diff --git a/lib/licenses.nix b/lib/licenses.nix index bde2aaca2ee5..d305001a5c19 100644 --- a/lib/licenses.nix +++ b/lib/licenses.nix @@ -153,6 +153,11 @@ in mkLicense lset) ({ free = false; }; + capec = { + fullName = "Common Attack Pattern Enumeration and Classification"; + url = "https://capec.mitre.org/about/termsofuse.html"; + }; + clArtistic = { spdxId = "ClArtistic"; fullName = "Clarified Artistic License"; diff --git a/nixos/modules/virtualisation/libvirtd.nix b/nixos/modules/virtualisation/libvirtd.nix index 55ec76b4c954..a8aa131f706a 100644 --- a/nixos/modules/virtualisation/libvirtd.nix +++ b/nixos/modules/virtualisation/libvirtd.nix @@ -109,6 +109,16 @@ in { ''; }; + qemuOvmfPackage = mkOption { + type = types.package; + default = pkgs.OVMF; + defaultText = literalExpression "pkgs.OVMF"; + example = literalExpression "pkgs.OVMFFull"; + description = '' + OVMF package to use. + ''; + }; + extraOptions = mkOption { type = types.listOf types.str; default = [ ]; @@ -161,6 +171,10 @@ in { assertion = config.security.polkit.enable; message = "The libvirtd module currently requires Polkit to be enabled ('security.polkit.enable = true')."; } + { + assertion = builtins.elem "fd" cfg.qemuOvmfPackage.outputs; + message = "The option 'virtualisation.libvirtd.qemuOvmfPackage' needs a package that has an 'fd' output."; + } ]; environment = { @@ -218,8 +232,8 @@ in { done ${optionalString cfg.qemuOvmf '' - ln -s --force ${pkgs.OVMF.fd}/FV/${ovmfFilePrefix}_CODE.fd /run/${dirName}/nix-ovmf/ - ln -s --force ${pkgs.OVMF.fd}/FV/${ovmfFilePrefix}_VARS.fd /run/${dirName}/nix-ovmf/ + ln -s --force ${cfg.qemuOvmfPackage.fd}/FV/${ovmfFilePrefix}_CODE.fd /run/${dirName}/nix-ovmf/ + ln -s --force ${cfg.qemuOvmfPackage.fd}/FV/${ovmfFilePrefix}_VARS.fd /run/${dirName}/nix-ovmf/ ''} ''; diff --git a/pkgs/applications/editors/jetbrains/default.nix b/pkgs/applications/editors/jetbrains/default.nix index db2d36e338f7..05ee956e4679 100644 --- a/pkgs/applications/editors/jetbrains/default.nix +++ b/pkgs/applications/editors/jetbrains/default.nix @@ -242,12 +242,12 @@ in clion = buildClion rec { name = "clion-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "C/C++ IDE. New. Intelligent. Cross-platform"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/cpp/CLion-${version}.tar.gz"; - sha256 = "0knl0ca15cj0nggyfhd7s0szxr2vp7xvvp3nna3mplssfn59zf9d"; /* updated by script */ + sha256 = "09qbzkxyk435s4n04s12ncjyri024wj9pwz8wgjjsswpfa69dhr5"; /* updated by script */ }; wmClass = "jetbrains-clion"; update-channel = "CLion RELEASE"; # channel's id as in http://www.jetbrains.com/updates/updates.xml @@ -255,12 +255,12 @@ in datagrip = buildDataGrip rec { name = "datagrip-${version}"; - version = "2021.2.2"; /* updated by script */ + version = "2021.2.4"; /* updated by script */ description = "Your Swiss Army Knife for Databases and SQL"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/datagrip/${name}.tar.gz"; - sha256 = "18dammsvd43x8cx0plzwgankmzfv7j79z0nsdagd540v99c2r2v3"; /* updated by script */ + sha256 = "1vj9ihzw07bh30ngy8mj027ljq9zzd904k61f8jbfpw75vknh8f6"; /* updated by script */ }; wmClass = "jetbrains-datagrip"; update-channel = "DataGrip RELEASE"; @@ -268,12 +268,12 @@ in goland = buildGoland rec { name = "goland-${version}"; - version = "2021.2.2"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "Up and Coming Go IDE"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/go/${name}.tar.gz"; - sha256 = "0ayqvyd24klafm09kls4fdp2acqsvh0zhm4wsrmrshlpmdqd5vjk"; /* updated by script */ + sha256 = "1n0yrk05xv4pard82b6z349ksiw8k75s9525pnpa2ny1ay1klhdg"; /* updated by script */ }; wmClass = "jetbrains-goland"; update-channel = "GoLand RELEASE"; @@ -281,12 +281,12 @@ in idea-community = buildIdea rec { name = "idea-community-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "Integrated Development Environment (IDE) by Jetbrains, community edition"; license = lib.licenses.asl20; src = fetchurl { url = "https://download.jetbrains.com/idea/ideaIC-${version}.tar.gz"; - sha256 = "1af43c51ryvqc7c9r3kz2266j0nvz50xw1vhfjbd74c3ycj8a1zz"; /* updated by script */ + sha256 = "166rhssyizn40rlar7ym7gkwz2aawp58qqvrs60w3cwwvjvb0bjq"; /* updated by script */ }; wmClass = "jetbrains-idea-ce"; update-channel = "IntelliJ IDEA RELEASE"; @@ -294,12 +294,12 @@ in idea-ultimate = buildIdea rec { name = "idea-ultimate-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "Integrated Development Environment (IDE) by Jetbrains, requires paid license"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/idea/ideaIU-${version}-no-jbr.tar.gz"; - sha256 = "1257a9d9h3ybdsnm74jmgzp1rfi1629gv9kr0w2nhmxj7ghhbx4w"; /* updated by script */ + sha256 = "1d0kk2yydrbzvdy6dy9jqr182panidmbf2hy80gvi5ph2r5rv1qd"; /* updated by script */ }; wmClass = "jetbrains-idea"; update-channel = "IntelliJ IDEA RELEASE"; @@ -307,13 +307,13 @@ in mps = buildMps rec { name = "mps-${version}"; - version = "2021.1.3"; /* updated by script */ - versionMajorMinor = "2021.1"; /* updated by script */ + version = "2021.2.1"; /* updated by script */ + versionMajorMinor = "2021.2"; /* updated by script */ description = "Create your own domain-specific language"; license = lib.licenses.asl20; src = fetchurl { url = "https://download.jetbrains.com/mps/${versionMajorMinor}/MPS-${version}.tar.gz"; - sha256 = "0w1nchaa2d3z3mdp43mvifnbibl1ribyc98dm7grnwvrqk72pabf"; /* updated by script */ + sha256 = "1yawjc5xwga1mmlsl3068ml532941mq08i9ji3dhj1nwdkyav2jz"; /* updated by script */ }; wmClass = "jetbrains-mps"; update-channel = "MPS RELEASE"; @@ -321,12 +321,12 @@ in phpstorm = buildPhpStorm rec { name = "phpstorm-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "Professional IDE for Web and PHP developers"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz"; - sha256 = "1iqnq38d71wbl1iqhqr5as1802s53m3220vq4g42mdjgdj296bdk"; /* updated by script */ + sha256 = "1avcm4fnkn0jkw85s505yz5kjbxzk038463sjdsca04pv5yhsdp0"; /* updated by script */ }; wmClass = "jetbrains-phpstorm"; update-channel = "PhpStorm RELEASE"; @@ -334,12 +334,12 @@ in pycharm-community = buildPycharm rec { name = "pycharm-community-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.2"; /* updated by script */ description = "PyCharm Community Edition"; license = lib.licenses.asl20; src = fetchurl { url = "https://download.jetbrains.com/python/${name}.tar.gz"; - sha256 = "1z59yvk3wrqn0c9581vvv62wxf4fyybha426ipyqml8c405z27y4"; /* updated by script */ + sha256 = "0s9kk3n5ac6lvqi2yw9gvvm45865jchiwyrs8pq2dgdkgaligrjv"; /* updated by script */ }; wmClass = "jetbrains-pycharm-ce"; update-channel = "PyCharm RELEASE"; @@ -347,12 +347,12 @@ in pycharm-professional = buildPycharm rec { name = "pycharm-professional-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.2"; /* updated by script */ description = "PyCharm Professional Edition"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/python/${name}.tar.gz"; - sha256 = "0sh9kdr53dhhq171p9lmsvci3qzlds4vzyqx12mzfvfs7svri1w2"; /* updated by script */ + sha256 = "0mgmmf926n3ipr8fxn6f9hsa5vkil8yrw5qlixi8nwnx7chmkp56"; /* updated by script */ }; wmClass = "jetbrains-pycharm"; update-channel = "PyCharm RELEASE"; @@ -360,12 +360,12 @@ in rider = buildRider rec { name = "rider-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.2"; /* updated by script */ description = "A cross-platform .NET IDE based on the IntelliJ platform and ReSharper"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/rider/JetBrains.Rider-${version}.tar.gz"; - sha256 = "1b5ih6q8kyds8px7gldfz1m9ap3kk27yswwxy1735c83094l2nlm"; /* updated by script */ + sha256 = "17xx8mz3dr5iqlr0lsiy8a6cxz3wp5vg8z955cdv0hf8b5rncqfa"; /* updated by script */ }; wmClass = "jetbrains-rider"; update-channel = "Rider RELEASE"; @@ -373,12 +373,12 @@ in ruby-mine = buildRubyMine rec { name = "ruby-mine-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.3"; /* updated by script */ description = "The Most Intelligent Ruby and Rails IDE"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz"; - sha256 = "09blnm6han2rmdvjbr1va081zndzvjr1i0m3njaiwcb9rf2axm32"; /* updated by script */ + sha256 = "0bbq5ya1dxrgaqqqsc4in4rgv7v292hww3bb0vpzwz6dmc2jly1i"; /* updated by script */ }; wmClass = "jetbrains-rubymine"; update-channel = "RubyMine RELEASE"; @@ -386,12 +386,12 @@ in webstorm = buildWebStorm rec { name = "webstorm-${version}"; - version = "2021.2.1"; /* updated by script */ + version = "2021.2.2"; /* updated by script */ description = "Professional IDE for Web and JavaScript development"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/webstorm/WebStorm-${version}.tar.gz"; - sha256 = "12i9f5sw02gcgviflfs6gwmnxvzhgmm4v4447am0syl4nq8nyv1s"; /* updated by script */ + sha256 = "1a3vlqza9nbc4a2qxrzdckmq003zx1db9dy7wx462amc8sbh6v92"; /* updated by script */ }; wmClass = "jetbrains-webstorm"; update-channel = "WebStorm RELEASE"; diff --git a/pkgs/applications/networking/cluster/terragrunt/default.nix b/pkgs/applications/networking/cluster/terragrunt/default.nix index 1c52f56437cc..e07b9b88ddc4 100644 --- a/pkgs/applications/networking/cluster/terragrunt/default.nix +++ b/pkgs/applications/networking/cluster/terragrunt/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "terragrunt"; - version = "0.33.0"; + version = "0.35.1"; src = fetchFromGitHub { owner = "gruntwork-io"; repo = pname; rev = "v${version}"; - sha256 = "sha256-FvgB0jG6PEvhrT9Au/Uv9XSgKx+zNw8zETpg2dJ6QX4="; + sha256 = "sha256-DCum3vCrN530Z0VW0WEoLtjN+kre/mU9O+sJxckZgfc="; }; vendorSha256 = "sha256-y84EFmoJS4SeA5YFIVFU0iWa5NnjU5yvOj7OFE+jGN0="; diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 81967bcbe2b7..7be5d62312de 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -23,7 +23,7 @@ let --set LC_MESSAGES "${spellcheckerLanguage}"''); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.19.0"; # Please backport all updates to the stable channel. + version = "5.20.0"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -33,7 +33,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "0avns5axcfs8x9sv7hyjxi1cr7gag00avfj0h99wgn251b313g1a"; + sha256 = "0a57gajxjqkp7zcmjc3iiys06b7v53nd81gkwrsfn2gmshihlzkd"; }; nativeBuildInputs = [ diff --git a/pkgs/development/libraries/aml/default.nix b/pkgs/development/libraries/aml/default.nix index 899dafde76f2..ef3ba58e7e25 100644 --- a/pkgs/development/libraries/aml/default.nix +++ b/pkgs/development/libraries/aml/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "aml"; - version = "0.2.0"; + version = "0.2.1"; src = fetchFromGitHub { owner = "any1"; repo = pname; rev = "v${version}"; - sha256 = "0mxmzlhiv88hm4sf8kyawyrml8qy1xis019hdyb5skl9g95z9yyf"; + sha256 = "1m911n3rd41ch4yk3k9k1lz29xp3h54k6jx122abq5kmngy9znqw"; }; nativeBuildInputs = [ meson pkg-config ninja ]; diff --git a/pkgs/development/ocaml-modules/ocaml-freestanding/default.nix b/pkgs/development/ocaml-modules/ocaml-freestanding/default.nix index cf72397057db..942d69e59194 100644 --- a/pkgs/development/ocaml-modules/ocaml-freestanding/default.nix +++ b/pkgs/development/ocaml-modules/ocaml-freestanding/default.nix @@ -22,13 +22,13 @@ else stdenv.mkDerivation rec { name = "ocaml${ocaml.version}-${pname}-${version}"; inherit pname; - version = "0.6.4"; + version = "0.6.5"; src = fetchFromGitHub { owner = "mirage"; repo = pname; rev = "v${version}"; - sha256 = "0w3x2wfd04qr6mci4cp1gfqw33yysp8gamgkpgbgwslr0skryiq5"; + sha256 = "sha256:1mbyjzwcs64n7i3xkkyaxgl3r46drbl0gkqf3fqgm2kh3q03638l"; }; postUnpack = '' @@ -55,15 +55,6 @@ stdenv.mkDerivation rec { runHook postConfigure ''; - preBuild = '' - # perform substitutions, so opam isn't needed - for flags in flags/cflags.tmp flags/libs.tmp; do - substitute "$flags.in" "$flags" \ - --replace "%{prefix}%" "$out" \ - --replace "%{ocaml-freestanding:lib}%" "$out/lib" - done - ''; - installPhase = '' runHook preInstall ./install.sh "$out" diff --git a/pkgs/development/ocaml-modules/ocaml-freestanding/no-opam.patch b/pkgs/development/ocaml-modules/ocaml-freestanding/no-opam.patch index 43141b1472a9..45f271ec0f25 100644 --- a/pkgs/development/ocaml-modules/ocaml-freestanding/no-opam.patch +++ b/pkgs/development/ocaml-modules/ocaml-freestanding/no-opam.patch @@ -22,43 +22,6 @@ Date: Thu Mar 18 01:07:49 2021 +0100 nice bonus). The Makefile needs no fix since the target ocaml/Makefile won't be built if it's already present. -diff --git a/Makefile b/Makefile -index b07b8c6..a68b31d 100644 ---- a/Makefile -+++ b/Makefile -@@ -2,6 +2,12 @@ - - include Makeconf - -+ifneq ($(shell command -v opam),) -+ # only set if opam is available and PKG_CONFIG_PATH isn't -+ # already set in the environment or on the command line -+ PKG_CONFIG_PATH ?= $(shell opam config var prefix)/lib/pkgconfig -+endif -+ - FREESTANDING_LIBS=openlibm/libopenlibm.a \ - ocaml/runtime/libasmrun.a \ - nolibc/libnolibc.a -@@ -73,8 +79,7 @@ flags/libs.tmp: flags/libs.tmp.in - opam config subst $@ - - flags/libs: flags/libs.tmp Makeconf -- env PKG_CONFIG_PATH="$(shell opam config var prefix)/lib/pkgconfig" \ -- pkg-config $(PKG_CONFIG_DEPS) --libs >> $< -+ pkg-config $(PKG_CONFIG_DEPS) --libs >> $< - awk -v RS= -- '{ \ - sub("@@PKG_CONFIG_EXTRA_LIBS@@", "$(PKG_CONFIG_EXTRA_LIBS)", $$0); \ - print "(", $$0, ")" \ -@@ -84,8 +89,7 @@ flags/cflags.tmp: flags/cflags.tmp.in - opam config subst $@ - - flags/cflags: flags/cflags.tmp Makeconf -- env PKG_CONFIG_PATH="$(shell opam config var prefix)/lib/pkgconfig" \ -- pkg-config $(PKG_CONFIG_DEPS) --cflags >> $< -+ pkg-config $(PKG_CONFIG_DEPS) --cflags >> $< - awk -v RS= -- '{ \ - print "(", $$0, ")" \ - }' $< >$@ diff --git a/configure.sh b/configure.sh index 4d154ed..c254f7b 100755 --- a/configure.sh diff --git a/pkgs/development/python-modules/asyncssh/default.nix b/pkgs/development/python-modules/asyncssh/default.nix index da8d194561fe..8cf73ba5df64 100644 --- a/pkgs/development/python-modules/asyncssh/default.nix +++ b/pkgs/development/python-modules/asyncssh/default.nix @@ -59,6 +59,11 @@ buildPythonPackage rec { "tests/sspi_stub.py" ]; + disabledTests = [ + # No PIN set + "TestSKAuthCTAP2" + ]; + pythonImportsCheck = [ "asyncssh" ]; meta = with lib; { diff --git a/pkgs/development/python-modules/browser-cookie3/default.nix b/pkgs/development/python-modules/browser-cookie3/default.nix index 7bfd288bc884..d15f28e475c2 100644 --- a/pkgs/development/python-modules/browser-cookie3/default.nix +++ b/pkgs/development/python-modules/browser-cookie3/default.nix @@ -1,4 +1,13 @@ -{ lib, fetchPypi, buildPythonPackage, isPy3k, lz4, keyring, pbkdf2, pycryptodome, pyaes}: +{ lib +, fetchPypi +, buildPythonPackage +, isPy3k +, lz4 +, keyring +, pbkdf2 +, pycryptodome +, pyaes +}: buildPythonPackage rec { pname = "browser-cookie3"; @@ -11,15 +20,25 @@ buildPythonPackage rec { disabled = !isPy3k; - propagatedBuildInputs = [ lz4 keyring pbkdf2 pyaes pycryptodome ]; + propagatedBuildInputs = [ + lz4 + keyring + pbkdf2 + pyaes + pycryptodome + ]; # No tests implemented doCheck = false; + pythonImportsCheck = [ + "browser_cookie3" + ]; + meta = with lib; { description = "Loads cookies from your browser into a cookiejar object"; - maintainers = with maintainers; [ borisbabic ]; homepage = "https://github.com/borisbabic/browser_cookie3"; - license = licenses.gpl3; + license = licenses.gpl3Only; + maintainers = with maintainers; [ borisbabic ]; }; } diff --git a/pkgs/development/python-modules/frozenlist/default.nix b/pkgs/development/python-modules/frozenlist/default.nix index e3def747f03b..34660645b596 100644 --- a/pkgs/development/python-modules/frozenlist/default.nix +++ b/pkgs/development/python-modules/frozenlist/default.nix @@ -8,14 +8,14 @@ buildPythonPackage rec { pname = "frozenlist"; - version = "1.1.1"; + version = "1.2.0"; disabled = pythonOlder "3.6"; src = fetchFromGitHub { owner = "aio-libs"; repo = pname; rev = "v${version}"; - sha256 = "07z33vid7s8fjwvybyn8357yvs0f6nlhizv1l3qj1bczi3jbdkbh"; + sha256 = "sha256-rTbekdceC5QK0aiySi/4QUwaEoDfTlLrx2t6Kb9bH7U="; }; nativeBuildInputs = [ diff --git a/pkgs/development/python-modules/mypy-boto3-s3/default.nix b/pkgs/development/python-modules/mypy-boto3-s3/default.nix index 046f0b3149ab..31b29364a7b8 100644 --- a/pkgs/development/python-modules/mypy-boto3-s3/default.nix +++ b/pkgs/development/python-modules/mypy-boto3-s3/default.nix @@ -8,12 +8,12 @@ buildPythonPackage rec { pname = "mypy-boto3-s3"; - version = "1.18.62"; + version = "1.18.63"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - sha256 = "a12c44b1a1a9653d6f9148f174a9b7b71785481374ef43d962bd580967b6bca8"; + sha256 = "cf676b3d36677382429a3ed29e17edfdd342c1879db37868723b2a0761640d62"; }; propagatedBuildInputs = [ diff --git a/pkgs/development/python-modules/pyintesishome/default.nix b/pkgs/development/python-modules/pyintesishome/default.nix index 6e8b8fef32fc..c6b1a7319f3e 100644 --- a/pkgs/development/python-modules/pyintesishome/default.nix +++ b/pkgs/development/python-modules/pyintesishome/default.nix @@ -6,13 +6,13 @@ buildPythonPackage rec { pname = "pyintesishome"; - version = "1.8.0"; + version = "1.8.1"; src = fetchFromGitHub { owner = "jnimmo"; repo = "pyIntesisHome"; rev = version; - sha256 = "1y1agdr32p7m4dbb6kzchh0vb49gy0rqp8hq9zadwrq2vp70k5sn"; + sha256 = "sha256-+bad3VIoP0sVw0blK9YIot2GfK5de4HTXv5/ipV2Nds="; }; propagatedBuildInputs = [ diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index c9f0438c86f5..2d1775dac63e 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -140,6 +140,10 @@ let "INSTALL_MOD_PATH=\${out}" ]; + postBuild = optionalString buildKernel '' + find . -name "*.ko" -print0 | xargs -0 -P$NIX_BUILD_CORES strip --strip-debug + ''; + postInstall = optionalString buildKernel '' # Add reference that cannot be detected due to compressed kernel module mkdir -p "$out/nix-support" diff --git a/pkgs/tools/networking/unbound/default.nix b/pkgs/tools/networking/unbound/default.nix index a24ac1f38888..393756a9b2ab 100644 --- a/pkgs/tools/networking/unbound/default.nix +++ b/pkgs/tools/networking/unbound/default.nix @@ -5,9 +5,13 @@ , nettle , expat , libevent +, libsodium +, protobufc +, hiredis , dns-root-data , pkg-config , makeWrapper +, symlinkJoin # # By default unbound will not be built with systemd support. Unbound is a very # commmon dependency. The transitive dependency closure of systemd also @@ -21,6 +25,11 @@ , systemd ? null # optionally support DNS-over-HTTPS as a server , withDoH ? false +, withECS ? false +, withDNSCrypt ? false +, withDNSTAP ? false +, withTFO ? false +, withRedis ? false , libnghttp2 }: @@ -57,8 +66,24 @@ stdenv.mkDerivation rec { "--enable-systemd" ] ++ lib.optionals withDoH [ "--with-libnghttp2=${libnghttp2.dev}" + ] ++ lib.optionals withECS [ + "--enable-subnet" + ] ++ lib.optionals withDNSCrypt [ + "--enable-dnscrypt" + "--with-libsodium=${symlinkJoin { name = "libsodium-full"; paths = [ libsodium.dev libsodium.out ]; }}" + ] ++ lib.optionals withDNSTAP [ + "--enable-dnstap" + "--with-protobuf-c=${protobufc}" + ] ++ lib.optionals withTFO [ + "--enable-tfo-client" + "--enable-tfo-server" + ] ++ lib.optionals withRedis [ + "--enable-cachedb" + "--with-libhiredis=${hiredis}" ]; + PROTOC_C = if withDNSTAP then "${protobufc}/bin/protoc-c" else null; + # Remove references to compile-time dependencies that are included in the configure flags postConfigure = let inherit (builtins) storeDir; diff --git a/pkgs/tools/security/exploitdb/default.nix b/pkgs/tools/security/exploitdb/default.nix index 86ab11f9f385..7d2793647d85 100644 --- a/pkgs/tools/security/exploitdb/default.nix +++ b/pkgs/tools/security/exploitdb/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "exploitdb"; - version = "2021-10-15"; + version = "2021-10-16"; src = fetchFromGitHub { owner = "offensive-security"; repo = pname; rev = version; - sha256 = "sha256-7bQoBYPfePhanh7SCZ6MO/eWtyD8cfWaYjc9AWOT2rc="; + sha256 = "sha256-kzMMcipE9AKOWka2yAuljwNG/g+8fF2rYehTtxdQY+k="; }; nativeBuildInputs = [ makeWrapper ]; diff --git a/pkgs/tools/security/ike-scan/default.nix b/pkgs/tools/security/ike-scan/default.nix index 5d54e36585d0..15d201fa3270 100644 --- a/pkgs/tools/security/ike-scan/default.nix +++ b/pkgs/tools/security/ike-scan/default.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "ike-scan"; - version = "1.9.4"; + version = "1.9.5"; src = fetchFromGitHub { owner = "royhills"; repo = pname; rev = version; - sha256 = "01a39bk9ma2lm59q320m9g11909if5gc3qynd8pzn6slqiq5r8kw"; + sha256 = "sha256-mbfg8p3y4aKoXpmLuF9GXAMPEqV5CsvetwGCRDJ9UNY="; }; nativeBuildInputs = [ @@ -33,11 +33,6 @@ stdenv.mkDerivation rec { url = "https://github.com/royhills/ike-scan/pull/15/commits/d864811de08dcddd65ac9b8d0f2acf5d7ddb9dea.patch"; sha256 = "0wbrq89dl8js7cdivd0c45hckmflan33cpgc3qm5s3az6r4mjljm"; }) - (fetchpatch { - # Unknown vendor IDs, https://github.com/royhills/ike-scan/pull/18, was merged but not released - url = "https://github.com/royhills/ike-scan/pull/18/commits/e065ddbe471880275dc7975e7da235e7a2097c22.patch"; - sha256 = "13ly01c96nnd5yh7rxrhv636csm264m5xf2a1inprrzxkkri5sls"; - }) ]; meta = with lib; { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7356c3dbcace..2bed51755cda 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -10460,6 +10460,11 @@ with pkgs; unbound-full = unbound.override { withSystemd = true; withDoH = true; + withECS = true; + withDNSCrypt = true; + withDNSTAP = true; + withTFO = true; + withRedis = true; }; unicorn = callPackage ../development/libraries/unicorn { };