From 0c4f8e78b522711ca72724248393d7f5d57f6b57 Mon Sep 17 00:00:00 2001 From: Tobias Stenzel Date: Fri, 29 Apr 2022 23:57:57 +0200 Subject: [PATCH 01/33] nixos/gitlab: fix gitlab-registry-cert path condition `ConditionPathExists` belongs in the [Unit] section, not [Service]. The unit now properly checks if the cert file already exists before activating so certs will not be overwritten anymore. --- nixos/modules/services/misc/gitlab.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 0811b34156e4..c436d0993a69 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -1043,7 +1043,7 @@ in { chown ${cfg.user}:${cfg.group} ${cfg.registry.certFile} ''; - serviceConfig = { + unitConfig = { ConditionPathExists = "!${cfg.registry.certFile}"; }; }; From f31a28d12cf62cc73ade8eefa6d3feb1ab91035c Mon Sep 17 00:00:00 2001 From: kilianar Date: Wed, 22 Jun 2022 16:03:13 +0200 Subject: [PATCH 02/33] vaultwarden-vault: 2.27.0 -> 2022.5.2 --- pkgs/tools/security/vaultwarden/vault.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/vaultwarden/vault.nix b/pkgs/tools/security/vaultwarden/vault.nix index f37fbe12f1c6..5814123bfcc0 100644 --- a/pkgs/tools/security/vaultwarden/vault.nix +++ b/pkgs/tools/security/vaultwarden/vault.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "vaultwarden-vault"; - version = "2.27.0"; + version = "2022.5.2"; src = fetchurl { url = "https://github.com/dani-garcia/bw_web_builds/releases/download/v${version}/bw_web_v${version}.tar.gz"; - sha256 = "sha256-r4z45gjVB+RMZM0IE/ec0yf+rt4YDz5IpZEz5FlQSds="; + sha256 = "sha256-clsiEC9nwfrGMIBwT95G3tR3KLxMvMM553s8it/3JtM="; }; buildCommand = '' From a8320c3361b50baf06659550347b355f413efd48 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Mon, 27 Jun 2022 15:00:58 +0000 Subject: [PATCH 03/33] neomutt: fix sendmail default value NeoMutt doesn't use autoconf any more, so the autoconf variable in configureFlags wasn't doing anything. With the new autosetup build system, there doesn't seem to be a way to override the default sendmail location, so we have to patch it. --- pkgs/applications/networking/mailreaders/neomutt/default.nix | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkgs/applications/networking/mailreaders/neomutt/default.nix b/pkgs/applications/networking/mailreaders/neomutt/default.nix index 2bcfd839e285..9eb377f1b98e 100644 --- a/pkgs/applications/networking/mailreaders/neomutt/default.nix +++ b/pkgs/applications/networking/mailreaders/neomutt/default.nix @@ -27,6 +27,7 @@ stdenv.mkDerivation rec { enableParallelBuilding = true; postPatch = '' + substituteInPlace auto.def --replace /usr/sbin/sendmail sendmail substituteInPlace contrib/smime_keys \ --replace /usr/bin/openssl ${openssl}/bin/openssl @@ -60,8 +61,6 @@ stdenv.mkDerivation rec { # To make it not reference .dev outputs. See: # https://github.com/neomutt/neomutt/pull/2367 "--disable-include-path-in-cflags" - # Look in $PATH at runtime, instead of hardcoding /usr/bin/sendmail - "ac_cv_path_SENDMAIL=sendmail" "--zlib" ]; From fa0f161ef7adab47866e16f78c35bdb9ef584d85 Mon Sep 17 00:00:00 2001 From: Shawn8901 Date: Sun, 26 Jun 2022 12:09:41 +0200 Subject: [PATCH 04/33] epson-escpr2: 1.1.46 -> 1.1.48 --- pkgs/misc/drivers/epson-escpr2/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/misc/drivers/epson-escpr2/default.nix b/pkgs/misc/drivers/epson-escpr2/default.nix index 6f17bcbf412b..ad3477d2a0bf 100644 --- a/pkgs/misc/drivers/epson-escpr2/default.nix +++ b/pkgs/misc/drivers/epson-escpr2/default.nix @@ -2,15 +2,15 @@ stdenv.mkDerivation rec { pname = "epson-inkjet-printer-escpr2"; - version = "1.1.46"; + version = "1.1.48"; src = fetchurl { # To find new versions, visit # http://download.ebz.epson.net/dsc/search/01/search/?OSC=LX and search for # some printer like for instance "WF-7210" to get to the most recent # version. - url = "https://download3.ebz.epson.net/dsc/f/03/00/13/43/83/99e36ae2747bfae54a5dd32dacaf189a073278aa/epson-inkjet-printer-escpr2-1.1.46-1lsb3.2.src.rpm"; - sha256 = "sha256-7AeDULD/BB+swLBOwijilcM+yJi5slOMw2lEtquLyYw="; + url = "https://download3.ebz.epson.net/dsc/f/03/00/13/52/26/977f2b2c13cc185981479fbd225b802c35c92beb/epson-inkjet-printer-escpr2-1.1.48-1lsb3.2.src.rpm"; + sha256 = "sha256-E+ZZLt7hdXojQkKr0qgdL+UuSZXAESWW9AHIfAX1jK0="; }; unpackPhase = '' From 6e70d1d303f1b765b184bce97ed1f96bdb4a6851 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jo=C3=A3o=20Capucho?= Date: Thu, 16 Jun 2022 17:10:08 +0100 Subject: [PATCH 05/33] jellyfin: fix arm{,64} compilation It seems like one of the nuget dependencies is platform dependant and since the nuget dependencies were only being generated for x64 the other architectures were missing their version of the dependency causing the build to fail on them. --- pkgs/servers/jellyfin/nuget-deps.nix | 6 ++++++ pkgs/servers/jellyfin/update.sh | 4 ++++ 2 files changed, 10 insertions(+) diff --git a/pkgs/servers/jellyfin/nuget-deps.nix b/pkgs/servers/jellyfin/nuget-deps.nix index 55211c028b1d..e78d094afee6 100644 --- a/pkgs/servers/jellyfin/nuget-deps.nix +++ b/pkgs/servers/jellyfin/nuget-deps.nix @@ -11,6 +11,8 @@ (fetchNuGet { pname = "Humanizer.Core"; version = "2.8.26"; sha256 = "1v8xd12yms4qq1md4vh6faxicmqrvahqdd7sdkyzrphab9v44nsm"; }) (fetchNuGet { pname = "Jellyfin.XmlTv"; version = "10.8.0"; sha256 = "0fv923y58z9l97zhlrifmki0x1m7r52avglhrl2h1jjv1x1wkvzx"; }) (fetchNuGet { pname = "libse"; version = "3.6.5"; sha256 = "1h0rm8jbwjp0qgayal48zdzgsqr7c7v9lnc4v8x0r0pxrb4f0x1k"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-arm"; version = "6.0.6"; sha256 = "1fv3xvqc98l3ma4s8f2g4fklifbj1i24fngcvlhfm4j6s295xjj1"; }) + (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-arm64"; version = "6.0.6"; sha256 = "1z50gqg0jimk98yd0zr2vxn087h3h1qn08fdcqbaxfgpcw30yi87"; }) (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-x64"; version = "6.0.6"; sha256 = "0ndah9cqkgswhi60wrnni10j1d2hdg8jljij83lk1wbfqbng86jm"; }) (fetchNuGet { pname = "Microsoft.AspNetCore.Authorization"; version = "6.0.6"; sha256 = "027ffl755kl1ffc190xq3g30nxzwy3zz0v9f85405lgj5ikh9cr9"; }) (fetchNuGet { pname = "Microsoft.AspNetCore.Metadata"; version = "6.0.6"; sha256 = "17hwh9yh72wmqn1zbx6fbinqxln89yx2sryksk7xsgypzs2dcf5n"; }) @@ -82,6 +84,10 @@ (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "3.1.9"; sha256 = "0538fvjz9c27nvc6kv83b0912qvc71wz2w60svl0mscj86ds49wc"; }) (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "5.0.0"; sha256 = "0swqcknyh87ns82w539z1mvy804pfwhgzs97cr3nwqk6g5s42gd6"; }) (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "6.0.0"; sha256 = "1kjiw6s4yfz9gm7mx3wkhp06ghnbs95icj9hi505shz9rjrg42q2"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-arm"; version = "6.0.6"; sha256 = "0kygwac98rxq89g83lyzn21kslvgdkcqfd1dnba2ssw7q056fbgy"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-arm64"; version = "6.0.6"; sha256 = "0hlxq0k60ras0wj7d7q94dxd8nzjcry0kixxs6z1hyrbm4q0y3ls"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-arm"; version = "6.0.6"; sha256 = "088ggz1ac5z4ir707xmxiw4dlcaacfgmyvvlgwvsxhnv3fngf8b6"; }) + (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-arm64"; version = "6.0.6"; sha256 = "117rz4gm7ihns5jlc2x05h7kdcgrl0ic4v67dzfbbr9kpra1bmcw"; }) (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-x64"; version = "6.0.6"; sha256 = "0fjbjh7yxqc9h47ix37y963xi9f9y99jvl26cw3x3kvjlb8x0bgj"; }) (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "1.0.1"; sha256 = "01al6cfxp68dscl15z7rxfw9zvhm64dncsw09a1vmdkacsa2v6lr"; }) (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "1.1.0"; sha256 = "08vh1r12g6ykjygq5d3vq09zylgb84l63k49jc4v8faw9g93iqqm"; }) diff --git a/pkgs/servers/jellyfin/update.sh b/pkgs/servers/jellyfin/update.sh index 47fef65944e4..f852bc878487 100755 --- a/pkgs/servers/jellyfin/update.sh +++ b/pkgs/servers/jellyfin/update.sh @@ -29,7 +29,11 @@ chmod -R +w "$src" pushd "$src" mkdir ./nuget_tmp.packages + +dotnet restore Jellyfin.Server --packages ./nuget_tmp.packages --runtime linux-x86 dotnet restore Jellyfin.Server --packages ./nuget_tmp.packages --runtime linux-x64 +dotnet restore Jellyfin.Server --packages ./nuget_tmp.packages --runtime linux-arm +dotnet restore Jellyfin.Server --packages ./nuget_tmp.packages --runtime linux-arm64 nuget-to-nix ./nuget_tmp.packages > "$nugetDepsFile" From 6eea86625ea6e2d9dcb2290b909f5892ac6589be Mon Sep 17 00:00:00 2001 From: Luflosi Date: Sat, 2 Jul 2022 13:00:17 +0200 Subject: [PATCH 06/33] boinc: 7.20.0 -> 7.20.1 https://github.com/BOINC/boinc/releases/tag/client_release%2F7.20%2F7.20.1 --- pkgs/applications/science/misc/boinc/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/science/misc/boinc/default.nix b/pkgs/applications/science/misc/boinc/default.nix index 702dd3242e64..e3a301f6629b 100644 --- a/pkgs/applications/science/misc/boinc/default.nix +++ b/pkgs/applications/science/misc/boinc/default.nix @@ -4,7 +4,7 @@ sqlite, gtk2, patchelf, libXScrnSaver, libnotify, libX11, libxcb }: let majorVersion = "7.20"; - minorVersion = "0"; + minorVersion = "1"; in stdenv.mkDerivation rec { @@ -16,7 +16,7 @@ stdenv.mkDerivation rec { owner = "BOINC"; repo = "boinc"; rev = "client_release/${majorVersion}/${version}"; - sha256 = "sha256-W8+ALVO2OHxxBi80ZFgc8RxXneGINCHYNeMXimp9TIw="; + sha256 = "sha256-FRU5s/nvT3VKU78AXYlbzeru7XQwNSqDNMGrdQ3jd1w="; }; nativeBuildInputs = [ libtool automake autoconf m4 pkg-config ]; From 060e4ecb2f6fe1fbf4d3a07367aec41884123b8d Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Sun, 3 Jul 2022 10:20:11 +0200 Subject: [PATCH 07/33] checkSSLCert: 2.32.0 -> 2.33.0 --- pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix index 8f0a16d0039f..d14302b2e69d 100644 --- a/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix +++ b/pkgs/servers/monitoring/nagios/plugins/check_ssl_cert.nix @@ -10,13 +10,13 @@ stdenv.mkDerivation rec { pname = "check_ssl_cert"; - version = "2.32.0"; + version = "2.33.0"; src = fetchFromGitHub { owner = "matteocorti"; repo = "check_ssl_cert"; rev = "v${version}"; - hash = "sha256-CoWoV9Vv9j0VmkRw7bQFArkKZA2Qq+7ae3ujogsUWso="; + hash = "sha256-LNs7v56Gk8pLM+vUwQKx85cTvcCZxfpuceOXih9t6kE="; }; nativeBuildInputs = [ From 3ac5490e4efe69fbdf861e972b78a646332bd2a7 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 3 Jul 2022 17:50:27 +0000 Subject: [PATCH 08/33] python310Packages.pecan: 1.4.1 -> 1.4.2 --- pkgs/development/python-modules/pecan/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/pecan/default.nix b/pkgs/development/python-modules/pecan/default.nix index 0931cc2b28d8..c35b53cd25d2 100644 --- a/pkgs/development/python-modules/pecan/default.nix +++ b/pkgs/development/python-modules/pecan/default.nix @@ -16,14 +16,14 @@ buildPythonPackage rec { pname = "pecan"; - version = "1.4.1"; + version = "1.4.2"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - sha256 = "sha256-LL0O7btXR8BM3xjEquTxxunZUPOvcK8lRLB09+16BIA="; + sha256 = "sha256-SbJV5wHD8UYWBfWw6PVPDCGSLXhF1BTCTdZAn+aV1VA="; }; propagatedBuildInputs = [ From b6805190a2b5d65e93aba36d87404c4dd5cb4cbc Mon Sep 17 00:00:00 2001 From: Nicolas Benes Date: Sun, 3 Jul 2022 21:13:34 +0200 Subject: [PATCH 09/33] tor-browser-bundle-bin: 11.0.14 -> 11.0.15 --- .../networking/browsers/tor-browser-bundle-bin/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix index c415735d2b12..042e3e661d0b 100644 --- a/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix +++ b/pkgs/applications/networking/browsers/tor-browser-bundle-bin/default.nix @@ -87,7 +87,7 @@ let fteLibPath = makeLibraryPath [ stdenv.cc.cc gmp ]; # Upstream source - version = "11.0.14"; + version = "11.0.15"; lang = "en-US"; @@ -98,7 +98,7 @@ let "https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz" "https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux64-${version}_${lang}.tar.xz" ]; - sha256 = "19lsxdxbdismjrv2kmvm10cmr1x5klc2khlmrybycdw2vx7r41mn"; + sha256 = "1gv44bi3gfg5z46fvs9wy46fgvfshad5kbxl43x3x4r70ps1nc3l"; }; i686-linux = fetchurl { @@ -107,7 +107,7 @@ let "https://tor.eff.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz" "https://tor.calyxinstitute.org/dist/torbrowser/${version}/tor-browser-linux32-${version}_${lang}.tar.xz" ]; - sha256 = "0hkj4vn5jk3z32mdgzzwmhj5xa4mv5p1nnwqhlsbc3g5b5q8bc7q"; + sha256 = "109291wwcy63k8hs23kx8vffpj4zvywdpy8srwaq367l0ffvfqn2"; }; }; in From 25bd9f555151ab3e6f860c286b49b651f36e181b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Romildo?= Date: Sun, 3 Jul 2022 17:28:11 -0300 Subject: [PATCH 10/33] vopono: 0.9.2 -> 0.10.0 --- pkgs/tools/networking/vopono/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/vopono/default.nix b/pkgs/tools/networking/vopono/default.nix index dbbdbda7bcfd..c812a35bfe92 100644 --- a/pkgs/tools/networking/vopono/default.nix +++ b/pkgs/tools/networking/vopono/default.nix @@ -5,14 +5,14 @@ rustPlatform.buildRustPackage rec { pname = "vopono"; - version = "0.9.2"; + version = "0.10.0"; src = fetchCrate { inherit pname version; - sha256 = "sha256-Z9eAbGq4ePbLyp6SWSbgLy4ogo2EFMps2HT8JUQFuR4="; + sha256 = "sha256-89Mzn2knClBJwVlCglR5BOOo5dXRP1Gqp/mmwHvwM3c="; }; - cargoHash = "sha256-aeukVOn6uBZlsPl35erJNlKxp929czuFCzllswYOWhM="; + cargoHash = "sha256-8m/zlmeYcYCxycP9W6eweRJ2Vf/8+GSYf+NNz3NtnIw="; meta = with lib; { description = "Run applications through VPN connections in network namespaces"; From a18f8633c79ab103d81df702f141019f1160f17f Mon Sep 17 00:00:00 2001 From: kilianar Date: Sun, 3 Jul 2022 23:29:29 +0200 Subject: [PATCH 11/33] your-editor: 1400 -> 1403 https://github.com/your-editor/yed/releases/tag/1403 --- pkgs/applications/editors/your-editor/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/editors/your-editor/default.nix b/pkgs/applications/editors/your-editor/default.nix index d00be198c8ff..094274aa7bd7 100644 --- a/pkgs/applications/editors/your-editor/default.nix +++ b/pkgs/applications/editors/your-editor/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "your-editor"; - version = "1400"; + version = "1403"; src = fetchFromGitHub { owner = "your-editor"; repo = "yed"; rev = version; - sha256 = "sha256-qF+fMFHfY1fdWPAFEoCxcKHB++sFNwOaHeaMv+6gakg="; + sha256 = "sha256-hG0ZRAxWOdFtDgKcDysu89LOdULZmJHLi7grfVjAbwM="; }; installPhase = '' From 2fcd2a4e779b157584a3cdf446083b35f97d9b3f Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 4 Jul 2022 02:09:25 +0200 Subject: [PATCH 12/33] jose: 10 -> 11 https://github.com/latchset/jose/releases/tag/v11 --- pkgs/development/libraries/jose/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/jose/default.nix b/pkgs/development/libraries/jose/default.nix index b15fead62699..808dcaeed3a0 100644 --- a/pkgs/development/libraries/jose/default.nix +++ b/pkgs/development/libraries/jose/default.nix @@ -1,19 +1,19 @@ -{ lib, stdenv, fetchFromGitHub, autoreconfHook, pkg-config +{ lib, stdenv, fetchFromGitHub, meson, pkg-config, ninja, asciidoc , zlib, jansson, openssl }: stdenv.mkDerivation rec { pname = "jose"; - version = "10"; + version = "11"; src = fetchFromGitHub { owner = "latchset"; repo = pname; rev = "v${version}"; - sha256 = "15ac8a656m66rd9qg4dj53smykwaagqv606h18w7fiqn0ykxl4vi"; + hash = "sha256-TKcXswF50B8MS+XHSEvqHaFSAct7VdsnZ0RtZCF04Lc="; }; - nativeBuildInputs = [ autoreconfHook pkg-config ]; + nativeBuildInputs = [ meson pkg-config ninja asciidoc ]; buildInputs = [ zlib jansson openssl ]; outputs = [ "out" "dev" "man" ]; From fcd299ab70ed48092d91e7f305e51f0eff7df2b8 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Mon, 4 Jul 2022 08:49:40 +0800 Subject: [PATCH 13/33] pantheon.switchboard-plug-wacom: 1.0.0 -> 1.0.1 --- .../apps/switchboard-plugs/wacom/default.nix | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/pkgs/desktops/pantheon/apps/switchboard-plugs/wacom/default.nix b/pkgs/desktops/pantheon/apps/switchboard-plugs/wacom/default.nix index 904278f983e0..94300fcbdd94 100644 --- a/pkgs/desktops/pantheon/apps/switchboard-plugs/wacom/default.nix +++ b/pkgs/desktops/pantheon/apps/switchboard-plugs/wacom/default.nix @@ -1,7 +1,6 @@ { lib , stdenv , fetchFromGitHub -, fetchpatch , nix-update-script , meson , ninja @@ -19,24 +18,15 @@ stdenv.mkDerivation rec { pname = "switchboard-plug-wacom"; - version = "1.0.0"; + version = "1.0.1"; src = fetchFromGitHub { owner = "elementary"; repo = pname; rev = version; - sha256 = "1n2yfq4s9xpnfqjikchjp4z2nk8cmfz4g0p18cplzh5w1lvz17lm"; + sha256 = "sha256-+E+MTIi2Dvv7TvzYEzudeIqlDcP8VP61eBh/PQz9SWI="; }; - patches = [ - # Upstream code not respecting our localedir - # https://github.com/elementary/switchboard-plug-wacom/pull/29 - (fetchpatch { - url = "https://github.com/elementary/switchboard-plug-wacom/commit/2a7dee180d73ffb3521d806efb7028f5a71cb511.patch"; - sha256 = "06ra5c0f14brmj2mmsqscpc4d1114i4qazgnsazzh2hrp04ilnva"; - }) - ]; - nativeBuildInputs = [ meson ninja From ba48a66dec0322fc87eabec63b7e96804c1b8133 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Mon, 4 Jul 2022 08:51:34 +0800 Subject: [PATCH 14/33] pantheon.wingpanel-indicator-notifications: 6.0.4 -> 6.0.5 --- .../desktop/wingpanel-indicators/notifications/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/pantheon/desktop/wingpanel-indicators/notifications/default.nix b/pkgs/desktops/pantheon/desktop/wingpanel-indicators/notifications/default.nix index ceabac94a236..5228938a1db9 100644 --- a/pkgs/desktops/pantheon/desktop/wingpanel-indicators/notifications/default.nix +++ b/pkgs/desktops/pantheon/desktop/wingpanel-indicators/notifications/default.nix @@ -16,13 +16,13 @@ stdenv.mkDerivation rec { pname = "wingpanel-indicator-notifications"; - version = "6.0.4"; + version = "6.0.5"; src = fetchFromGitHub { owner = "elementary"; repo = pname; rev = version; - sha256 = "sha256-tIpR/WIhE0Mmt2EploNNDVlAX4OUNI3VnEflTLVkfSo="; + sha256 = "sha256-Y/oDD/AsA9ZiKsfEV3/jnT3tmQYAIIToAZjMRVriK98="; }; nativeBuildInputs = [ From fb2d1c864545b0e178fc240b745b041bc1ac6318 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 4 Jul 2022 01:36:01 +0000 Subject: [PATCH 15/33] commix: 3.4 -> 3.5 --- pkgs/tools/security/commix/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/commix/default.nix b/pkgs/tools/security/commix/default.nix index 54444d8e4056..452279883bac 100644 --- a/pkgs/tools/security/commix/default.nix +++ b/pkgs/tools/security/commix/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "commix"; - version = "3.4"; + version = "3.5"; format = "setuptools"; src = fetchFromGitHub { owner = "commixproject"; repo = pname; - rev = "v${version}"; - hash = "sha256-JM4NE77LpgsdWhzPe/8K0sQhOSpzDu9usuH7pfQ6dR0="; + rev = "refs/tags/v${version}"; + hash = "sha256-3UCHTgIW7ArXQD0Kj5XwE1I5VszsueXDJ68QWdQrAho="; }; # Project has no tests From 02ff680b4d6e57d211307a2c2aef1be0ba395745 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 4 Jul 2022 02:36:54 +0000 Subject: [PATCH 16/33] flameshot: 12.0.0 -> 12.1.0 --- pkgs/tools/misc/flameshot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/flameshot/default.nix b/pkgs/tools/misc/flameshot/default.nix index 4bbe0508c12c..ea1de3bb24d6 100644 --- a/pkgs/tools/misc/flameshot/default.nix +++ b/pkgs/tools/misc/flameshot/default.nix @@ -10,13 +10,13 @@ mkDerivation rec { pname = "flameshot"; - version = "12.0.0"; + version = "12.1.0"; src = fetchFromGitHub { owner = "flameshot-org"; repo = "flameshot"; rev = "v${version}"; - sha256 = "sha256-ByW+XYTaeBTTbOaxNeF367nqgnBM+EC8jm+PmwHcVGQ="; + sha256 = "sha256-omyMN8d+g1uYsEw41KmpJCwOmVWLokEfbW19vIvG79w="; }; passthru = { From 513b8a9d2b7650e3d6ba33edc739245fbce6fff7 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Mon, 4 Jul 2022 13:31:26 +0800 Subject: [PATCH 17/33] pantheon.gala: fix initial alt-tab switcher indicator visibility --- pkgs/desktops/pantheon/desktop/gala/default.nix | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/pkgs/desktops/pantheon/desktop/gala/default.nix b/pkgs/desktops/pantheon/desktop/gala/default.nix index 862a52308d9a..acb4e7838570 100644 --- a/pkgs/desktops/pantheon/desktop/gala/default.nix +++ b/pkgs/desktops/pantheon/desktop/gala/default.nix @@ -46,6 +46,13 @@ stdenv.mkDerivation rec { url = "https://github.com/elementary/gala/commit/1f94db16c627f73af5dc69714611815e4691b5e8.patch"; sha256 = "sha256-PLNbAXyOG0TMn1y2QIBnL6BOQVqBA+DBgPOVJo4nDr8="; }) + + # WindowSwitcher: fix initial alt-tab switcher indicator visibility + # https://github.com/elementary/gala/pull/1417 + (fetchpatch { + url = "https://github.com/elementary/gala/commit/e0095415cdbfc369e6482e84b8aaffc6a04cafe7.patch"; + sha256 = "sha256-n/BJPIrUaCQtBgDotOLq/bCAAccdbL6OwciXY115HsM="; + }) ]; nativeBuildInputs = [ From 6841314b45158eb8251b4fa98ce576bf13aa64c2 Mon Sep 17 00:00:00 2001 From: Bobby Rong Date: Mon, 4 Jul 2022 13:41:19 +0800 Subject: [PATCH 18/33] pantheon.granite7: fix large height bug for MessageDialog --- pkgs/desktops/pantheon/granite/7/default.nix | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/pkgs/desktops/pantheon/granite/7/default.nix b/pkgs/desktops/pantheon/granite/7/default.nix index 08b7548167b2..c9737b9c1a41 100644 --- a/pkgs/desktops/pantheon/granite/7/default.nix +++ b/pkgs/desktops/pantheon/granite/7/default.nix @@ -1,6 +1,7 @@ { lib , stdenv , fetchFromGitHub +, fetchpatch , nix-update-script , python3 , meson @@ -29,6 +30,16 @@ stdenv.mkDerivation rec { sha256 = "sha256-fuyjQDH3C8qRYuAfQDDeW3aSWVTLtGzMAjcuAHCB1Zw="; }; + patches = [ + # MessageDialog: Fix large height bug + # https://github.com/elementary/granite/pull/616 + (fetchpatch { + url = "https://github.com/elementary/granite/commit/28e9b60fc8257b2d8e76412518e96a7e03efc6e4.patch"; + sha256 = "sha256-3VH5bhX8tuNR3Iabz3JjkLfVVyO5eSnYacFgdqurU0A="; + excludes = [ "data/granite.appdata.xml.in" ]; + }) + ]; + nativeBuildInputs = [ gettext gobject-introspection From 4b0803ffb279bdada1ec1ffc2294ff86346b56ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nguy=E1=BB=85n=20Gia=20Phong?= Date: Mon, 4 Jul 2022 17:12:11 +0900 Subject: [PATCH 19/33] phylactery: 0.1.1 -> 0.1.2 --- pkgs/servers/web-apps/phylactery/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/web-apps/phylactery/default.nix b/pkgs/servers/web-apps/phylactery/default.nix index a3cddf2fc8d5..cd89da943042 100644 --- a/pkgs/servers/web-apps/phylactery/default.nix +++ b/pkgs/servers/web-apps/phylactery/default.nix @@ -2,7 +2,7 @@ buildGoPackage rec { pname = "phylactery"; - version = "0.1.1"; + version = "0.1.2"; goPackagePath = "git.sr.ht/~cnx/phylactery"; @@ -10,7 +10,7 @@ buildGoPackage rec { owner = "~cnx"; repo = pname; rev = version; - sha256 = "sha256-HcpdPQ1WOMFNdfsZb//GvUVBCbmS3jARbcXjchlv2oE="; + sha256 = "sha256-HQN6wJ/4YeuQaDcNgdHj0RgYnn2NxXGRfxybmv60EdQ="; }; # Upstream repo doesn't provide any test. From 1cfe539b03993e01600ef55bbbaa1163f35d5b78 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Sun, 3 Jul 2022 16:55:13 +0200 Subject: [PATCH 20/33] =?UTF-8?q?ocamlPackages.digestif:=201.1.0=20?= =?UTF-8?q?=E2=86=92=201.1.2?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../ocaml-modules/digestif/default.nix | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/pkgs/development/ocaml-modules/digestif/default.nix b/pkgs/development/ocaml-modules/digestif/default.nix index dba0bcb9269e..2e2e3a7b23bb 100644 --- a/pkgs/development/ocaml-modules/digestif/default.nix +++ b/pkgs/development/ocaml-modules/digestif/default.nix @@ -1,29 +1,27 @@ { lib, ocaml, fetchurl, buildDunePackage , pkg-config, which -, bigarray-compat, eqaf, stdlib-shims +, eqaf , alcotest, astring, bos, findlib, fpath }: buildDunePackage rec { pname = "digestif"; - version = "1.1.0"; + version = "1.1.2"; - useDune2 = true; + minimalOCamlVersion = "4.08"; src = fetchurl { - url = "https://github.com/mirage/digestif/releases/download/v${version}/digestif-v${version}.tbz"; - sha256 = "01gwkbrznci4xdcbww4ysgsciz2qs0r8jsmhp0siwbcgcrf1jjv5"; + url = "https://github.com/mirage/digestif/releases/download/v${version}/digestif-${version}.tbz"; + sha256 = "sha256-edNM5ROxFIV+OAqr328UcyGPGwXdflHQOJB3ntAbRmY="; }; nativeBuildInputs = [ findlib which ]; buildInputs = [ ocaml ]; - propagatedBuildInputs = [ bigarray-compat eqaf stdlib-shims ]; - - strictDeps = !doCheck; + propagatedBuildInputs = [ eqaf ]; checkInputs = [ alcotest astring bos fpath ]; - doCheck = lib.versionAtLeast ocaml.version "4.05"; + doCheck = true; postCheck = '' ocaml -I ${findlib}/lib/ocaml/${ocaml.version}/site-lib/ test/test_runes.ml From 899a37d1909be0d4a11102bbdaeaebef793a5177 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 24 Jun 2022 12:00:14 +0200 Subject: [PATCH 21/33] nixos/matrix-synapse: update docs * Update attribute names in code examples (* -> settings.*). * Use `nix-shell -p` rather than `nix run` because the example won't work with the current default Nix. * Update config values for `element-web`. * Fix link to `element-web` security considerations. * Make the synapse expression even smaller and use callout-lists to explain the code. * Document how to correctly deploy the shared registration secret. [1] https://spec.matrix.org/latest/client-server-api/#getwell-knownmatrixclient --- nixos/modules/services/matrix/synapse.xml | 235 +++++++++++++--------- 1 file changed, 140 insertions(+), 95 deletions(-) diff --git a/nixos/modules/services/matrix/synapse.xml b/nixos/modules/services/matrix/synapse.xml index cf33957d58ec..65bc53d33ac3 100644 --- a/nixos/modules/services/matrix/synapse.xml +++ b/nixos/modules/services/matrix/synapse.xml @@ -33,21 +33,26 @@ installation instructions of Synapse . -{ pkgs, lib, ... }: +{ pkgs, lib, config, ... }: let - fqdn = - let - join = hostName: domain: hostName + lib.optionalString (domain != null) ".${domain}"; - in join config.networking.hostName config.networking.domain; -in { - networking = { - hostName = "myhostname"; - domain = "example.org"; + fqdn = "${config.networking.hostName}.${config.networking.domain}"; + clientConfig = { + "m.homeserver".base_url = "https://${fqdn}"; + "m.identity_server" = {}; }; - networking.firewall.allowedTCPPorts = [ 80 443 ]; + serverConfig."m.server" = "${config.services.matrix-synapse.settings.server_name}:443"; + mkWellKnown = data: '' + add_header Content-Type application/json; + add_header Access-Control-Allow-Origin *; + return 200 '${builtins.toJSON data}'; + ''; +in { + = "myhostname"; + = "example.org"; + = [ 80 443 ]; - services.postgresql.enable = true; - services.postgresql.initialScript = pkgs.writeText "synapse-init.sql" '' + = true; + = pkgs.writeText "synapse-init.sql" '' CREATE ROLE "matrix-synapse" WITH LOGIN PASSWORD 'synapse'; CREATE DATABASE "matrix-synapse" WITH OWNER "matrix-synapse" TEMPLATE template0 @@ -57,78 +62,41 @@ in { services.nginx = { enable = true; - # only recommendedProxySettings and recommendedGzipSettings are strictly required, - # but the rest make sense as well recommendedTlsSettings = true; recommendedOptimisation = true; recommendedGzipSettings = true; recommendedProxySettings = true; - virtualHosts = { - # This host section can be placed on a different host than the rest, - # i.e. to delegate from the host being accessible as ${config.networking.domain} - # to another host actually running the Matrix homeserver. - "${config.networking.domain}" = { + "${config.networking.domain}" = { enableACME = true; forceSSL = true; - - locations."= /.well-known/matrix/server".extraConfig = - let - # use 443 instead of the default 8448 port to unite - # the client-server and server-server port for simplicity - server = { "m.server" = "${fqdn}:443"; }; - in '' - add_header Content-Type application/json; - return 200 '${builtins.toJSON server}'; - ''; - locations."= /.well-known/matrix/client".extraConfig = - let - client = { - "m.homeserver" = { "base_url" = "https://${fqdn}"; }; - "m.identity_server" = { "base_url" = "https://vector.im"; }; - }; - # ACAO required to allow element-web on any URL to request this json file - in '' - add_header Content-Type application/json; - add_header Access-Control-Allow-Origin *; - return 200 '${builtins.toJSON client}'; - ''; + locations."= /.well-known/matrix/server".extraConfig = mkWellKnown serverConfig; + locations."= /.well-known/matrix/client".extraConfig = mkWellKnown clientConfig; }; - - # Reverse proxy for Matrix client-server and server-server communication - ${fqdn} = { + "${fqdn}" = { enableACME = true; forceSSL = true; - - # Or do a redirect instead of the 404, or whatever is appropriate for you. - # But do not put a Matrix Web client here! See the Element web section below. - locations."/".extraConfig = '' + locations."/".extraConfig = '' return 404; ''; - - # forward all Matrix API calls to the synapse Matrix homeserver - locations."/_matrix" = { - proxyPass = "http://[::1]:8008"; # without a trailing / - }; + locations."/_matrix".proxyPass = "http://[::1]:8008"; + locations."/_synapse/client".proxyPass = "http://[::1]:8008"; }; }; }; + services.matrix-synapse = { enable = true; - server_name = config.networking.domain; - listeners = [ - { - port = 8008; + settings.server_name = config.networking.domain; + settings.listeners = [ + { port = 8008; bind_addresses = [ "::1" ]; type = "http"; tls = false; x_forwarded = true; resources = [ { - names = [ "client" ]; + names = [ "client" "federation" ]; compress = true; - } { - names = [ "federation" ]; - compress = false; } ]; } ]; @@ -136,20 +104,59 @@ in { } - - - If the A and AAAA DNS records on - example.org do not point on the same host as the records - for myhostname.example.org, you can easily move the - /.well-known virtualHost section of the code to the host that - is serving example.org, while the rest stays on - myhostname.example.org with no other changes required. - This pattern also allows to seamlessly move the homeserver from - myhostname.example.org to - myotherhost.example.org by only changing the - /.well-known redirection target. - - + + + + If the A and AAAA DNS records on + example.org do not point on the same host as the records + for myhostname.example.org, you can easily move the + /.well-known virtualHost section of the code to the host that + is serving example.org, while the rest stays on + myhostname.example.org with no other changes required. + This pattern also allows to seamlessly move the homeserver from + myhostname.example.org to + myotherhost.example.org by only changing the + /.well-known redirection target. + + + + + This section is not needed if the server_name + of matrix-synapse is equal to the domain (i.e. + example.org from @foo:example.org) + and the federation port is 8448. + Further reference can be found in the docs + about delegation. + + + + + This is usually needed for homeserver discovery (from e.g. other Matrix clients). + Further reference can be found in the upstream docs + + + + + It's also possible to do a redirect here or something else, this vhost is not + needed for Matrix. It's recommended though to not put element + here, see also the section about Element. + + + + + Forward all Matrix API calls to the synapse Matrix homeserver. A trailing slash + must not be used here. + + + + + Forward requests for e.g. SSO and password-resets. + + + + +
+ Registering Matrix users If you want to run a server with public registration by anybody, you can then enable services.matrix-synapse.settings.enable_registration = @@ -159,7 +166,7 @@ in { To create a new user or admin, run the following after you have set the secret and have rebuilt NixOS: -$ nix run nixpkgs.matrix-synapse +$ nix-shell -p matrix-synapse $ register_new_matrix_user -k your-registration-shared-secret http://localhost:8008 New user localpart: your-username Password: @@ -168,12 +175,51 @@ in { Success! In the example, this would create a user with the Matrix Identifier - @your-username:example.org. Note that the registration - secret ends up in the nix store and therefore is world-readable by any user - on your machine, so it makes sense to only temporarily activate the - registration_shared_secret - option until a better solution for NixOS is in place. + @your-username:example.org. + + + When using , the secret + will end up in the world-readable store. Instead it's recommended to deploy the secret + in an additional file like this: + + + + Create a file with the following contents: +registration_shared_secret: your-very-secret-secret + + + + + Deploy the file with a secret-manager such as + from nixops1 + or sops-nix to + e.g. /run/secrets/matrix-shared-secret and ensure that it's readable + by matrix-synapse. + + + + + Include the file like this in your configuration: + +{ + = [ + "/run/secrets/matrix-shared-secret" + ]; +} + + + + + + + + + It's also possible to user alternative authentication mechanism such as + LDAP (via matrix-synapse-ldap3) + or OpenID. + +
Element (formerly known as Riot) Web Client @@ -206,10 +252,7 @@ Success! root = pkgs.element-web.override { conf = { - default_server_config."m.homeserver" = { - "base_url" = "https://${fqdn}"; - "server_name" = "${fqdn}"; - }; + default_server_config = clientConfig; # see `clientConfig` from the snippet above. }; }; }; @@ -217,15 +260,17 @@ Success! - - Note that the Element developers do not recommend running Element and your Matrix - homeserver on the same fully-qualified domain name for security reasons. In - the example, this means that you should not reuse the - myhostname.example.org virtualHost to also serve Element, - but instead serve it on a different subdomain, like - element.example.org in the example. See the - Element - Important Security Notes for more information on this subject. - + + + The Element developers do not recommend running Element and your Matrix + homeserver on the same fully-qualified domain name for security reasons. In + the example, this means that you should not reuse the + myhostname.example.org virtualHost to also serve Element, + but instead serve it on a different subdomain, like + element.example.org in the example. See the + Element + Important Security Notes for more information on this subject. + +
From 20c5555a46a864c3429c82f7fb14f5934027321d Mon Sep 17 00:00:00 2001 From: Hugh O'Brien Date: Mon, 4 Jul 2022 11:50:28 +0100 Subject: [PATCH 22/33] =?UTF-8?q?moolticute:=200.53.7=20=E2=86=92=200.55.0?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pkgs/applications/misc/moolticute/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/moolticute/default.nix b/pkgs/applications/misc/moolticute/default.nix index 7097f584f54a..f714b026a835 100644 --- a/pkgs/applications/misc/moolticute/default.nix +++ b/pkgs/applications/misc/moolticute/default.nix @@ -9,13 +9,13 @@ mkDerivation rec { pname = "moolticute"; - version = "0.53.7"; + version = "0.55.0"; src = fetchFromGitHub { owner = "mooltipass"; repo = pname; rev = "v${version}"; - sha256 = "sha256-1hVvpfrfL/+DIeiPW5iVBEnoc8dy8vVWim4JjhsBlzM="; + sha256 = "sha256-up78503+YqUB2fR9B6W6plYksTJzTj5pkmFJ5eL/mLY="; }; outputs = [ "out" "udev" ]; From 5da31db7444b050af5d1ae313d74a75875e1d5dc Mon Sep 17 00:00:00 2001 From: Payas Relekar Date: Mon, 4 Jul 2022 16:20:58 +0530 Subject: [PATCH 23/33] janet: 1.22.0 -> 1.23.0 --- pkgs/development/interpreters/janet/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/development/interpreters/janet/default.nix b/pkgs/development/interpreters/janet/default.nix index 2d9a02e17527..2e502f35b301 100644 --- a/pkgs/development/interpreters/janet/default.nix +++ b/pkgs/development/interpreters/janet/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "janet"; - version = "1.22.0"; + version = "1.23.0"; src = fetchFromGitHub { owner = "janet-lang"; repo = pname; rev = "v${version}"; - sha256 = "sha256-FOs8ZfO61A1amovLy4EDSZiZ6XlwVNXf1TiPvNo6BnQ="; + sha256 = "sha256-FQZ9I9ROC1gWGfMCxsNMN3g/arenRtC6LHsOIAKGyuE="; }; # This release fails the test suite on darwin, remove when debugged. @@ -26,6 +26,12 @@ stdenv.mkDerivation rec { doCheck = true; + doInstallCheck = true; + + installCheckPhase = '' + $out/bin/janet --help + ''; + meta = with lib; { description = "Janet programming language"; homepage = "https://janet-lang.org/"; From d4fee295429e35e242c39d6b0eb67c011955d541 Mon Sep 17 00:00:00 2001 From: Payas Relekar Date: Mon, 4 Jul 2022 16:21:40 +0530 Subject: [PATCH 24/33] jpm: 0.0.2 -> 1.1.0 --- pkgs/development/interpreters/janet/jpm.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/interpreters/janet/jpm.nix b/pkgs/development/interpreters/janet/jpm.nix index 708930851255..050a035e0666 100644 --- a/pkgs/development/interpreters/janet/jpm.nix +++ b/pkgs/development/interpreters/janet/jpm.nix @@ -13,13 +13,13 @@ let in stdenv.mkDerivation rec { pname = "jpm"; - version = "0.0.2"; + version = "1.1.0"; src = fetchFromGitHub { owner = "janet-lang"; repo = pname; - rev = version; - sha256 = "sha256-nv+vkDjEY711L+C5ibw48DUSNqq2UJiFC2i5LntuBNM="; + rev = "v${version}"; + sha256 = "sha256-lPB4jew6RkJlDp8xOQ4YA9MkgLBImaBHcvv4WF/sLRc="; }; # `auto-shebangs true` gives us a shebang line that points to janet inside the From df3148fa1bacdb87d5633f294fc2a071cc520fe2 Mon Sep 17 00:00:00 2001 From: Markus Kowalewski Date: Mon, 4 Jul 2022 13:43:32 +0200 Subject: [PATCH 25/33] panolpy: 5.0.6 -> 5.1.0 --- pkgs/tools/misc/panoply/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/panoply/default.nix b/pkgs/tools/misc/panoply/default.nix index 2eb76c08317b..7271074cc04e 100644 --- a/pkgs/tools/misc/panoply/default.nix +++ b/pkgs/tools/misc/panoply/default.nix @@ -2,11 +2,11 @@ stdenvNoCC.mkDerivation rec { pname = "panoply"; - version = "5.0.6"; + version = "5.1.0"; src = fetchurl { url = "https://www.giss.nasa.gov/tools/panoply/download/PanoplyJ-${version}.tgz"; - sha256 = "0nbr22sxfmk48ngk9gb1vcwv3fkd5m0v208xx6vl00nlnbh4kms4"; + sha256 = "08wh9i0pk7qq2az0nd8g8gqlzwril49qffi0zcrmn7r0nx44cdjm"; }; nativeBuildInputs = [ makeWrapper ]; From 47342c280a91a1a8fa0ecf2f7f78dfb27c18310a Mon Sep 17 00:00:00 2001 From: Nick Cao Date: Mon, 4 Jul 2022 19:43:53 +0800 Subject: [PATCH 26/33] gtk-engine-murrine: move intltool to nativeBuildInputs, set strictDeps --- pkgs/development/libraries/gtk-engine-murrine/default.nix | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gtk-engine-murrine/default.nix b/pkgs/development/libraries/gtk-engine-murrine/default.nix index 8d40499fb626..5cbd4302dbaa 100644 --- a/pkgs/development/libraries/gtk-engine-murrine/default.nix +++ b/pkgs/development/libraries/gtk-engine-murrine/default.nix @@ -9,8 +9,9 @@ stdenv.mkDerivation rec { sha256 = "129cs5bqw23i76h3nmc29c9mqkm9460iwc8vkl7hs4xr07h8mip9"; }; - nativeBuildInputs = [ pkg-config ]; - buildInputs = [ intltool gtk2 ]; + strictDeps = true; + nativeBuildInputs = [ pkg-config intltool ]; + buildInputs = [ gtk2 ]; meta = { description = "A very flexible theme engine"; From 383ee3c194359482710e25cf07ab071cf5ad10cd Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Mon, 4 Jul 2022 13:44:46 +0100 Subject: [PATCH 27/33] kdigger: 1.2.0 -> 1.2.1 --- pkgs/tools/security/kdigger/default.nix | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/pkgs/tools/security/kdigger/default.nix b/pkgs/tools/security/kdigger/default.nix index 5067d4003274..b552499b10ec 100644 --- a/pkgs/tools/security/kdigger/default.nix +++ b/pkgs/tools/security/kdigger/default.nix @@ -3,18 +3,17 @@ , buildGoModule , fetchFromGitHub , installShellFiles -, fetchpatch }: buildGoModule rec { pname = "kdigger"; - version = "1.2.0"; + version = "1.2.1"; src = fetchFromGitHub { owner = "quarkslab"; repo = pname; rev = "v${version}"; - sha256 = "sha256-j4HIwfRIUpV25DmbQ+9go8aJMEYaFDPxrdr/zGWBeVU="; + sha256 = "sha256-xNOfxJJa0KbrxP1YRDEhnJEmKmpWzXchJWZ/2StR2O0="; # populate values that require us to use git. By doing this in postFetch we # can delete .git afterwards and maintain better reproducibility of the src. leaveDotGit = true; @@ -26,17 +25,11 @@ buildGoModule rec { }; vendorSha256 = "sha256-3vn3MsE/4lBw89wgYgzm0RuJJ5RQTkgS6O74PpfFcUk="; - patches = [ - (fetchpatch { - name = "simplify-ldflags.patch"; - url = "https://github.com/quarkslab/kdigger/pull/2.patch"; - sha256 = "sha256-d/NdoAdnheVgdqr2EF2rNn3gJvbjRZtOKFw2DqWR8TY="; - }) - ]; - nativeBuildInputs = [ installShellFiles ]; + # static to be easily copied into containers since it's an in-pod pen-testing tool CGO_ENABLED = 0; + ldflags = [ "-s" "-w" @@ -76,7 +69,6 @@ buildGoModule rec { ''; license = licenses.asl20; maintainers = with maintainers; [ jk ]; - # aarch64-linux support progress - https://github.com/quarkslab/kdigger/issues/3 - platforms = [ "x86_64-linux" ]; + platforms = [ "x86_64-linux" "aarch64-linux" "x86_64-darwin" ]; }; } From 887f70ffbd6b95c74def8451b0de65926670b863 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Mon, 4 Jul 2022 13:46:06 +0100 Subject: [PATCH 28/33] open-policy-agent: 0.41.0 -> 0.42.0 --- pkgs/development/tools/open-policy-agent/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/open-policy-agent/default.nix b/pkgs/development/tools/open-policy-agent/default.nix index fb9b0060d20a..e51d5fda3649 100644 --- a/pkgs/development/tools/open-policy-agent/default.nix +++ b/pkgs/development/tools/open-policy-agent/default.nix @@ -11,13 +11,13 @@ assert enableWasmEval && stdenv.isDarwin -> builtins.throw "building with wasm o buildGoModule rec { pname = "open-policy-agent"; - version = "0.41.0"; + version = "0.42.0"; src = fetchFromGitHub { owner = "open-policy-agent"; repo = "opa"; rev = "v${version}"; - sha256 = "sha256-mvTaVKNE+XSBhJkodKSkLHoxJPOInPCycsoeeEJXABQ="; + sha256 = "sha256-Sn0vtC6skQE/IxXj3cjrq5iXYjM1wi17d4eavPKhk+g="; }; vendorSha256 = null; From 669577c0bb222d3b850b8444e9713f61d277ee21 Mon Sep 17 00:00:00 2001 From: Zhong Jianxin Date: Mon, 4 Jul 2022 13:55:52 +0800 Subject: [PATCH 29/33] python310Packages.google-auth: remove pyopenssl Pyopenssl is in `extras_require` (optional), and only needed if mTLS feature is enabled (disabled by default) https://github.com/googleapis/google-auth-library-python/pull/697 This will also make google-auth available on aarch64-darwin since pyopenssl is broken https://github.com/NixOS/nixpkgs/pull/172397 --- pkgs/development/python-modules/google-auth/default.nix | 2 -- 1 file changed, 2 deletions(-) diff --git a/pkgs/development/python-modules/google-auth/default.nix b/pkgs/development/python-modules/google-auth/default.nix index 36ed89118994..3882f3571e4d 100644 --- a/pkgs/development/python-modules/google-auth/default.nix +++ b/pkgs/development/python-modules/google-auth/default.nix @@ -13,7 +13,6 @@ , pytest-localserver , responses , rsa -, pyopenssl }: buildPythonPackage rec { @@ -29,7 +28,6 @@ buildPythonPackage rec { cachetools pyasn1-modules rsa - pyopenssl pyu2f ]; From bee55a9c67327851808adc8459c27648802e439d Mon Sep 17 00:00:00 2001 From: flexagoon Date: Mon, 4 Jul 2022 14:54:01 +0000 Subject: [PATCH 30/33] sierra-breeze-enhanced: 1.0.3 -> 1.1.0 * sierra-breeze-enhanced: 1.0.3 -> 1.1.0 (#180062) * sierra-breeze-enhanced: improve hash to SRI Co-authored-by: superherointj <5861043+superherointj@users.noreply.github.com> --- .../kwin-decorations/sierra-breeze-enhanced/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix b/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix index 2f5230181d5e..6e0b99118bc4 100644 --- a/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix +++ b/pkgs/data/themes/kwin-decorations/sierra-breeze-enhanced/default.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation rec { pname = "sierra-breeze-enhanced"; - version = "1.0.3"; + version = "1.1.0"; src = fetchFromGitHub { owner = "kupiqu"; repo = "SierraBreezeEnhanced"; rev = "V${version}"; - sha256 = "0kqbfn1jqsbii3hqcqlb93x8cg8dyh5mf66i9r237w41knks5mnw"; + sha256 = "sha256-G1Ra7ld34AMPLZM0+3iEJHRFRMHVewZKTTXfmiu7PAk="; }; nativeBuildInputs = [ cmake extra-cmake-modules wrapQtAppsHook ]; From f6c3cd0c8b8c2b5578c6b086285853a8f2181a60 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 4 Jul 2022 08:28:59 -0700 Subject: [PATCH 31/33] python310Packages.iminuit: 2.12.0 -> 2.12.1 (#179976) --- pkgs/development/python-modules/iminuit/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/iminuit/default.nix b/pkgs/development/python-modules/iminuit/default.nix index 7b45a8cac65c..d5337c0b1946 100644 --- a/pkgs/development/python-modules/iminuit/default.nix +++ b/pkgs/development/python-modules/iminuit/default.nix @@ -9,14 +9,14 @@ buildPythonPackage rec { pname = "iminuit"; - version = "2.12.0"; + version = "2.12.1"; format = "setuptools"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-zQ48t1EwLAZphOqzBhLF0kGaVDF/6+UbUL4fohr8Uak="; + hash = "sha256-+le1b3wpze7QL5U1p7ZYB6zWoZfyCIUQlIIiLxoCPt4="; }; nativeBuildInputs = [ From b0849050570a0aced6c1a8550f56fba12d07b0a9 Mon Sep 17 00:00:00 2001 From: Ivan Nikolaenko Date: Mon, 27 Jun 2022 12:30:41 +0300 Subject: [PATCH 32/33] weston: fix race condition in build system Some source files have "linux-dmabuf-unstable-v1-server.h" header included, but do not really need it. Thus, that sources do not have a correctly configured dependency on that header, which is dynamically generated during the build. The fix for that error is to remove unneeded #include. Signed-off-by: Ivan Nikolaenko --- pkgs/applications/window-managers/weston/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/window-managers/weston/default.nix b/pkgs/applications/window-managers/weston/default.nix index 043e2b02a7fb..eef1a14639bb 100644 --- a/pkgs/applications/window-managers/weston/default.nix +++ b/pkgs/applications/window-managers/weston/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, meson, ninja, pkg-config, wayland-scanner, python3 +{ lib, stdenv, fetchurl, fetchpatch, meson, ninja, pkg-config, wayland-scanner, python3 , wayland, libGL, mesa, libxkbcommon, cairo, libxcb , libXcursor, xlibsWrapper, udev, libdrm, mtdev, libjpeg, pam, dbus, libinput, libevdev , colord, lcms2, pipewire ? null @@ -17,6 +17,14 @@ stdenv.mkDerivation rec { sha256 = "1bj7wnadr7ssn6xw7k8ki0wpj6np3kjd2pcysfz3h0mr290rc8sw"; }; + patches = [ + # Fix race condition in build system + (fetchpatch { + url = "https://gitlab.freedesktop.org/wayland/weston/-/commit/0d3e438d080433ed5d203c876e7de6c7f8a14f98.patch"; + sha256 = "sha256-d9NG1vUIuL4jpXqCo0myz/97JuFYesH+8kJnegQXeMU="; + }) + ]; + nativeBuildInputs = [ meson ninja pkg-config wayland-scanner python3 ]; buildInputs = [ wayland libGL mesa libxkbcommon cairo libxcb libXcursor xlibsWrapper udev libdrm From 200d8c500acfb390feb7c7d652a6400a31acbc72 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 4 Jul 2022 09:24:26 -0700 Subject: [PATCH 33/33] snakemake: 7.8.3 -> 7.8.5 (#179874) --- pkgs/applications/science/misc/snakemake/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/science/misc/snakemake/default.nix b/pkgs/applications/science/misc/snakemake/default.nix index 75ecc1be99ea..fc6c9a086a0b 100644 --- a/pkgs/applications/science/misc/snakemake/default.nix +++ b/pkgs/applications/science/misc/snakemake/default.nix @@ -5,14 +5,14 @@ python3.pkgs.buildPythonApplication rec { pname = "snakemake"; - version = "7.8.3"; + version = "7.8.5"; format = "setuptools"; src = fetchFromGitHub { owner = "snakemake"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-fYrsum056PCRRp4P5xO6yLfog3WrE/JR1ID7+iV85fc="; + hash = "sha256-y1rjBp5O0aiVeFlCIw7IK4A3ehOhzy+NKa9/abhFrFo="; }; propagatedBuildInputs = with python3.pkgs; [