Merge staging-next into staging

doc/contributing/submitting-changes.chapter.md

@@ -246,7 +246,7 @@ The `staging` branch is a development branch where mass-rebuilds go. Mass rebuil
 
 ### Staging-next branch {#submitting-changes-staging-next-branch}
 
-The `staging-next` branch is for stabilizing mass-rebuilds submitted to the `staging` branch prior to merging them into `master`. Mass-rebuilds must go via the `staging` branch. It must only see non-breaking commits that are fixing issues blocking it from being merged into the `master ` branch.
+The `staging-next` branch is for stabilizing mass-rebuilds submitted to the `staging` branch prior to merging them into `master`. Mass-rebuilds must go via the `staging` branch. It must only see non-breaking commits that are fixing issues blocking it from being merged into the `master` branch.
 
 If the branch is already in a broken state, please refrain from adding extra new breakages. Stabilize it for a few days and then merge into master.
 

maintainers/maintainer-list.nix

@@ -4932,6 +4932,12 @@
       fingerprint = "B9D5 0EDF E95E ECD0 C135  00A9 56E9 3C2F B6B0 8BDB";
     }];
   };
+  gpl = {
+    email = "nixos-6c64ce18-bbbc-414f-8dcb-f9b6b47fe2bc@isopleth.org";
+    github = "gpl";
+    githubId = 39648069;
+    name = "isogram";
+  };
   gpyh = {
     email = "yacine.hmito@gmail.com";
     github = "yacinehmito";

pkgs/applications/audio/ft2-clone/default.nix

@@ -13,13 +13,13 @@
 
 stdenv.mkDerivation rec {
   pname = "ft2-clone";
-  version = "1.56";
+  version = "1.57";
 
   src = fetchFromGitHub {
     owner = "8bitbubsy";
     repo = "ft2-clone";
     rev = "v${version}";
-    sha256 = "sha256-kSnsep6abE07Q1EpGEeX8e/2APc60TxR2MhLZxqW9WY=";
+    sha256 = "sha256-47MDroiO8zvYDdHe0350ukczzemRbesEzIXZ2KoXZUI=";
   };
 
   # Adapt the linux-only CMakeLists to darwin (more reliable than make-macos.sh)

pkgs/applications/misc/mupdf/default.nix

@@ -5,6 +5,7 @@
 , copyDesktopItems
 , makeDesktopItem
 , desktopToDarwinBundle
+, buildPackages
 , pkg-config
 , freetype
 , harfbuzz
@@ -49,13 +50,17 @@ stdenv.mkDerivation rec {
 
   postPatch = ''
     sed -i "s/__OPENJPEG__VERSION__/${openJpegVersion}/" source/fitz/load-jpx.c
+    substituteInPlace Makerules --replace "(shell pkg-config" "(shell $PKG_CONFIG"
   '';
 
   # Use shared libraries to decrease size
   buildFlags = [ "shared" ];
 
-  makeFlags = [ "prefix=$(out)" "USE_SYSTEM_LIBS=yes" ]
-    ++ lib.optionals (!enableX11) [ "HAVE_X11=no" ]
+  makeFlags = [
+    "prefix=$(out)"
+    "USE_SYSTEM_LIBS=yes"
+    "PKG_CONFIG=${buildPackages.pkg-config}/bin/${buildPackages.pkg-config.targetPrefix}pkg-config"
+  ] ++ lib.optionals (!enableX11) [ "HAVE_X11=no" ]
     ++ lib.optionals (!enableGL) [ "HAVE_GLUT=no" ];
 
   nativeBuildInputs = [ pkg-config ]

pkgs/applications/networking/mailreaders/claws-mail/default.nix

@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchgit, fetchurl, wrapGAppsHook, autoreconfHook, bison, flex
+{ stdenv, lib, fetchurl, wrapGAppsHook, autoreconfHook, bison, flex
 , curl, gtk3, pkg-config, python3, shared-mime-info
 , glib-networking, gsettings-desktop-schemas
 
@@ -100,10 +100,9 @@ in stdenv.mkDerivation rec {
   pname = "claws-mail";
   version = "4.1.0";
 
-  src = fetchgit {
-    rev = version;
-    url = "git://git.claws-mail.org/claws.git";
-    sha256 = "1pgl7z87qs3ksh1pazq9cml3h0vb7kr9b97gkkrzgsgfg1vbx390";
+  src = fetchurl {
+    url = "https://claws-mail.org/download.php?file=releases/claws-mail-${version}.tar.xz";
+    hash = "sha256-DhqcoNuNKp4FiuMM3H/JGXeSFOw8Vu4Min+IzCOBeo4=";
   };
 
   outputs = [ "out" "dev" ];

pkgs/applications/networking/seaweedfs/default.nix

@@ -7,16 +7,16 @@
 
 buildGoModule rec {
   pname = "seaweedfs";
-  version = "3.24";
+  version = "3.26";
 
   src = fetchFromGitHub {
     owner = "chrislusf";
     repo = "seaweedfs";
     rev = version;
-    sha256 = "sha256-cnaktk2POuSPazvU8ChAJHbIUR0O34NTPEcjDQKHU08=";
+    sha256 = "sha256-ETpcBodT3zFwzc5tczgfw6pD3htb4xFzl0btkyODWk0=";
   };
 
-  vendorSha256 = "sha256-jj1UxohdkmtYjLMoZgkUrIsPmhkOal+KdqKzs8qfRJM=";
+  vendorSha256 = "sha256-sgLHRDdi9gkcSzeBaDCxtbvWSzjTshb2WbmMyRepUKA=";
 
   subPackages = [ "weed" ];
 

pkgs/applications/version-management/git-and-tools/gh/default.nix

@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "gh";
-  version = "2.14.7";
+  version = "2.15.0";
 
   src = fetchFromGitHub {
     owner = "cli";
     repo = "cli";
     rev = "v${version}";
-    sha256 = "sha256-IOpMq9Oyy51UzaPdkGQJQ15jr1JH6iMlvozurIQy0SY=";
+    sha256 = "sha256-+RHKrCW/5qCHO1KxjGdpbvqZxZe8hd+EWpUAfMr5FFI=";
   };
 
-  vendorSha256 = "sha256-ZgUU9G9BLjGSDvS15fmSpvGD0POKuX9mTF9+XxYciZI=";
+  vendorSha256 = "sha256-Q8XnXa5zTo6YbM5DEau2AsChd8kZrpFNRLhTZzogL9U=";
 
   nativeBuildInputs = [ installShellFiles ];
 

pkgs/applications/virtualization/gvisor/containerd-shim.nix

@@ -1,35 +0,0 @@
-{ lib, fetchFromGitHub, buildGoModule }:
-
-buildGoModule rec {
-  pname = "gvisor-containerd-shim";
-  version = "unstable-2019-10-09";
-
-  src = fetchFromGitHub {
-    owner  = "google";
-    repo   = "gvisor-containerd-shim";
-    rev    = "f299b553afdd8455a0057862004061ea12e660f5";
-    sha256 = "077bhrmjrpcxv1z020yxhx2c4asn66j21gxlpa6hz0av3lfck9lm";
-  };
-
-  vendorSha256 = "11jai5jl024k7wbhz4a3zzdbvl0si07jwgwmyr8bn4i0nqx8ig2k";
-
-  buildPhase = ''
-    make
-  '';
-
-  checkPhase = ''
-    make test
-  '';
-
-  installPhase = ''
-    make install DESTDIR="$out"
-  '';
-
-  meta = with lib; {
-    description = "containerd shim for gVisor";
-    homepage    = "https://github.com/google/gvisor-containerd-shim";
-    license     = licenses.asl20;
-    maintainers = with maintainers; [ andrew-d ];
-    platforms   = [ "x86_64-linux" ];
-  };
-}

pkgs/applications/virtualization/gvisor/default.nix

@@ -1,127 +1,43 @@
 { lib
-, buildBazelPackage
+, buildGoModule
 , fetchFromGitHub
-, callPackage
-, bash
-, cacert
-, git
-, glibcLocales
-, go
 , iproute2
 , iptables
 , makeWrapper
 , procps
-, protobuf
-, python3
 }:
 
-let
-  preBuild = ''
-    patchShebangs .
-
-    substituteInPlace tools/defs.bzl \
-      --replace "#!/bin/bash" "#!${bash}/bin/bash"
-
-    # Tell rules_go to use the Go binary found in the PATH
-    sed -E -i \
-      -e 's|go_version\s*=\s*"[^"]+"|go_version = "host"|g' \
-      WORKSPACE
-
-    # The gazelle Go tooling needs CA certs
-    export SSL_CERT_FILE="${cacert}/etc/ssl/certs/ca-bundle.crt"
-
-    # If we don't reset our GOPATH, the rules_go stdlib builder tries to
-    # install something into it. Ideally that wouldn't happen, but for now we
-    # can also get around it by unsetting GOPATH entirely, since rules_go
-    # doesn't need it.
-    export GOPATH=
-  '';
-
-  # Patch the protoc alias so that it always builds from source.
-  rulesProto = fetchFromGitHub {
-    owner = "bazelbuild";
-    repo = "rules_proto";
-    rev = "f7a30f6f80006b591fa7c437fe5a951eb10bcbcf";
-    sha256 = "10bcw0ir0skk7h33lmqm38n9w4nfs24mwajnngkbs6jb5wsvkqv8";
-    postFetch = ''
-      sed -i 's|name = "protoc"|name = "_protoc_original"|' $out/proto/private/BUILD.release
-      cat <<EOF >>$out/proto/private/BUILD.release
-      alias(name = "protoc", actual = "@com_github_protocolbuffers_protobuf//:protoc", visibility = ["//visibility:public"])
-      EOF
-    '';
-  };
-
-in buildBazelPackage rec {
+buildGoModule rec {
   pname = "gvisor";
-  version = "20210518.0";
+  version = "20220905.0";
 
   src = fetchFromGitHub {
     owner = "google";
-    repo  = "gvisor";
-    rev   = "release-${version}";
-    sha256 = "15a6mlclnyfc9mx3bjksnnf4vla0xh0rv9kxdp34la4gw3c4hksn";
+    repo = "gvisor";
+    rev = "442a3cd44a0858ac2a8e773b6fbba67cf3bd3767";
+    sha256 = "sha256-LKY7AKAHX29eGuXRrkCVCFl/bdHAVOC0QNZfzlpXqwc=";
   };
 
-  nativeBuildInputs = [ git glibcLocales go makeWrapper python3 ];
+  vendorSha256 = "sha256-Fn8A8iwTv0lNI9ZBJkq3SlRelnAGIQY0GInTxaCzSAU=";
 
-  bazelTarget = "//runsc:runsc";
-  bazelFlags = [
-    "--override_repository=rules_proto=${rulesProto}"
-  ];
+  nativeBuildInputs = [ makeWrapper ];
 
-  # gvisor uses the Starlark implementation of rules_cc, not the built-in one,
-  # so we shouldn't delete it from our dependencies.
-  removeRulesCC = false;
+  ldflags = [ "-s" "-w" ];
 
-  fetchAttrs = {
-    inherit preBuild;
+  subPackages = [ "runsc" "shim" ];
 
-    preInstall = ''
-      # Remove the go_sdk (it's just a copy of the go derivation) and all
-      # references to it from the marker files. Bazel does not need to download
-      # this sdk because we have patched the WORKSPACE file to point to the one
-      # currently present in PATH. Without removing the go_sdk from the marker
-      # file, the hash of it will change anytime the Go derivation changes and
-      # that would lead to impurities in the marker files which would result in
-      # a different sha256 for the fetch phase.
-      rm -rf $bazelOut/external/{go_sdk,\@go_sdk.marker}
-
-      # Remove the gazelle tools, they contain go binaries that are built
-      # non-deterministically. As long as the gazelle version matches the tools
-      # should be equivalent.
-      rm -rf $bazelOut/external/{bazel_gazelle_go_repository_tools,\@bazel_gazelle_go_repository_tools.marker}
-
-      # Remove the gazelle repository cache
-      chmod -R +w $bazelOut/external/bazel_gazelle_go_repository_cache
-      rm -rf $bazelOut/external/{bazel_gazelle_go_repository_cache,\@bazel_gazelle_go_repository_cache.marker}
-
-      # Remove log file(s)
-      rm -f "$bazelOut"/java.log "$bazelOut"/java.log.*
-    '';
-
-    sha256 = "13pahppm431m198v5bffrzq5iw8m79riplbfqp0afh384ln669hb";
-  };
-
-  buildAttrs = {
-    inherit preBuild;
-
-    installPhase = ''
-      install -Dm755 bazel-out/*/bin/runsc/runsc_/runsc $out/bin/runsc
-
-      # Needed for the 'runsc do' subcomand
-      wrapProgram $out/bin/runsc \
-        --prefix PATH : ${lib.makeBinPath [ iproute2 iptables procps ]}
-    '';
-  };
+  postInstall = ''
+    # Needed for the 'runsc do' subcomand
+    wrapProgram $out/bin/runsc \
+      --prefix PATH : ${lib.makeBinPath [ iproute2 iptables procps ]}
+    mv $out/bin/shim $out/bin/containerd-shim-runsc-v1
+  '';
 
   meta = with lib; {
-    description = "Container Runtime Sandbox";
+    description = "Application Kernel for Containers";
     homepage = "https://github.com/google/gvisor";
     license = licenses.asl20;
-    maintainers = with maintainers; [ andrew-d ];
+    maintainers = with maintainers; [ andrew-d gpl ];
     platforms = [ "x86_64-linux" ];
-    # The version we have right now does not compile with go 1.17
-    # See https://github.com/NixOS/nixpkgs/pull/174003 if you want to upgrade gvisor
-    broken = true;
   };
 }

pkgs/development/compilers/go/1.19.nix

@@ -45,11 +45,11 @@ let
 in
 stdenv.mkDerivation rec {
   pname = "go";
-  version = "1.19";
+  version = "1.19.1";
 
   src = fetchurl {
     url = "https://go.dev/dl/go${version}.src.tar.gz";
-    sha256 = "sha256-lBnMcNxaJSPymncFPK//ZY7SHvNWHZtrAgKA686rKLk=";
+    sha256 = "sha256-J4cbqkkPNAFBSteT+6SQhvbIVbHFhDhe13ceEgTH4Xk=";
   };
 
   strictDeps = true;

pkgs/development/libraries/folly/default.nix

@@ -22,13 +22,13 @@
 
 stdenv.mkDerivation rec {
   pname = "folly";
-  version = "2022.08.29.00";
+  version = "2022.09.05.00";
 
   src = fetchFromGitHub {
     owner = "facebook";
     repo = "folly";
     rev = "v${version}";
-    sha256 = "sha256-OALOfjr9qEqr8dbL9G8USKImU+hDP8iDfJijzT6KPLM=";
+    sha256 = "sha256-V+CmsHPq+nIJrn7jPnwRls3ICW6JSqwOeDUQMvSyyrQ=";
   };
 
   nativeBuildInputs = [

pkgs/development/node-packages/node-packages.json

@@ -7,6 +7,7 @@
 , "@bitwarden/cli"
 , "@commitlint/cli"
 , "@commitlint/config-conventional"
+, "@emacs-eask/cli"
 , "@forge/cli"
 , "@google/clasp"
 , "@medable/mdctl-cli"

pkgs/development/node-packages/overrides.nix

@@ -125,6 +125,10 @@ final: prev: {
     meta = oldAttrs.meta // { broken = true; }; # use the top-level package instead
   });
 
+  eask = prev."@emacs-eask/cli".override {
+    name = "eask";
+  };
+
   # NOTE: this is a stub package to fetch npm dependencies for
   # ../../applications/video/epgstation
   epgstation = prev."epgstation-../../applications/video/epgstation".override (oldAttrs: {

pkgs/development/python-modules/bitcoin-utils-fork-minimal/default.nix

@@ -26,7 +26,7 @@ buildPythonPackage rec {
     substituteInPlace setup.py \
       --replace "sympy==1.3" "sympy>=1.3" \
       --replace "base58==2.1.0" "base58>=2.1.0" \
-      --replace "ecdsa==0.13.3" "ecdsa>=0.13.3"
+      --replace "ecdsa==0.17.0" "ecdsa>=0.17.0"
   '';
 
   # Project doesn't ship tests

pkgs/development/python-modules/numpyro/default.nix

@@ -12,14 +12,14 @@
 
 buildPythonPackage rec {
   pname = "numpyro";
-  version = "0.10.0";
+  version = "0.10.1";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
 
   src = fetchPypi {
     inherit version pname;
-    hash = "sha256-UCgFGHNLQunZgXGgmLWiH9GPEpRMIoSCqJryGIDHTdo=";
+    hash = "sha256-36iW8ByN9D3dQWY68rPi/Erqc0ieZpR06DMpsYOykVA=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/peaqevcore/default.nix

@@ -6,14 +6,14 @@
 
 buildPythonPackage rec {
   pname = "peaqevcore";
-  version = "5.18.1";
+  version = "5.18.3";
   format = "setuptools";
 
   disabled = pythonOlder "3.7";
 
   src = fetchPypi {
     inherit pname version;
-    hash = "sha256-LKb1sTekBbOKdsdxZbiAMAmOTjS21nvq7UWzVxEqJh0=";
+    hash = "sha256-PCWxhJd2ZK7qt0Co5jKZSP4eOBIO+iVvQHFDbTViDAs=";
   };
 
   postPatch = ''

pkgs/development/python-modules/r2pipe/default.nix

@@ -9,7 +9,7 @@
 
 buildPythonPackage rec {
   pname = "r2pipe";
-  version = "1.7.2";
+  version = "1.7.3";
 
   postPatch = let
     r2lib = "${lib.getOutput "lib" radare2}/lib";
@@ -27,7 +27,7 @@ buildPythonPackage rec {
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "sha256-XoYIZWlIN54O/8LHre8Ut+2neLER/g7bYBD9+xNCkAU=";
+    sha256 = "sha256-zhKV0+467xFpzmSDswIWPEGpks0X/F+ecBWPWpvakik=";
   };
 
   # Tiny sanity check to make sure r2pipe finds radare2 (since r2pipe doesn't

pkgs/development/tools/bazelisk/default.nix

@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "bazelisk";
-  version = "1.12.2";
+  version = "1.13.1";
 
   src = fetchFromGitHub {
     owner = "bazelbuild";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-VgAhZZ5ZIkdAYIs/UqOkogROMIR2UToE4+xPXGR1erE=";
+    sha256 = "sha256-4Xtopf+4WtD29eCyjbQfQjxVYZIDZ4JvB8UOXDn9rwg=";
   };
 
-  vendorSha256 = "sha256-JPNcHEd56ypI4OgGmBnIasE7xxW+8pHMXk7t8w1M40A=";
+  vendorSha256 = "sha256-JJdFecRjPVmpYjDmz+ZBDmyT3Vj41An3BXvI2JzisIg=";
 
   doCheck = false;
 

pkgs/development/tools/checkmate/default.nix

@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "checkmate";
-  version = "0.8.0";
+  version = "0.8.2";
 
   src = fetchFromGitHub {
     owner = "adedayo";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-tK9jPImB3rklMVQGI84bFaWsEdmVZKnWXxfzLZL9jQU=";
+    sha256 = "sha256-v9xVJFX3YJQU9z9L7dhy0S1FvpWoDad36Lq3w4VW0xA=";
   };
 
-  vendorSha256 = "sha256-w90f5b70qc9mgfMkhhloLJ7UWXboOLcZD6kUBluGGfk=";
+  vendorSha256 = "sha256-8/EGoY3+th34gAACDoEHgwhUFmyyKecnQP/WTe56iCQ=";
 
   subPackages = [ "." ];
 

pkgs/development/tools/esbuild/default.nix

@@ -2,13 +2,13 @@
 
 buildGoModule rec {
   pname = "esbuild";
-  version = "0.15.6";
+  version = "0.15.7";
 
   src = fetchFromGitHub {
     owner = "evanw";
     repo = "esbuild";
     rev = "v${version}";
-    sha256 = "sha256-xEM5xGgwT2bys4OFDyrZsREkKl92lSl3m+QDQS4rfBQ=";
+    sha256 = "sha256-iud6nSZYclIPfM1n7xG2XCo90FjaHK/nd40jEcSnuIc=";
   };
 
   vendorSha256 = "sha256-+BfxCyg0KkDQpHt/wycy/8CTG6YBA/VJvJFhhzUnSiQ=";

pkgs/development/tools/misc/clojure-lsp/default.nix

@@ -2,18 +2,18 @@
 
 buildGraalvmNativeImage rec {
   pname = "clojure-lsp";
-  version = "2022.07.24-18.25.43";
+  version = "2022.09.01-15.27.31";
 
   src = fetchFromGitHub {
     owner = pname;
     repo = pname;
     rev = version;
-    sha256 = "sha256-3GBuVHLcoPLj1RNzhp9qcfU3pKBOK4fXQfrCifBi2xw=";
+    sha256 = "sha256-+LdHdEPwfU712KHk7NLJeOgaTdfFADqglT1TEXrFWt8=";
   };
 
   jar = fetchurl {
     url = "https://github.com/clojure-lsp/clojure-lsp/releases/download/${version}/clojure-lsp-standalone.jar";
-    sha256 = "7c0093ee0db015b5287c6878cfb348293d357a046d21794b86fd92c59c4d771c";
+    sha256 = "0yi0ni172by7kp9sfw29rsdva5xpgmc0sha2s4rff72lq9js3xp0";
   };
 
   extraNativeImageBuildArgs = [

pkgs/os-specific/darwin/moltenvk/default.nix

@@ -23,7 +23,7 @@
 
 stdenv.mkDerivation (finalAttrs: {
   pname = "MoltenVK";
-  version = "1.1.10";
+  version = "1.1.11";
 
   buildInputs = [ AppKit Foundation Metal QuartzCore cereal ]
     ++ lib.attrValues finalAttrs.passthru;
@@ -39,8 +39,8 @@ stdenv.mkDerivation (finalAttrs: {
       src = fetchFromGitHub {
         owner = "KhronosGroup";
         repo = "glslang";
-        rev = "adbf0d3106b26daa237b10b9bf72b1af7c31092d";
-        hash = "sha256-sjidkiPtRADhyOEKDb2cHCBXnFjLwk2F5Lppv5/fwNQ=";
+        rev = "73c9630da979017b2f7e19c6549e2bdb93d9b238";
+        hash = "sha256-+NKp/4e3iruAcTunpxksvCHxoVYmPd0kFI8JDJJUVg4=";
       };
     })).override { inherit (finalAttrs.passthru) spirv-headers spirv-tools; };
     spirv-cross = spirv-cross.overrideAttrs (old: {
@@ -49,32 +49,32 @@ stdenv.mkDerivation (finalAttrs: {
       src = fetchFromGitHub {
         owner = "KhronosGroup";
         repo = "SPIRV-Cross";
-        rev = "50b4d5389b6a06f86fb63a2848e1a7da6d9755ca";
-        hash = "sha256-SsupPHJ3VHxJhEAUl3EeQwN4texYhdDjxTnGD+bkNAw=";
+        rev = "61c603f3baa5270e04bcfb6acf83c654e3c57679";
+        hash = "sha256-gV5ba8SlPmkUptZkQfrrEDoFXrFTfs3eVOf807cO/f8=";
       };
     });
     spirv-headers = spirv-headers.overrideAttrs (_: {
       src = fetchFromGitHub {
         owner = "KhronosGroup";
         repo = "spirv-headers";
-        rev = "5a121866927a16ab9d49bed4788b532c7fcea766";
-        hash = "sha256-X4GuFesX015mrzutguhZLrIGlllCgAZ+DUBGSADt8xU=";
+        rev = "b2a156e1c0434bc8c99aaebba1c7be98be7ac580";
+        hash = "sha256-qYhFoRrQOlvYvVXhIFsa3dZuORDpZyVC5peeYmGNimw=";
       };
     });
     spirv-tools = (spirv-tools.overrideAttrs (old: {
       src = fetchFromGitHub {
         owner = "KhronosGroup";
         repo = "spirv-tools";
-        rev = "b930e734ea198b7aabbbf04ee1562cf6f57962f0";
-        hash = "sha256-NWpFSRoxtYWi+hLUt9gpw0YScM3shcUwv9yUmbivRb0=";
+        rev = "5e61ea2098220059e89523f1f47b0bcd8c33b89a";
+        hash = "sha256-jpVvjrNrTAKUY4sjUT/gCUElLtW4BrznH1DbStojGB8=";
       };
     })).override { inherit (finalAttrs.passthru) spirv-headers; };
     vulkan-headers = vulkan-headers.overrideAttrs (old: {
       src = fetchFromGitHub {
         owner = "KhronosGroup";
         repo = "Vulkan-Headers";
-        rev = "3ef4c97fd6ea001d75a8e9da408ee473c180e456";
-        hash = "sha256-jHzW3m9smuzEGbZrSyBI74K9rFozxiG3M5Xql/WOw7U=";
+        rev = "c896e2f920273bfee852da9cca2a356bc1c2031e";
+        hash = "sha256-zUT5+Ttmkrj51a9FS1tQxoYMS0Y0xV8uaCEJNur4khc=";
       };
     });
   };
@@ -83,7 +83,7 @@ stdenv.mkDerivation (finalAttrs: {
     owner = "KhronosGroup";
     repo = "MoltenVK";
     rev = "v${finalAttrs.version}";
-    hash = "sha256-LZvCCP2yelTaWcNt+WvG+RZnVLHRgMDTlNWwRIey7ZM=";
+    hash = "sha256-+/vlZvEuake0E2jFZOcctEVGMCcXelGPQJXt1EI06us=";
   };
 
   patches = [

pkgs/os-specific/linux/klibc/default.nix

@@ -25,7 +25,7 @@ stdenv.mkDerivation rec {
   hardeningDisable = [ "format" "stackprotector" ];
 
   makeFlags = commonMakeFlags ++ [
-    "KLIBCARCH=${stdenv.hostPlatform.linuxArch}"
+    "KLIBCARCH=${if stdenv.hostPlatform.isRiscV64 then "riscv64" else stdenv.hostPlatform.linuxArch}"
     "KLIBCKERNELSRC=${linuxHeaders}"
   ] # TODO(@Ericson2314): We now can get the ABI from
     # `stdenv.hostPlatform.parsed.abi`, is this still a good idea?

pkgs/servers/krill/default.nix

@@ -9,16 +9,16 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "krill";
-  version = "0.9.6";
+  version = "0.10.0";
 
   src = fetchFromGitHub {
     owner = "NLnetLabs";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-gMGDZI8uk5E7C2+zGPzn1wz39NUJ4tVExwwvc4Y2wDM=";
+    hash = "sha256-gObwFPpBYhg9Hp+0/gRugZXktw5ob4T6w0uwbHQO7hU=";
   };
 
-  cargoSha256 = "sha256-vtEobZvOsI18cqExR++DUNEI7J+h9ek1Lc+Q4Db8OrQ=";
+  cargoSha256 = "sha256-xWjx4ngCrsKMQ8PYW2ibXBZZYWLKIXVIAl9p3mKlpwo=";
 
   buildInputs = [ openssl ] ++ lib.optional stdenv.isDarwin Security;
   nativeBuildInputs = [ pkg-config ];

pkgs/servers/sql/postgresql/ext/plpgsql_check.nix

@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "plpgsql_check";
-  version = "2.1.8";
+  version = "2.1.9";
 
   src = fetchFromGitHub {
     owner = "okbob";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-YFU1gMHtcsdMbUufVi2fkjiD5Mk1q4b+W4c3/fj4rZE=";
+    sha256 = "sha256-O24iXHNIjtkGs1GfZbEBlIc1bGTbKICdhz8Q/gqS33s=";
   };
 
   buildInputs = [ postgresql ];

pkgs/tools/admin/qovery-cli/default.nix

@@ -1,6 +1,9 @@
-{ lib
-, buildGoModule
+{ buildGoModule
 , fetchFromGitHub
+, installShellFiles
+, lib
+, qovery-cli
+, testers
 }:
 
 buildGoModule rec {
@@ -16,6 +19,20 @@ buildGoModule rec {
 
   vendorSha256 = "sha256-4TY7/prMbvw5zVPJRoMLg7Omrxvh1HPGsdz1wqPn4uU=";
 
+  nativeBuildInputs = [ installShellFiles ];
+
+  postInstall = ''
+    installShellCompletion --cmd ${pname} \
+      --bash <($out/bin/${pname} completion bash) \
+      --fish <($out/bin/${pname} completion fish) \
+      --zsh <($out/bin/${pname} completion zsh)
+  '';
+
+  passthru.tests.version = testers.testVersion {
+    package = qovery-cli;
+    command = "HOME=$(mktemp -d); ${pname} version";
+  };
+
   meta = with lib; {
     description = "Qovery Command Line Interface";
     homepage = "https://github.com/Qovery/qovery-cli";

pkgs/tools/misc/bat/default.nix

@@ -12,15 +12,15 @@
 
 rustPlatform.buildRustPackage rec {
   pname = "bat";
-  version = "0.21.0";
+  version = "0.22.0";
 
   src = fetchFromGitHub {
     owner = "sharkdp";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-eCk0oOHGZNqgqz+JJfIhjWdLgBTpBig+mggi1c3EUDk=";
+    sha256 = "sha256-aTW1PheKWjeBtMePMDYeXOqZEaq9k6dMrrPKoT1C70E=";
   };
-  cargoSha256 = "sha256-kYZxtiK9hnHBOMvRoHZK5kyXO9cg/gHBYuaITqKUpbE=";
+  cargoSha256 = "sha256-tzhtgF/NCvSMqKRFCgkE5iIEM4OmJtmpuqHP5qhTIMI=";
 
   nativeBuildInputs = [ pkg-config installShellFiles makeWrapper ];
 

pkgs/tools/security/cariddi/default.nix

@@ -5,16 +5,16 @@
 
 buildGoModule rec {
   pname = "cariddi";
-  version = "1.1.7";
+  version = "1.1.8";
 
   src = fetchFromGitHub {
     owner = "edoardottt";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-OiGVdRgTaoMinwYh5vTPgOUAffX6RlawAaVtBvpWN8I=";
+    sha256 = "sha256-e6mB1Z/PqxD3TbcfoPpWUrgDebcD+nadiTtx3reGqvk=";
   };
 
-  vendorSha256 = "sha256-zJ39tAq+ooROMHG1vC2m2rbq+wttxqYxAd2hLg5GtJM=";
+  vendorSha256 = "sha256-mXzI3NF1afMvQ4STPpbehoarfOT35P01IotXPVYNnio=";
 
   meta = with lib; {
     description = "Crawler for URLs and endpoints";

pkgs/tools/security/grype/default.nix

@@ -7,13 +7,13 @@
 
 buildGoModule rec {
   pname = "grype";
-  version = "0.42.0";
+  version = "0.49.0";
 
   src = fetchFromGitHub {
     owner = "anchore";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-MShlKtrorqXRInQ01dEzVeLDRDua9PISkficF02PrBI=";
+    sha256 = "sha256-MShlKtrorqXRInQ01dEzVeLDRDua9PISkficF02PrBI=";
     # populate values that require us to use git. By doing this in postFetch we
     # can delete .git afterwards and maintain better reproducibility of the src.
     leaveDotGit = true;

pkgs/tools/security/uncover/default.nix

@@ -5,13 +5,13 @@
 
 buildGoModule rec {
   pname = "uncover";
-  version = "0.0.7";
+  version = "0.0.8";
 
   src = fetchFromGitHub {
     owner = "projectdiscovery";
     repo = pname;
     rev = "v${version}";
-    hash = "sha256-xQHcJgbWYOvAsoZNzBB7uEs9qIsKGitmurruE+dwjt8=";
+    hash = "sha256-euf6ufKVaDEJdaUCzjog32Gpoi7CPa3X22p60UgnOOQ=";
   };
 
   vendorSha256 = "sha256-FePZWseFEbBhBIsojw67SCZufSJygekZjlk0d7aceak=";

pkgs/top-level/all-packages.nix

@@ -28223,8 +28223,6 @@ with pkgs;
 
   gvisor = callPackage ../applications/virtualization/gvisor { };
 
-  gvisor-containerd-shim = callPackage ../applications/virtualization/gvisor/containerd-shim.nix { };
-
   guvcview = libsForQt5.callPackage ../os-specific/linux/guvcview { };
 
   gwc = callPackage ../applications/audio/gwc { };