch @@ -0,0 +1,12 @@ +--- a/misc/iwgtk.service ++++ b/misc/iwgtk.service +@@ -6,7 +6,8 @@ PartOf=graphical-session.target + After=graphical-session.target + + [Service] +-ExecStart=iwgtk -i ++ExecStart=@out@/bin/iwgtk -i ++PassEnvironment=DISPLAY XAUTHORITY + Restart=on-failure + + [Install] From 32d6c5be2de2ac59bb4ef3fb59cd62d35c61125d Mon Sep 17 00:00:00 2001 From: kilianar Date: Wed, 7 Sep 2022 01:17:26 +0200 Subject: [PATCH 09/10] gitea: 1.17.1 -> 1.17.2 https://github.com/go-gitea/gitea/releases/tag/v1.17.2 --- pkgs/applications/version-management/gitea/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/gitea/default.nix b/pkgs/applications/version-management/gitea/default.nix index 99a6ffb585ad..def74a723a57 100644 --- a/pkgs/applications/version-management/gitea/default.nix +++ b/pkgs/applications/version-management/gitea/default.nix @@ -14,12 +14,12 @@ buildGoPackage rec { pname = "gitea"; - version = "1.17.1"; + version = "1.17.2"; # not fetching directly from the git repo, because that lacks several vendor files for the web UI src = fetchurl { url = "https://github.com/go-gitea/gitea/releases/download/v${version}/gitea-src-${version}.tar.gz"; - sha256 = "sha256-ttfhsIiCl5VcqfK7ap/CA7bqXxrc4cTVIX+M2S4YanY="; + sha256 = "sha256-pDg+HC3dbWf0RxoLvBtIOaFauP1pUYBOG+Q9cinh3lg="; }; patches = [ From 1a78cf9ce3ba1ecf4adb1e67a4fb3275408814d4 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Wed, 7 Sep 2022 00:23:49 +0000 Subject: [PATCH 10/10] sumneko-lua-language-server: 3.5.3 -> 3.5.4 --- .../development/tools/sumneko-lua-language-server/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/sumneko-lua-language-server/default.nix b/pkgs/development/tools/sumneko-lua-language-server/default.nix index 0c307704dba4..448902327d69 100644 --- a/pkgs/development/tools/sumneko-lua-language-server/default.nix +++ b/pkgs/development/tools/sumneko-lua-language-server/default.nix @@ -4,13 +4,13 @@ let in stdenv.mkDerivation rec { pname = "sumneko-lua-language-server"; - version = "3.5.3"; + version = "3.5.4"; src = fetchFromGitHub { owner = "sumneko"; repo = "lua-language-server"; rev = version; - sha256 = "sha256-K/B+THEgM6pzW+VOc8pgtH+3zpWEgocEdTsuO0APoT0="; + sha256 = "sha256-Tj+9UQoVzsiEq0JF7BjT41Mks+8dAV2Op/zceRmWU/k="; fetchSubmodules = true; };