mirror of
https://github.com/NixOS/nixpkgs.git
synced 2024-10-29 21:51:49 +00:00
Merge release-24.05 into staging-next-24.05
This commit is contained in:
commit
1f38d7ccd4
@ -135,7 +135,19 @@ in
|
||||
services.displayManager.sessionPackages = lib.optional (cfg.package != null) cfg.package;
|
||||
|
||||
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1050913
|
||||
xdg.portal.config.sway.default = lib.mkDefault [ "wlr" "gtk" ];
|
||||
# https://github.com/emersion/xdg-desktop-portal-wlr/blob/master/contrib/wlroots-portals.conf
|
||||
# https://github.com/emersion/xdg-desktop-portal-wlr/pull/315
|
||||
xdg.portal.config.sway = {
|
||||
# Use xdg-desktop-portal-gtk for every portal interface...
|
||||
default = "gtk";
|
||||
# ... except for the ScreenCast, Screenshot and Secret
|
||||
"org.freedesktop.impl.portal.ScreenCast" = "wlr";
|
||||
"org.freedesktop.impl.portal.Screenshot" = "wlr";
|
||||
# ignore inhibit bc gtk portal always returns as success,
|
||||
# despite sway/the wlr portal not having an implementation,
|
||||
# stopping firefox from using wayland idle-inhibit
|
||||
"org.freedesktop.impl.portal.Inhibit" = "none";
|
||||
};
|
||||
}
|
||||
|
||||
(import ./wayland-session.nix {
|
||||
|
@ -26,5 +26,8 @@ stdenv.mkDerivation rec {
|
||||
maintainers = [ lib.maintainers.viric ];
|
||||
platforms = lib.platforms.unix;
|
||||
mainProgram = "minidjvu";
|
||||
knownVulnerabilities = [
|
||||
"minidjvu is vulnerable to a number of out-of-bound read vulnerabilities, potentially causing denials of service (CVE-2017-12441, CVE-2017-12442, CVE-2017-12443, CVE-2017-12444, CVE-2017-12445)"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
@ -37,7 +37,6 @@ python3.pkgs.buildPythonApplication rec {
|
||||
flask-compress
|
||||
flask-session
|
||||
flask-themes2
|
||||
js2py
|
||||
pycurl
|
||||
semver
|
||||
setuptools
|
||||
|
@ -42,8 +42,8 @@ let
|
||||
|
||||
# Please keep the version x.y.0.z and do not update to x.y.76.z because the
|
||||
# source of the latter disappears much faster.
|
||||
version = "8.130.0.205";
|
||||
revision = "368";
|
||||
version = "8.131.0.202";
|
||||
revision = "370";
|
||||
|
||||
rpath =
|
||||
lib.makeLibraryPath [
|
||||
@ -103,7 +103,7 @@ let
|
||||
fetchurl {
|
||||
name = "skypeforlinux-${version}-${revision}.snap";
|
||||
url = "https://api.snapcraft.io/api/v1/snaps/download/QRDEfjn4WJYnm0FzDKwqqRZZI77awQEV_${revision}.snap";
|
||||
hash = "sha512-eDSJQndUDxSsRg9bSevWUih1iXDp3n1kU0RdRAu3GsHeRC/JJx3m4vKxP0F/Rcf2Toxd3MPG2r6Oa1Wa7upcGg==";
|
||||
hash = "sha512-POCDkJe58ie78PIze6qADPIbjfFxNhLJt5z7ooHNIna6IrJoeqpFYIrRo9uosHkUURu83MfueeyYd6z0j+P/RQ==";
|
||||
}
|
||||
else
|
||||
throw "Skype for linux is not supported on ${stdenv.hostPlatform.system}";
|
||||
|
@ -5,7 +5,7 @@
|
||||
fetchFromGitHub,
|
||||
alsa-utils,
|
||||
copyDesktopItems,
|
||||
electron_30,
|
||||
electron_32,
|
||||
makeDesktopItem,
|
||||
makeWrapper,
|
||||
nix-update-script,
|
||||
@ -13,20 +13,20 @@
|
||||
}:
|
||||
|
||||
let
|
||||
electronDist = "${electron_30}/${if stdenv.isDarwin then "Applications" else "libexec/electron"}";
|
||||
electronDist = "${electron_32}/${if stdenv.isDarwin then "Applications" else "libexec/electron"}";
|
||||
in
|
||||
buildNpmPackage rec {
|
||||
pname = "teams-for-linux";
|
||||
version = "1.9.5";
|
||||
version = "1.11.2";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "IsmaelMartinez";
|
||||
repo = "teams-for-linux";
|
||||
rev = "refs/tags/v${version}";
|
||||
hash = "sha256-+rEGDg+/qvjCMhGHccb4p+CKOo/65RpkFT/WnCDlCgU=";
|
||||
hash = "sha256-fSZ94Px0NuxUZqc9cHE6czG/VzNsWp+UXllq7kEQvtI=";
|
||||
};
|
||||
|
||||
npmDepsHash = "sha256-vDRFFxkIQo5qU9gmkSwUhPz4FG2XbUNkTw6SCuvMqCc=";
|
||||
npmDepsHash = "sha256-MfPdOqxiMDsvxsS3yWukRokDitqWQpTpK407xVX461o=";
|
||||
|
||||
nativeBuildInputs = [
|
||||
makeWrapper
|
||||
@ -49,7 +49,7 @@ buildNpmPackage rec {
|
||||
-c.npmRebuild=true \
|
||||
-c.asarUnpack="**/*.node" \
|
||||
-c.electronDist=electron-dist \
|
||||
-c.electronVersion=${electron_30.version}
|
||||
-c.electronVersion=${electron_32.version}
|
||||
|
||||
runHook postBuild
|
||||
'';
|
||||
@ -71,7 +71,7 @@ buildNpmPackage rec {
|
||||
popd
|
||||
|
||||
# Linux needs 'aplay' for notification sounds
|
||||
makeWrapper '${lib.getExe electron_30}' "$out/bin/teams-for-linux" \
|
||||
makeWrapper '${lib.getExe electron_32}' "$out/bin/teams-for-linux" \
|
||||
--prefix PATH : ${
|
||||
lib.makeBinPath [
|
||||
alsa-utils
|
||||
|
@ -14,13 +14,13 @@
|
||||
}:
|
||||
stdenv.mkDerivation (finalAttrs: {
|
||||
pname = "vencord";
|
||||
version = "1.10.2";
|
||||
version = "1.10.5";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "Vendicated";
|
||||
repo = "Vencord";
|
||||
rev = "v${finalAttrs.version}";
|
||||
hash = "sha256-rLdUEdAvYy8SDgKWUanZgmMnJ6Dg2dO5tTpGTwlQCrU=";
|
||||
hash = "sha256-pzb2x5tTDT6yUNURbAok5eQWZHaxP/RUo8T0JECKHJ4=";
|
||||
};
|
||||
|
||||
pnpmDeps = pnpm.fetchDeps {
|
||||
@ -98,6 +98,7 @@ stdenv.mkDerivation (finalAttrs: {
|
||||
FlafyDev
|
||||
NotAShelf
|
||||
Scrumplex
|
||||
donteatoreo
|
||||
];
|
||||
};
|
||||
})
|
||||
|
@ -8,7 +8,6 @@
|
||||
django,
|
||||
packaging,
|
||||
nodejs,
|
||||
js2py,
|
||||
six,
|
||||
}:
|
||||
|
||||
@ -26,9 +25,11 @@ buildPythonPackage rec {
|
||||
|
||||
propagatedBuildInputs = [ django ] ++ lib.optionals (pythonAtLeast "3.7") [ packaging ];
|
||||
|
||||
# Js2py is needed for tests but it's unmaintained and insecure
|
||||
doCheck = false;
|
||||
|
||||
nativeCheckInputs = [
|
||||
nodejs
|
||||
js2py
|
||||
six
|
||||
];
|
||||
|
||||
|
@ -30,7 +30,7 @@ buildPythonPackage rec {
|
||||
"lark.grammars"
|
||||
];
|
||||
|
||||
# Js2py is needed for tests but it's marked as insecure
|
||||
# Js2py is needed for tests but it's unmaintained and insecure
|
||||
doCheck = false;
|
||||
|
||||
meta = with lib; {
|
||||
|
@ -3,7 +3,6 @@
|
||||
fetchFromGitHub,
|
||||
buildPythonPackage,
|
||||
pytestCheckHook,
|
||||
js2py,
|
||||
}:
|
||||
|
||||
let
|
||||
@ -21,18 +20,11 @@ let
|
||||
|
||||
nativeCheckInputs = [
|
||||
pytestCheckHook
|
||||
js2py
|
||||
];
|
||||
|
||||
# escape infinite recursion with js2py
|
||||
# js2py is needed for tests but it's unmaintained and insecure
|
||||
doCheck = false;
|
||||
|
||||
passthru.tests = {
|
||||
check = pyjsparser.overridePythonAttrs (_: {
|
||||
doCheck = true;
|
||||
});
|
||||
};
|
||||
|
||||
pythonImportsCheck = [ "pyjsparser" ];
|
||||
|
||||
meta = with lib; {
|
||||
|
@ -49,16 +49,6 @@
|
||||
"sha256": "094z3wfcxqx2rbi072i5frshpy6rdvk39aahwm9nc07vc8sxxn4b",
|
||||
"version": "6.1.112"
|
||||
},
|
||||
"6.10": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
"name": "linux-hardened-v6.10.12-hardened1.patch",
|
||||
"sha256": "07z35f4nqj9vgj2ynq7spgckb770a0w0906m7l28i1x0kch2kr3j",
|
||||
"url": "https://github.com/anthraxx/linux-hardened/releases/download/v6.10.12-hardened1/linux-hardened-v6.10.12-hardened1.patch"
|
||||
},
|
||||
"sha256": "1kvkwgnq5gsdqarrdg32qjrbq1dggxp1x2yy2zpsjsaq5y2mhj2j",
|
||||
"version": "6.10.12"
|
||||
},
|
||||
"6.6": {
|
||||
"patch": {
|
||||
"extra": "-hardened1",
|
||||
|
@ -27,18 +27,6 @@
|
||||
"version": "6.6.58",
|
||||
"hash": "sha256:1nwrd017l5m4w12yrcf31y3g0l9xqm5b0fzcqdgan3ypi3jq3pz7"
|
||||
},
|
||||
"6.8": {
|
||||
"version": "6.8.12",
|
||||
"hash": "sha256:0fb0m0fv4521g63gq04d7lm6hy8169s1rykiav5bkd99s9b1kcqr"
|
||||
},
|
||||
"6.9": {
|
||||
"version": "6.9.12",
|
||||
"hash": "sha256:08ngskni7d9wi93vlwcmbdg7sb2jl1drhhzn62k9nsrg1r7crrss"
|
||||
},
|
||||
"6.10": {
|
||||
"version": "6.10.14",
|
||||
"hash": "sha256:0gj2z9ax1qv59n2mld0pg2svwi28lbq92ql98vy7crynd2ybrram"
|
||||
},
|
||||
"6.11": {
|
||||
"version": "6.11.5",
|
||||
"hash": "sha256:01rafnqal2v96dzkabz0irymq4sc9ja00ggyv1xn7yzjnyrqa527"
|
||||
|
@ -71,7 +71,7 @@
|
||||
netfilter-typo-fix = {
|
||||
name = "netfilter-typo-fix";
|
||||
patch = fetchpatch {
|
||||
url = "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/patch/?id=306ed1728e8438caed30332e1ab46b28c25fe3d8";
|
||||
url = "https://lore.kernel.org/netdev/20241021094536.81487-3-pablo@netfilter.org/raw";
|
||||
hash = "sha256-ZGc1xAIjf+MlV02jhIWZ4jHC742+z/WpN7RenqpU7e4=";
|
||||
};
|
||||
};
|
||||
|
@ -10,14 +10,14 @@
|
||||
}:
|
||||
|
||||
buildGoModule rec {
|
||||
version = "3.1.1";
|
||||
version = "3.1.2";
|
||||
pname = "grafana-loki";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "grafana";
|
||||
repo = "loki";
|
||||
rev = "v${version}";
|
||||
hash = "sha256-QOokLht/nIzQAzXQuJv5M4QTQD0Zhzf9+Q0ILl2Mds0=";
|
||||
hash = "sha256-Dq+Pf2z+hLNA3M6uIMdpW+QmBOP9f1lLOrXVWDUT1ho=";
|
||||
};
|
||||
|
||||
vendorHash = null;
|
||||
|
@ -30,11 +30,11 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "tor";
|
||||
version = "0.4.8.11";
|
||||
version = "0.4.8.13";
|
||||
|
||||
src = fetchurl {
|
||||
url = "https://dist.torproject.org/${pname}-${version}.tar.gz";
|
||||
sha256 = "sha256-jyvfkOYzgHgSNap9YE4VlXDyg+zuZ0Zwhz2LtwUsjgc=";
|
||||
sha256 = "sha256-m68mw4eiggs5QtpXIUbm63fCvGaGKvYpfNAqB05vuig=";
|
||||
};
|
||||
|
||||
outputs = [ "out" "geoip" ];
|
||||
|
@ -35369,7 +35369,7 @@ with pkgs;
|
||||
|
||||
webcord = callPackage ../by-name/we/webcord/package.nix { electron = electron_30; };
|
||||
|
||||
webcord-vencord = callPackage ../by-name/we/webcord-vencord/package.nix { electron = electron_30; };
|
||||
webcord-vencord = callPackage ../by-name/we/webcord-vencord/package.nix { electron = electron_31; };
|
||||
|
||||
webex = callPackage ../applications/networking/instant-messengers/webex { };
|
||||
|
||||
|
@ -53,7 +53,7 @@ let
|
||||
broken = kernel.meta.broken;
|
||||
};
|
||||
};
|
||||
kernelPatches = kernel.kernelPatches ++ [
|
||||
kernelPatches = lib.filter ({ name ? null, ... }: name != "netfilter-typo-fix") kernel.kernelPatches ++ [
|
||||
kernelPatches.hardened.${kernel.meta.branch}
|
||||
];
|
||||
isHardened = true;
|
||||
@ -195,14 +195,6 @@ in {
|
||||
];
|
||||
};
|
||||
|
||||
linux_6_10 = callPackage ../os-specific/linux/kernel/mainline.nix {
|
||||
branch = "6.10";
|
||||
kernelPatches = [
|
||||
kernelPatches.bridge_stp_helper
|
||||
kernelPatches.request_key_helper
|
||||
];
|
||||
};
|
||||
|
||||
linux_6_11 = callPackage ../os-specific/linux/kernel/mainline.nix {
|
||||
branch = "6.11";
|
||||
kernelPatches = [
|
||||
@ -290,6 +282,7 @@ in {
|
||||
linux_6_7 = throw "linux 6.7 was removed because it has reached its end of life upstream";
|
||||
linux_6_8 = throw "linux 6.8 was removed because it has reached its end of life upstream";
|
||||
linux_6_9 = throw "linux 6.9 was removed because it has reached its end of life upstream";
|
||||
linux_6_10 = throw "linux 6.10 was removed because it has reached its end of life upstream";
|
||||
|
||||
linux_xanmod_tt = throw "linux_xanmod_tt was removed because upstream no longer offers this option";
|
||||
|
||||
@ -299,6 +292,7 @@ in {
|
||||
linux_6_7_hardened = throw "linux 6.7 was removed because it has reached its end of life upstream";
|
||||
linux_6_8_hardened = throw "linux 6.8 was removed because it has reached its end of life upstream";
|
||||
linux_6_9_hardened = throw "linux 6.9 was removed because it has reached its end of life upstream";
|
||||
linux_6_10_hardened = throw "linux 6.9 was removed because it has reached its end of life upstream";
|
||||
}));
|
||||
/* Linux kernel modules are inherently tied to a specific kernel. So
|
||||
rather than provide specific instances of those packages for a
|
||||
@ -627,7 +621,6 @@ in {
|
||||
linux_5_15 = recurseIntoAttrs (packagesFor kernels.linux_5_15);
|
||||
linux_6_1 = recurseIntoAttrs (packagesFor kernels.linux_6_1);
|
||||
linux_6_6 = recurseIntoAttrs (packagesFor kernels.linux_6_6);
|
||||
linux_6_10 = recurseIntoAttrs (packagesFor kernels.linux_6_10);
|
||||
linux_6_11 = recurseIntoAttrs (packagesFor kernels.linux_6_11);
|
||||
__attrsFailEvaluation = true;
|
||||
} // lib.optionalAttrs config.allowAliases {
|
||||
@ -643,6 +636,7 @@ in {
|
||||
linux_6_7 = throw "linux 6.7 was removed because it reached its end of life upstream"; # Added 2024-04-04
|
||||
linux_6_8 = throw "linux 6.8 was removed because it reached its end of life upstream"; # Added 2024-08-02
|
||||
linux_6_9 = throw "linux 6.9 was removed because it reached its end of life upstream"; # Added 2024-08-02
|
||||
linux_6_10 = throw "linux 6.10 was removed because it reached its end of life upstream"; # Added 2024-10-23
|
||||
};
|
||||
|
||||
rtPackages = {
|
||||
|
Loading…
Reference in New Issue
Block a user