From 4a05329f1111d0c359b558ed0c9d18f4faea1aae Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Fri, 26 May 2023 21:38:27 +0000 Subject: [PATCH 01/69] clamav: 1.0.1 -> 1.1.0 --- pkgs/tools/security/clamav/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/security/clamav/default.nix b/pkgs/tools/security/clamav/default.nix index aa8c68382a39..d893c83680c5 100644 --- a/pkgs/tools/security/clamav/default.nix +++ b/pkgs/tools/security/clamav/default.nix @@ -6,11 +6,11 @@ stdenv.mkDerivation rec { pname = "clamav"; - version = "1.0.1"; + version = "1.1.0"; src = fetchurl { url = "https://www.clamav.net/downloads/production/${pname}-${version}.tar.gz"; - hash = "sha256-CHLcG4L/TNfo5DI/r17kGh9mroCGXQVCkIW5RjVdhu4="; + hash = "sha256-owAg2ZzUZ/peoO+9b08YLv6/Yqn8YvxKOnssw/Vea3Q="; }; patches = [ From f42d43dcca776bdaa82b3a85fc67cb5043e3b91d Mon Sep 17 00:00:00 2001 From: Atemu Date: Sat, 27 May 2023 16:51:59 +0200 Subject: [PATCH 02/69] linux_xanmod: 6.1.29 -> 6.1.30 --- pkgs/os-specific/linux/kernel/xanmod-kernels.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix index 3d428ce072b0..ea28361650e5 100644 --- a/pkgs/os-specific/linux/kernel/xanmod-kernels.nix +++ b/pkgs/os-specific/linux/kernel/xanmod-kernels.nix @@ -3,8 +3,8 @@ let # These names are how they are designated in https://xanmod.org. ltsVariant = { - version = "6.1.29"; - hash = "sha256-/AaI/cOORkegxjKcrZ941U2oazf3FzLlUv5Y2CXrpb0="; + version = "6.1.30"; + hash = "sha256-F5N0PkjVBSpidP08SdBtOx5n+97RUqN32bwyQ6y+CYY="; variant = "lts"; }; From 6a35ff3d8aee72e198343a3ccbd62ab0a3069e34 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 03:48:55 +0000 Subject: [PATCH 03/69] router: 1.18.1 -> 1.19.0 --- pkgs/servers/http/router/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/http/router/default.nix b/pkgs/servers/http/router/default.nix index 4ce676c1099b..31fc8332c96e 100644 --- a/pkgs/servers/http/router/default.nix +++ b/pkgs/servers/http/router/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "router"; - version = "1.18.1"; + version = "1.19.0"; src = fetchFromGitHub { owner = "apollographql"; repo = pname; rev = "v${version}"; - sha256 = "sha256-g5QDKYdXwZuVZZLpT0qA/Mp0kR9cZaGKa0VqLX6gyec="; + sha256 = "sha256-IuS7NmlTNmHHnnSZ+YIbV6BnxJW2xprOQ5mkz5FuJEQ="; }; - cargoHash = "sha256-n7FV2Gu0ZoJo2TPPBwzcM0ztEZzwPckqQHdjuUv03to="; + cargoHash = "sha256-yeb+4lgRDssjkEx6bYfGIbn4DJGpZZ/JDmuwFjQ+U+8="; nativeBuildInputs = [ pkg-config From 02edbf8c0922e2415b0af7763b4ca3b8fcc22af6 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 09:08:32 +0000 Subject: [PATCH 04/69] theforceengine: 1.09.100 -> 1.09.200 --- pkgs/games/theforceengine/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/games/theforceengine/default.nix b/pkgs/games/theforceengine/default.nix index ffc9811e869e..08209ac28c52 100644 --- a/pkgs/games/theforceengine/default.nix +++ b/pkgs/games/theforceengine/default.nix @@ -13,13 +13,13 @@ stdenv.mkDerivation rec { pname = "theforceengine"; - version = "1.09.100"; + version = "1.09.200"; src = fetchFromGitHub { owner = "luciusDXL"; repo = "TheForceEngine"; rev = "v${version}"; - sha256 = "sha256-nw9yp/StaSi5thafVT1V5YA2ZCYGWNoHUvQTpK90Foc="; + sha256 = "sha256-r3fNhiPl6fjrIbdLoNIyTETw3lpPZCQYlTA2QJgiDgw="; }; nativeBuildInputs = [ From 71fa8d5b8fb70f00f891cbf935860c81306d8b7c Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 10:01:42 +0000 Subject: [PATCH 05/69] lhasa: 0.3.1 -> 0.4.0 --- pkgs/tools/compression/lhasa/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/compression/lhasa/default.nix b/pkgs/tools/compression/lhasa/default.nix index a58f186129ed..9ced4a9b7bfb 100644 --- a/pkgs/tools/compression/lhasa/default.nix +++ b/pkgs/tools/compression/lhasa/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "lhasa"; - version = "0.3.1"; + version = "0.4.0"; src = fetchurl { url = "https://soulsphere.org/projects/lhasa/lhasa-${version}.tar.gz"; - sha256 = "092zi9av18ma20c6h9448k0bapvx2plnp292741dvfd9hmgqxc1z"; + sha256 = "sha256-p/yIPDBMUIVi+5P6MHpMNCsMiG/MJl8ouS3Aw5IgxbM="; }; meta = with lib; { From 77a6bb0c9ee82fa406c2177e3bd2aad31c6d4cdc Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 10:21:51 +0000 Subject: [PATCH 06/69] guile-opengl: 0.1.0 -> 0.2.0 --- pkgs/development/guile-modules/guile-opengl/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/guile-modules/guile-opengl/default.nix b/pkgs/development/guile-modules/guile-opengl/default.nix index 437af0f4edf2..efbb23cf71f5 100644 --- a/pkgs/development/guile-modules/guile-opengl/default.nix +++ b/pkgs/development/guile-modules/guile-opengl/default.nix @@ -7,11 +7,11 @@ stdenv.mkDerivation rec { pname = "guile-opengl"; - version = "0.1.0"; + version = "0.2.0"; src = fetchurl { url = "mirror://gnu/${pname}/${pname}-${version}.tar.gz"; - hash = "sha256-NdK5UwUszX5B0kKbynG8oD2PCKIGpZ1x91ktBDvpDo8="; + hash = "sha256-uPCH7CiCPQmfuELDupQQS7BPqecIFmSHpHGYnhwXbGU="; }; nativeBuildInputs = [ From 5defb3edb1123c87f4861abaa4b54d69826acf50 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 10:34:34 +0000 Subject: [PATCH 07/69] shotman: 0.4.1 -> 0.4.3 --- pkgs/tools/wayland/shotman/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/wayland/shotman/default.nix b/pkgs/tools/wayland/shotman/default.nix index edd7f107a128..1835fc12c66f 100644 --- a/pkgs/tools/wayland/shotman/default.nix +++ b/pkgs/tools/wayland/shotman/default.nix @@ -9,13 +9,13 @@ rustPlatform.buildRustPackage rec { pname = "shotman"; - version = "0.4.1"; + version = "0.4.3"; src = fetchFromSourcehut { owner = "~whynothugo"; repo = pname; rev = "v${version}"; - hash = "sha256-u8vnRNxi7wLn0M2VZu9YTZuSAM/0afHRP01vve9tD9c="; + hash = "sha256-c2fgP6XB/fqKfsjqRRQpOFzHZyF/a9tLAKIGdKFAcSQ="; }; cargoLock = { From 81da794d5b2ae4ed04fdb773b0db20d6d121922a Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 10:45:07 +0000 Subject: [PATCH 08/69] memcached: 1.6.19 -> 1.6.20 --- pkgs/servers/memcached/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/memcached/default.nix b/pkgs/servers/memcached/default.nix index 037f5f81f523..bc8a39fd4cfa 100644 --- a/pkgs/servers/memcached/default.nix +++ b/pkgs/servers/memcached/default.nix @@ -1,12 +1,12 @@ {lib, stdenv, fetchurl, cyrus_sasl, libevent, nixosTests }: stdenv.mkDerivation rec { - version = "1.6.19"; + version = "1.6.20"; pname = "memcached"; src = fetchurl { url = "https://memcached.org/files/${pname}-${version}.tar.gz"; - sha256 = "sha256-L9SLBHFGOYsHOliOl5F9m8kIzlGXhYDY4L7aoSO0xw0="; + sha256 = "sha256-j2BPjjoXVjfcHwad5vonORFoUMn4Hjdk8vrJo7J74wc="; }; configureFlags = [ From 2f682e5b6ce5a5784e85e605a337238e6993615f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 11:33:06 +0000 Subject: [PATCH 09/69] krill: 0.12.3 -> 0.13.0 --- pkgs/servers/krill/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/krill/default.nix b/pkgs/servers/krill/default.nix index 8025f6b9d3f5..68c5225d06d7 100644 --- a/pkgs/servers/krill/default.nix +++ b/pkgs/servers/krill/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "krill"; - version = "0.12.3"; + version = "0.13.0"; src = fetchFromGitHub { owner = "NLnetLabs"; repo = pname; rev = "v${version}"; - hash = "sha256-N12Uc2Dh0JFCEOzFvU5YzPeupcaOetW6ehRuAYOYJn0="; + hash = "sha256-Vyz2PpsCcmr3EJRe9IOY3rpwEzHfG1IelXsy2qzjSJA="; }; - cargoHash = "sha256-pcoGFXano34Sc+iVqJfrUo+wWASpAA1gslCHfVcEoJ4="; + cargoHash = "sha256-X4PvoN2KszMYmQjErZQPUCr8WAIt8S+S1QeMlYyv8NU="; buildInputs = [ openssl ] ++ lib.optional stdenv.isDarwin Security; nativeBuildInputs = [ pkg-config ]; From b3c8a947325388e34797b0b9f9c5b73d4fbe4b1d Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Sun, 28 May 2023 11:50:32 +0000 Subject: [PATCH 10/69] flrig: 1.4.8 -> 2.0.0 --- pkgs/applications/radio/flrig/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/radio/flrig/default.nix b/pkgs/applications/radio/flrig/default.nix index 1c559b1694d5..86b16cb233af 100644 --- a/pkgs/applications/radio/flrig/default.nix +++ b/pkgs/applications/radio/flrig/default.nix @@ -8,12 +8,12 @@ }: stdenv.mkDerivation rec { - version = "1.4.8"; + version = "2.0.0"; pname = "flrig"; src = fetchurl { url = "mirror://sourceforge/fldigi/${pname}-${version}.tar.gz"; - sha256 = "sha256-7aqjNbcAE1ATb5Zl+ziVb7O86nqlFwdpsYm9RoX51rg="; + sha256 = "sha256-DTqheZhCSrupokhVqGrOwBcXwQRgoMv16fMjEFRqbCA="; }; buildInputs = [ From 5d0e2af544f4c393d4a431c1c8386dd3edf906af Mon Sep 17 00:00:00 2001 From: Aaron Andersen Date: Sun, 28 May 2023 17:00:21 -0400 Subject: [PATCH 11/69] flirc: lock readline to 6.x version as required --- pkgs/top-level/all-packages.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 0ff717b2cf0f..ce866b987640 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -3400,7 +3400,9 @@ with pkgs; flavours = callPackage ../applications/misc/flavours { }; - flirc = libsForQt5.callPackage ../applications/video/flirc { }; + flirc = libsForQt5.callPackage ../applications/video/flirc { + readline = readline63; + }; flood = nodePackages.flood; From 516cacda21f0633765df2d1bf21e8d92a8b1fe65 Mon Sep 17 00:00:00 2001 From: Gaetan Lepage Date: Sun, 28 May 2023 23:09:21 +0200 Subject: [PATCH 12/69] invidious: unstable-2023-05-08 -> 2023-05-25 --- pkgs/servers/invidious/versions.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/invidious/versions.json b/pkgs/servers/invidious/versions.json index 30aeda46901d..8442646d55d1 100644 --- a/pkgs/servers/invidious/versions.json +++ b/pkgs/servers/invidious/versions.json @@ -4,9 +4,9 @@ "sha256": "sha256-EU6T9yQCdOLx98Io8o01rEsgxDFF/Xoy42LgPopD2/A=" }, "invidious": { - "rev": "10fee9da618db8ffe6a3952d547d4e85d144877e", - "sha256": "sha256-ZMPOsdyTtmxv/GJvLU9aPpXmLSsLqpKXaG5/u1166rw=", - "version": "unstable-2023-05-08" + "rev": "381a0e326d413daba1418bfca820bbfe2b7829a3", + "sha256": "sha256-WKEp7PotbdY0Vkdc8cHYsa4XmAO1dsz72ibEgxs2r7o=", + "version": "unstable-2023-05-25" }, "lsquic": { "sha256": "sha256-hG8cUvhbCNeMOsKkaJlgGpzUrIx47E/WhmPIdI5F3qM=", From 701c1bbf464a1a6b7ed3b026c42f66d1b9105c83 Mon Sep 17 00:00:00 2001 From: Heinz Deinhart Date: Sun, 28 May 2023 17:03:58 +0200 Subject: [PATCH 13/69] ddnet: 17.0 -> 17.0.1 https://ddnet.org/downloads/#17.0.1 --- pkgs/games/ddnet/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/games/ddnet/default.nix b/pkgs/games/ddnet/default.nix index b9db71f42082..c71219da3e04 100644 --- a/pkgs/games/ddnet/default.nix +++ b/pkgs/games/ddnet/default.nix @@ -34,19 +34,19 @@ stdenv.mkDerivation rec { pname = "ddnet"; - version = "17.0"; + version = "17.0.1"; src = fetchFromGitHub { owner = "ddnet"; repo = pname; rev = version; - hash = "sha256-boFXzARVG2At92j9gSavteAQ8qTjgJ91hIefVr/e6og="; + hash = "sha256-QN4hjUBQFDfyNm/f8TqgrexUAoNtGY4tKC0JcQBL8i0="; }; cargoDeps = rustPlatform.fetchCargoTarball { name = "${pname}-${version}"; inherit src; - hash = "sha256-3itblnHlY1L8g/EGCi1BIWGD6INOpnvLCwJ7zL7KV4w="; + hash = "sha256-5Iwn8JSeOnAAXOt+QGcVx4b9WZ4Xe2aLjbiQUUnqJBQ="; }; nativeBuildInputs = [ From e0cce76a068fe345b0a0222a9258a4afc496aa10 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 00:35:23 +0000 Subject: [PATCH 14/69] calico-pod2daemon: 3.25.1 -> 3.26.0 --- pkgs/applications/networking/cluster/calico/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/cluster/calico/default.nix b/pkgs/applications/networking/cluster/calico/default.nix index a4cc193a8814..e1ae76735b15 100644 --- a/pkgs/applications/networking/cluster/calico/default.nix +++ b/pkgs/applications/networking/cluster/calico/default.nix @@ -2,16 +2,16 @@ builtins.mapAttrs (pname: { doCheck ? true, mainProgram ? pname, subPackages }: buildGoModule rec { inherit pname; - version = "3.25.1"; + version = "3.26.0"; src = fetchFromGitHub { owner = "projectcalico"; repo = "calico"; rev = "v${version}"; - hash = "sha256-msXTukje7tS8rovhbZs8CBsfIiDOCx6wkWHoDdhxK+8="; + hash = "sha256-1wAFdzIReyL+mfuPKQdPrTjLmiGWoFCxtnT2ftBUlU0="; }; - vendorHash = "sha256-aJdzizXtW1wI9ZdQVTW8RyGFTXDdtLxpZ4oxXP/0gP0="; + vendorHash = "sha256-epmXf78DMHnyrAkf0V4wpFsfGvd8Hm+yXB9ODJDljys="; inherit doCheck subPackages; From d3d865b7779a839cb97bd55c99cb8e7bd92f367a Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 01:35:10 +0000 Subject: [PATCH 15/69] python311Packages.django-rest-registration: 0.7.3 -> 0.8.2 --- .../python-modules/django-rest-registration/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/python-modules/django-rest-registration/default.nix b/pkgs/development/python-modules/django-rest-registration/default.nix index a3da3d81a669..898904fb92df 100644 --- a/pkgs/development/python-modules/django-rest-registration/default.nix +++ b/pkgs/development/python-modules/django-rest-registration/default.nix @@ -10,7 +10,7 @@ buildPythonPackage rec { pname = "django-rest-registration"; - version = "0.7.3"; + version = "0.8.2"; format = "setuptools"; disabled = pythonOlder "3.7"; @@ -18,8 +18,8 @@ buildPythonPackage rec { src = fetchFromGitHub { owner = "apragacz"; repo = pname; - rev = "refs/tags/${version}"; - hash = "sha256-JoIeVjl5s60ilq9kU28Jo+GaYRKU61hoqy1GzYmMdZQ="; + rev = "refs/tags/v${version}"; + hash = "sha256-kGZ88Z5nV3HChImmPurHoewobsjotZQ4q9RngBYGe5g="; }; propagatedBuildInputs = [ From 06ad004b991c34a0092608a102c1bb2d1fc40012 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 03:32:41 +0000 Subject: [PATCH 16/69] buildkite-agent: 3.46.1 -> 3.47.0 --- .../continuous-integration/buildkite-agent/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix b/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix index 0f846cdb8a5d..20fb023d15db 100644 --- a/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix +++ b/pkgs/development/tools/continuous-integration/buildkite-agent/default.nix @@ -3,16 +3,16 @@ nixosTests }: buildGoModule rec { pname = "buildkite-agent"; - version = "3.46.1"; + version = "3.47.0"; src = fetchFromGitHub { owner = "buildkite"; repo = "agent"; rev = "v${version}"; - sha256 = "sha256-IhTzN0L5wKXmo2GkuSy6mQyqyUjh97Dugd6SQ0c2ng8="; + sha256 = "sha256-Hj1KaRgH4LOacLwHKoJfIKJ5ueNEgqWVEZrIvMl+bf4="; }; - vendorHash = "sha256-54v3P4uqU7A77yizjWAIzlvpjUaG8HHmH3j9p8d+LQc="; + vendorHash = "sha256-2yVykKfjNAlo4jUpcsUnpVaQoBLZF7xbzYQxOZqNiTQ="; postPatch = '' substituteInPlace bootstrap/shell/shell.go --replace /bin/bash ${bash}/bin/bash From c2847a442137594c99619aba61b10ee256e040bb Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 03:51:18 +0000 Subject: [PATCH 17/69] eksctl: 0.142.0 -> 0.143.0 --- pkgs/tools/admin/eksctl/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/admin/eksctl/default.nix b/pkgs/tools/admin/eksctl/default.nix index f9889a29e412..f05f3c7632d8 100644 --- a/pkgs/tools/admin/eksctl/default.nix +++ b/pkgs/tools/admin/eksctl/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "eksctl"; - version = "0.142.0"; + version = "0.143.0"; src = fetchFromGitHub { owner = "weaveworks"; repo = pname; rev = version; - hash = "sha256-C+VcAtMkltkJ+IRIhZg1VXWiAtj8N0sOoEutvkXC+No="; + hash = "sha256-FVZQooV1sygxubPZ/9CvWIEcDhDGIbreDPUBrtyIy60="; }; - vendorHash = "sha256-4u9TwtFDqr0wZ7/2pdSSofAO6qyN3mYHOk2UdU74fGI="; + vendorHash = "sha256-WJ7pTooO4/o0IR4Rio+EoN7oxmobG7GqT7aEUqusKI0="; doCheck = false; From 6ff58377bd91fddae88ff6c5fb6ac1e5b9dcf609 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 04:59:58 +0000 Subject: [PATCH 18/69] python310Packages.azure-containerregistry: 1.0.0 -> 1.1.0 --- .../python-modules/azure-containerregistry/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/azure-containerregistry/default.nix b/pkgs/development/python-modules/azure-containerregistry/default.nix index 9da12c53e77e..c0dbea68422f 100644 --- a/pkgs/development/python-modules/azure-containerregistry/default.nix +++ b/pkgs/development/python-modules/azure-containerregistry/default.nix @@ -6,12 +6,12 @@ buildPythonPackage rec { pname = "azure-containerregistry"; - version = "1.0.0"; + version = "1.1.0"; disabled = pythonOlder "3.6"; src = fetchPypi { inherit pname version; - hash = "sha256-DIZCHZM5aeKtmJrgwAk5J26ltaxNxKUn3rR+FbmuyZc="; + hash = "sha256-6IU+fzMIL8HJv4rCrWlcJSuYre6cdBa7BjS9KrIbIRU="; extension = "zip"; }; From d2bda17bf57f83c150e64553998232488629e978 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 05:31:42 +0000 Subject: [PATCH 19/69] prometheus-node-exporter: 1.5.0 -> 1.6.0 --- pkgs/servers/monitoring/prometheus/node-exporter.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/monitoring/prometheus/node-exporter.nix b/pkgs/servers/monitoring/prometheus/node-exporter.nix index 86ed09f3bc78..f4939370864e 100644 --- a/pkgs/servers/monitoring/prometheus/node-exporter.nix +++ b/pkgs/servers/monitoring/prometheus/node-exporter.nix @@ -5,17 +5,17 @@ buildGoModule rec { pname = "node_exporter"; - version = "1.5.0"; + version = "1.6.0"; rev = "v${version}"; src = fetchFromGitHub { inherit rev; owner = "prometheus"; repo = "node_exporter"; - sha256 = "sha256-jzgf7XVqtqHf5Uqkcr/0epC0R0fw7l7acr+F8jZ6M68="; + sha256 = "sha256-Aw1tdaiyr3wv3Ti3CFn2T80WRjEZaACwotKKJGY9I6Y="; }; - vendorSha256 = "sha256-k4Wolrp/mebwA6ZLftCNVFOdHoXHcJZI9JWrhBxX5Pk="; + vendorHash = "sha256-hn2cMKhLl5qsm4sZErs6PXTs8yajowxw9a9vtHe5cAk="; # FIXME: tests fail due to read-only nix store doCheck = false; From 009b888a1c1ae81b61245bef8fc7c5f30246474d Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 06:11:17 +0000 Subject: [PATCH 20/69] limitcpu: 2.9 -> 3.0 --- pkgs/tools/misc/limitcpu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/limitcpu/default.nix b/pkgs/tools/misc/limitcpu/default.nix index b33f01dca90a..e9649b4be659 100644 --- a/pkgs/tools/misc/limitcpu/default.nix +++ b/pkgs/tools/misc/limitcpu/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "limitcpu"; - version = "2.9"; + version = "3.0"; src = fetchurl { url = "mirror://sourceforge/limitcpu/cpulimit-${version}.tar.gz"; - sha256 = "sha256-W7fbTscqArOy0SfViQaGTgE1iw81pvGQuAlwN4ovjPY="; + sha256 = "sha256-rS9BXrK72j6DqKLZGO9ekPUuvMb+5h6Uv5F7PoTrtJw="; }; buildFlags = with stdenv; [ ( From 4183f2f731173ce03136ce307ac2d9fe587ded84 Mon Sep 17 00:00:00 2001 From: Fabian Affolter Date: Mon, 29 May 2023 08:19:52 +0200 Subject: [PATCH 21/69] python310Packages.azure-containerregistry: update disabled - add format - add missing input --- .../azure-containerregistry/default.nix | 22 +++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/pkgs/development/python-modules/azure-containerregistry/default.nix b/pkgs/development/python-modules/azure-containerregistry/default.nix index c0dbea68422f..5bc1bde1ad83 100644 --- a/pkgs/development/python-modules/azure-containerregistry/default.nix +++ b/pkgs/development/python-modules/azure-containerregistry/default.nix @@ -1,13 +1,19 @@ -{ lib, buildPythonPackage, fetchPypi, pythonOlder +{ lib +, buildPythonPackage +, fetchPypi +, pythonOlder , azure-core , msrest , msrestazure +, isodate }: buildPythonPackage rec { pname = "azure-containerregistry"; version = "1.1.0"; - disabled = pythonOlder "3.6"; + format = "setuptools"; + + disabled = pythonOlder "3.7"; src = fetchPypi { inherit pname version; @@ -15,13 +21,21 @@ buildPythonPackage rec { extension = "zip"; }; - propagatedBuildInputs = [ azure-core msrest msrestazure ]; + propagatedBuildInputs = [ + azure-core + msrest + msrestazure + isodate + ]; # tests require azure-devtools which are not published (since 2020) # https://github.com/Azure/azure-sdk-for-python/blob/main/sdk/containerregistry/azure-containerregistry/dev_requirements.txt doCheck = false; - pythonImportsCheck = [ "azure.core" "azure.containerregistry" ]; + pythonImportsCheck = [ + "azure.core" + "azure.containerregistry" + ]; meta = with lib; { description = "Microsoft Azure Container Registry client library for Python"; From e0688e7fd08599d49eb4a55b0225d497c8ea5fcf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Baylac=20Jacqu=C3=A9?= Date: Mon, 29 May 2023 09:42:26 +0200 Subject: [PATCH 22/69] pleroma: 2.5.1 -> 2.5.2 Security update, fixes a critical bug in the media proxy. The crypt dependency was removed, dropping the libxcrypt-legacy workaround \0/. Full changelog there: https://git.pleroma.social/pleroma/pleroma/-/releases/v2.5.2 --- pkgs/servers/pleroma/default.nix | 11 ++--------- pkgs/servers/pleroma/mix.nix | 13 ------------- 2 files changed, 2 insertions(+), 22 deletions(-) diff --git a/pkgs/servers/pleroma/default.nix b/pkgs/servers/pleroma/default.nix index 05fe4c7d31b9..2dba16c182ab 100644 --- a/pkgs/servers/pleroma/default.nix +++ b/pkgs/servers/pleroma/default.nix @@ -8,14 +8,14 @@ beamPackages.mixRelease rec { pname = "pleroma"; - version = "2.5.1"; + version = "2.5.2"; src = fetchFromGitLab { domain = "git.pleroma.social"; owner = "pleroma"; repo = "pleroma"; rev = "v${version}"; - sha256 = "sha256-3iG2s7jVEnhq1kLLgtaHnFmLYBO2Xr5M5jjZfSNA9z4="; + sha256 = "sha256-5qxop/hJj1hIsEcK6vJnI2RnAcLf3tO43B0e0FcNZcA="; }; mixNixDeps = import ./mix.nix { @@ -160,13 +160,6 @@ beamPackages.mixRelease rec { cp ${cfgFile} config/config.exs ''; }; - - crypt = let - version = prev.crypt.version; - in prev.crypt.override { - buildInputs = [ libxcrypt-legacy ]; - postInstall = "mv $out/lib/erlang/lib/crypt-${version}/priv/{hex-source-crypt-${version},crypt}.so"; - }; }); }; diff --git a/pkgs/servers/pleroma/mix.nix b/pkgs/servers/pleroma/mix.nix index d3a07fe26696..cd5bb10b79cd 100644 --- a/pkgs/servers/pleroma/mix.nix +++ b/pkgs/servers/pleroma/mix.nix @@ -281,19 +281,6 @@ let beamDeps = [ ecto ]; }; - crypt = buildRebar3 rec { - name = "crypt"; - version = "1.0.1"; - - src = fetchHex { - pkg = "${name}"; - version = "${version}"; - sha256 = "10ir7nsa0dkn5jr0w9x2m38jc73aym7llz2pnkwxk9f747izz3cn"; - }; - - beamDeps = []; - }; - custom_base = buildMix rec { name = "custom_base"; version = "0.2.1"; From 00fd888c67ea2abe313cca59e06811bdbc781423 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 08:14:09 +0000 Subject: [PATCH 23/69] prometheus-pushgateway: 1.5.1 -> 1.6.0 --- pkgs/servers/monitoring/prometheus/pushgateway.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/monitoring/prometheus/pushgateway.nix b/pkgs/servers/monitoring/prometheus/pushgateway.nix index feda083c85de..5c7aef8dd059 100644 --- a/pkgs/servers/monitoring/prometheus/pushgateway.nix +++ b/pkgs/servers/monitoring/prometheus/pushgateway.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "pushgateway"; - version = "1.5.1"; + version = "1.6.0"; src = fetchFromGitHub { owner = "prometheus"; repo = "pushgateway"; rev = "v${version}"; - sha256 = "sha256-UnkSv0ZGNFqEQX+QeCySN5XeGbM2hCJGgWxry5I+3tg="; + sha256 = "sha256-sJ4TTyo+A3CEUcTJv3LlUU60pc/a/PgB0Mk6R5wpTgM="; }; - vendorSha256 = "sha256-wEKk7Jrf14oJzP6MSRJidOUUgAbPFoBOmqPrXJg86FI="; + vendorHash = "sha256-oDvFp7FYam/hsiEesfTuNgXciH4JAUKkMiECn4FPqmE="; ldflags = [ "-s" From c03888fb67d3d560f6e1bcb277100367b2d89495 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 08:23:11 +0000 Subject: [PATCH 24/69] cloudflared: 2023.5.0 -> 2023.5.1 --- pkgs/applications/networking/cloudflared/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cloudflared/default.nix b/pkgs/applications/networking/cloudflared/default.nix index aeca482b53f0..4fb5779f0bae 100644 --- a/pkgs/applications/networking/cloudflared/default.nix +++ b/pkgs/applications/networking/cloudflared/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "cloudflared"; - version = "2023.5.0"; + version = "2023.5.1"; src = fetchFromGitHub { owner = "cloudflare"; repo = "cloudflared"; rev = "refs/tags/${version}"; - hash = "sha256-0zUKlacB6aTj0UQ8dIQSU8F6SvVOTAU/GdbUqbJ8okI="; + hash = "sha256-Pt/iyBMAHMNxN92UAXPNoVXh8kOGdD5+JGZlXEioByY="; }; vendorHash = null; From 4f3419afdfc106294f7663c5e6894ec1ac1d5aed Mon Sep 17 00:00:00 2001 From: Julian Stecklina Date: Mon, 29 May 2023 16:31:46 +0200 Subject: [PATCH 25/69] keama: init at 4.4.3-P1 --- pkgs/tools/networking/keama/default.nix | 31 +++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 33 insertions(+) create mode 100644 pkgs/tools/networking/keama/default.nix diff --git a/pkgs/tools/networking/keama/default.nix b/pkgs/tools/networking/keama/default.nix new file mode 100644 index 000000000000..0b1e8c91aa15 --- /dev/null +++ b/pkgs/tools/networking/keama/default.nix @@ -0,0 +1,31 @@ +{ stdenv, lib, fetchurl }: + +stdenv.mkDerivation rec { + pname = "keama"; + version = "4.4.3-P1"; + + src = fetchurl { + url = "https://ftp.isc.org/isc/dhcp/${version}/dhcp-${version}.tar.gz"; + sha256 = "sha256-CsQWu1WZfKhjIXT9EHN/1hzbjbonUhYKM1d1vCHcc8c="; + }; + + enableParallelBuilding = true; + + # The Kea Migration Assistant lives as a subdirectory of the + # original ISC DHCP server source code. + makeFlags = [ "-C" "keama" ]; + + meta = with lib; { + description = "Kea Migration Assistent"; + + longDescription = '' + Kea migration assistant is an experimental tool that reads a ISC DHCP server + configuration and produces a JSON configuration in Kea format. + ''; + + homepage = "https://gitlab.isc.org/isc-projects/dhcp/-/wikis/kea-migration-assistant"; + license = licenses.mpl20; + platforms = platforms.unix; + maintainers = with maintainers; [ blitz ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 8cca9cc6d83d..88f3a81f43bf 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -9615,6 +9615,8 @@ with pkgs; kea = callPackage ../tools/networking/kea { }; + keama = callPackage ../tools/networking/keama { }; + iredis = callPackage ../tools/admin/iredis { }; ispell = callPackage ../tools/text/ispell { }; From 1166f26bee18876adf2c3cacab831664b6b3e225 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 15:40:00 +0000 Subject: [PATCH 26/69] pqrs: 0.2.2 -> 0.3.1 --- pkgs/development/tools/pqrs/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/pqrs/default.nix b/pkgs/development/tools/pqrs/default.nix index 20ec174015b3..56c99d30babc 100644 --- a/pkgs/development/tools/pqrs/default.nix +++ b/pkgs/development/tools/pqrs/default.nix @@ -2,16 +2,16 @@ rustPlatform.buildRustPackage rec { pname = "pqrs"; - version = "0.2.2"; + version = "0.3.1"; src = fetchFromGitHub { owner = "manojkarthick"; repo = "pqrs"; rev = "v${version}"; - sha256 = "sha256-fqxPQUcd8DG+UYJRWLDJ9RpRkCWutEXjc6J+w1qv8PQ="; + sha256 = "sha256-t6Y6gpMEpccCoyhG66FZEKHVNCbHblaqYZY1iJUZVUA="; }; - cargoSha256 = "sha256-/nfVu8eiQ8JAAUplSyA4eCQqZPCSrcxFzdc2gV95a2w="; + cargoHash = "sha256-fnoYVWpBn5Dil2o+u2MKQqd8dEKFE2i29Qz7cJae+gE="; meta = with lib; { description = "CLI tool to inspect Parquet files"; From 10503ae83ca4319dc9bd3fd3090e1b4cb2d1eb38 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 17:03:21 +0000 Subject: [PATCH 27/69] signalbackup-tools: 20230523 -> 20230528-1 --- .../instant-messengers/signalbackup-tools/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/signalbackup-tools/default.nix b/pkgs/applications/networking/instant-messengers/signalbackup-tools/default.nix index 93f9588f134a..8ea44c2b51b3 100644 --- a/pkgs/applications/networking/instant-messengers/signalbackup-tools/default.nix +++ b/pkgs/applications/networking/instant-messengers/signalbackup-tools/default.nix @@ -2,13 +2,13 @@ (if stdenv.isDarwin then darwin.apple_sdk_11_0.llvmPackages_14.stdenv else stdenv).mkDerivation rec { pname = "signalbackup-tools"; - version = "20230523"; + version = "20230528-1"; src = fetchFromGitHub { owner = "bepaald"; repo = pname; rev = version; - hash = "sha256-u0UztFdEevFVNRtRvyaeDX4vMyrGuzTMd3/nzRUqjV0="; + hash = "sha256-kb7Cu/dQ3hpT3dZxE5f/rIAyYVYroLPEAnRc6ci7Yk8="; }; postPatch = '' From 06161f191dfe17c01bdb68cbaa688700aac29528 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Mon, 29 May 2023 19:13:21 +0000 Subject: [PATCH 28/69] pdal: 2.4.3 -> 2.5.4 --- pkgs/development/libraries/pdal/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/pdal/default.nix b/pkgs/development/libraries/pdal/default.nix index 16f9fb2e1a2d..1c5715eb3237 100644 --- a/pkgs/development/libraries/pdal/default.nix +++ b/pkgs/development/libraries/pdal/default.nix @@ -22,13 +22,13 @@ stdenv.mkDerivation rec { pname = "pdal"; - version = "2.4.3"; + version = "2.5.4"; src = fetchFromGitHub { owner = "PDAL"; repo = "PDAL"; rev = version; - sha256 = "sha256-9TQlhuGSTnHsTlJos9Hwnyl1CxI0tXLZdqsaGdp6WIE="; + sha256 = "sha256-WP74YMKYJ0VqsPkOzSfuFhSKM/aY5ynVVmDTP6/DmgA="; }; nativeBuildInputs = [ From 01507d38f8c841609c04e51ec11aa4aac71216cd Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 00:57:30 +0000 Subject: [PATCH 29/69] plumed: 2.8.2 -> 2.9.0 --- .../libraries/science/chemistry/plumed/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/science/chemistry/plumed/default.nix b/pkgs/development/libraries/science/chemistry/plumed/default.nix index 8c308cf2df5b..b825c8270d62 100644 --- a/pkgs/development/libraries/science/chemistry/plumed/default.nix +++ b/pkgs/development/libraries/science/chemistry/plumed/default.nix @@ -8,13 +8,13 @@ assert !blas.isILP64; stdenv.mkDerivation rec { pname = "plumed"; - version = "2.8.2"; + version = "2.9.0"; src = fetchFromGitHub { owner = "plumed"; repo = "plumed2"; rev = "v${version}"; - hash = "sha256-ugYhJq8KFjT8rkAOX/yZ9IlEklXCwRxKH49REd2QN9E="; + hash = "sha256-yL+59f908IhbxGIylI1ydi1BPZwAapjK/vP4/h5gcHk="; }; postPatch = '' From b27387cb03aef6ac9d7814ffe6032bed6b110479 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 02:02:15 +0000 Subject: [PATCH 30/69] flacon: 11.0.0 -> 11.1.0 --- pkgs/applications/audio/flacon/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/audio/flacon/default.nix b/pkgs/applications/audio/flacon/default.nix index 4a3e0a9ae24e..7bf9d7fb918f 100644 --- a/pkgs/applications/audio/flacon/default.nix +++ b/pkgs/applications/audio/flacon/default.nix @@ -4,13 +4,13 @@ stdenv.mkDerivation rec { pname = "flacon"; - version = "11.0.0"; + version = "11.1.0"; src = fetchFromGitHub { owner = "flacon"; repo = "flacon"; rev = "v${version}"; - sha256 = "sha256-xc+pp1phFtcGDCsLzzjWjZBfRJ5ss/F1Nm8/s9sWPfs="; + sha256 = "sha256-nAJKTRkx8d53v1tPnu5ARrRoESKh4jUOCcD54bhE8TU="; }; nativeBuildInputs = [ cmake pkg-config wrapQtAppsHook ]; From c9b945e0f846182deeb23733f550f39182892ba3 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 02:04:29 +0000 Subject: [PATCH 31/69] webhook: 2.8.0 -> 2.8.1 --- pkgs/servers/http/webhook/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/http/webhook/default.nix b/pkgs/servers/http/webhook/default.nix index 6daf06e117aa..789382def1dc 100644 --- a/pkgs/servers/http/webhook/default.nix +++ b/pkgs/servers/http/webhook/default.nix @@ -6,16 +6,16 @@ buildGoModule rec { pname = "webhook"; - version = "2.8.0"; + version = "2.8.1"; src = fetchFromGitHub { owner = "adnanh"; repo = "webhook"; rev = version; - sha256 = "0n03xkgwpzans0cymmzb0iiks8mi2c76xxdak780dk0jbv6qgp5i"; + sha256 = "sha256-8OpVpm9nEroUlr41VgnyM6sxd/FlSvoQK5COOWvo4Y4="; }; - vendorSha256 = null; + vendorHash = null; subPackages = [ "." ]; From 0b01e667c8f491bf5e25a2af6a72db2a4488e42d Mon Sep 17 00:00:00 2001 From: Aaron Jheng Date: Tue, 30 May 2023 02:29:43 +0000 Subject: [PATCH 32/69] lightning-loop: 0.23.0-beta -> 0.24.1-beta --- pkgs/applications/blockchains/lightning-loop/default.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/blockchains/lightning-loop/default.nix b/pkgs/applications/blockchains/lightning-loop/default.nix index be131295f8ed..3dc1356c90cb 100644 --- a/pkgs/applications/blockchains/lightning-loop/default.nix +++ b/pkgs/applications/blockchains/lightning-loop/default.nix @@ -5,19 +5,21 @@ buildGoModule rec { pname = "lightning-loop"; - version = "0.23.0-beta"; + version = "0.24.1-beta"; src = fetchFromGitHub { owner = "lightninglabs"; repo = "loop"; rev = "v${version}"; - sha256 = "sha256-nYDu451BS5gV4pbV9Pp+S7oKsLGzgVu1a9Df7651e4c="; + hash = "sha256-gPWiKSwXS1eSuHss+hkiqqxqonGYSGmSh3/jL+NlqEg="; }; - vendorSha256 = "sha256-6bRg6is1g/eRCr82tHMXTWVFv2S0d2h/J3w1gpentjo="; + vendorHash = "sha256-6bRg6is1g/eRCr82tHMXTWVFv2S0d2h/J3w1gpentjo="; subPackages = [ "cmd/loop" "cmd/loopd" ]; + ldflags = [ "-s" "-w" ]; + meta = with lib; { description = "Lightning Loop Client"; homepage = "https://github.com/lightninglabs/loop"; From d21a85aad3190ab6b640b682827e5336ab4b6f11 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 02:32:45 +0000 Subject: [PATCH 33/69] goflow2: 1.3.3 -> 1.3.4 --- pkgs/tools/networking/goflow2/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/goflow2/default.nix b/pkgs/tools/networking/goflow2/default.nix index f77ca9e7981e..2ba027e72236 100644 --- a/pkgs/tools/networking/goflow2/default.nix +++ b/pkgs/tools/networking/goflow2/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "goflow2"; - version = "1.3.3"; + version = "1.3.4"; src = fetchFromGitHub { owner = "netsampler"; repo = pname; rev = "v${version}"; - hash = "sha256-YZuF3O1/Ycn2gFK9i1D/W8F16B6NEift5PYbv8yqUHk="; + hash = "sha256-0E3iSO+ObaPhIUerF4y5UygJMSMJNTJwI6RqHunqrZ0="; }; ldflags = [ @@ -20,7 +20,7 @@ buildGoModule rec { "-X=main.version=${version}" ]; - vendorHash = "sha256-c40N6SAym9dpCuGb5I7t9sJBde2r552obot3drYCjB4="; + vendorHash = "sha256-tNrCsCKBoUsrCOlbI1FUoksWoI4jUiYLF+A8Fjfe9Qk="; meta = with lib; { description = "High performance sFlow/IPFIX/NetFlow Collector"; From 6519bda964865954344098ffa271f97cf25ed344 Mon Sep 17 00:00:00 2001 From: figsoda Date: Mon, 29 May 2023 22:56:58 -0400 Subject: [PATCH 34/69] catnip: init at 1.8.0 https://github.com/noriah/catnip --- pkgs/tools/audio/catnip/default.nix | 50 +++++++++++++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 52 insertions(+) create mode 100644 pkgs/tools/audio/catnip/default.nix diff --git a/pkgs/tools/audio/catnip/default.nix b/pkgs/tools/audio/catnip/default.nix new file mode 100644 index 000000000000..de299738242e --- /dev/null +++ b/pkgs/tools/audio/catnip/default.nix @@ -0,0 +1,50 @@ +{ lib +, buildGoModule +, fetchFromGitHub +, pkg-config +, portaudio +, testers +, catnip +}: + +buildGoModule rec { + pname = "catnip"; + version = "1.8.0"; + + src = fetchFromGitHub { + owner = "noriah"; + repo = "catnip"; + rev = "v${version}"; + hash = "sha256-eVEoQrI8NycEV/dPUNFqkzgjOYaGmH1+lLRRkOybXDU="; + }; + + vendorHash = "sha256-Hj453+5fhbUL6YMeupT5D6ydaEMe+ZQNgEYHtCUtTx4="; + + nativeBuildInputs = [ + pkg-config + ]; + + buildInputs = [ + portaudio + ]; + + ldflags = [ + "-s" + "-w" + "-X=main.version=${version}" + ]; + + passthru.tests = { + version = testers.testVersion { + package = catnip; + }; + }; + + meta = with lib; { + description = "Terminal audio visualizer for linux/unix/macOS/windows"; + homepage = "https://github.com/noriah/catnip"; + changelog = "https://github.com/noriah/catnip/releases/tag/${src.rev}"; + license = licenses.mit; + maintainers = with maintainers; [ figsoda ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a7ecd5ab4d36..9ad64d2d8fc0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -18040,6 +18040,8 @@ with pkgs; cadre = callPackage ../development/tools/cadre { }; + catnip = callPackage ../tools/audio/catnip { }; + cbrowser = callPackage ../development/tools/misc/cbrowser { }; cc-tool = callPackage ../development/embedded/cc-tool { }; From c8ac5e32b1976ff5955f83e25925b33c670fdd06 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 30 May 2023 03:07:35 +0000 Subject: [PATCH 35/69] terraform-providers.infoblox: 2.3.0 -> 2.4.0 --- .../networking/cluster/terraform-providers/providers.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index 2cf3dba2ba28..d7c3bca6176a 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -584,11 +584,11 @@ "vendorHash": null }, "infoblox": { - "hash": "sha256-C7j9WvhLePQvZlGvYC51GQRIa5JwgARNDG1nGZwY6FU=", + "hash": "sha256-mfRhS+GP7ygAY6SsD2p4jj+C7iZ8SbxHOLGeZVm7a8M=", "homepage": "https://registry.terraform.io/providers/infobloxopen/infoblox", "owner": "infobloxopen", "repo": "terraform-provider-infoblox", - "rev": "v2.3.0", + "rev": "v2.4.0", "spdx": "MPL-2.0", "vendorHash": null }, From 0c664a56c89bfeab3d0fafe6d7eeff11f8ad3120 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 30 May 2023 03:09:12 +0000 Subject: [PATCH 36/69] terraform-providers.pagerduty: 2.14.5 -> 2.14.6 --- .../networking/cluster/terraform-providers/providers.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index d7c3bca6176a..95bcf91e59b6 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -882,11 +882,11 @@ "vendorHash": null }, "pagerduty": { - "hash": "sha256-Vp4kNvG+37MR/0Es0sFxkWfl0dNc8ZIbm0VpSX416Pk=", + "hash": "sha256-78DCzzGya9BKzzY4DXG/H+JidqPHObKmxlDCgG08cb8=", "homepage": "https://registry.terraform.io/providers/PagerDuty/pagerduty", "owner": "PagerDuty", "repo": "terraform-provider-pagerduty", - "rev": "v2.14.5", + "rev": "v2.14.6", "spdx": "MPL-2.0", "vendorHash": null }, From 15b55f89753abf40e01da8bcaabb2d5291bb6ad4 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 30 May 2023 03:10:30 +0000 Subject: [PATCH 37/69] terraform-providers.scaleway: 2.19.0 -> 2.20.0 --- .../networking/cluster/terraform-providers/providers.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index 95bcf91e59b6..a54ac99b362b 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -963,13 +963,13 @@ "vendorHash": null }, "scaleway": { - "hash": "sha256-ZZu8rePMIuQArXI3P/S9rGxw7LU8g3qbJYFpSJ32KJQ=", + "hash": "sha256-+WNvmkQvqupSYQDlY/57nyaV6kH2wvQLsb+uAJuGaaw=", "homepage": "https://registry.terraform.io/providers/scaleway/scaleway", "owner": "scaleway", "repo": "terraform-provider-scaleway", - "rev": "v2.19.0", + "rev": "v2.20.0", "spdx": "MPL-2.0", - "vendorHash": "sha256-TTQXAX8M9w0RUDVevt4OpPB32R2GFjsvCn1j+SJgZZs=" + "vendorHash": "sha256-dSnq0iU1ANuOyTNZQfy7FRjEIL2HG2ZJFNTe6iaBe5U=" }, "secret": { "hash": "sha256-MmAnA/4SAPqLY/gYcJSTnEttQTsDd2kEdkQjQj6Bb+A=", From 38a78a1302b649829ab05af934d914f436609e03 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 03:15:43 +0000 Subject: [PATCH 38/69] amazon-ecr-credential-helper: 0.7.0 -> 0.7.1 --- pkgs/tools/admin/amazon-ecr-credential-helper/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/admin/amazon-ecr-credential-helper/default.nix b/pkgs/tools/admin/amazon-ecr-credential-helper/default.nix index d0f6e8f56719..e541d75c3739 100644 --- a/pkgs/tools/admin/amazon-ecr-credential-helper/default.nix +++ b/pkgs/tools/admin/amazon-ecr-credential-helper/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "amazon-ecr-credential-helper"; - version = "0.7.0"; + version = "0.7.1"; src = fetchFromGitHub { owner = "awslabs"; repo = "amazon-ecr-credential-helper"; rev = "v${version}"; - sha256 = "sha256-jkS3JAHgIci/5HrcM6a5LjGitl4SLHQNmUIMLWrkUUc="; + sha256 = "sha256-Q+YAfCsq4/PoSzYMFhLDAsAfxlU7XR/vouHo42/D2eM="; }; vendorHash = null; From 4d49cc4833628211e27474ab018c75bddbb8e90e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 03:23:34 +0000 Subject: [PATCH 39/69] frp: 0.48.0 -> 0.49.0 --- pkgs/tools/networking/frp/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/frp/default.nix b/pkgs/tools/networking/frp/default.nix index 6b09adea63b6..658d9fb9846d 100644 --- a/pkgs/tools/networking/frp/default.nix +++ b/pkgs/tools/networking/frp/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "frp"; - version = "0.48.0"; + version = "0.49.0"; src = fetchFromGitHub { owner = "fatedier"; repo = pname; rev = "v${version}"; - sha256 = "sha256-e9Qof+HxSJHzAUbLb+w5oWPTOslTPxnC8BVAmtMQGlE="; + sha256 = "sha256-6bBLgMh9Hf+UWYcF6oypK62VmeZwXsP7wz5PizeiRcc="; }; - vendorHash = "sha256-DhzirX+AGe8dE62M0hiE5SlWK8HqhNN0MMk9i2Ntrs8="; + vendorHash = "sha256-zQMm3qOBDJuL4w/BDGKH3DbfAFn0pwuvjltYnuxxvzk="; doCheck = false; From 9cd3f2e65111a31798f8598fb0c2590f09183ccb Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 03:26:23 +0000 Subject: [PATCH 40/69] clickhouse-backup: 2.2.6 -> 2.2.7 --- pkgs/development/tools/database/clickhouse-backup/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/database/clickhouse-backup/default.nix b/pkgs/development/tools/database/clickhouse-backup/default.nix index d50a37b9eeff..53b413c8c82a 100644 --- a/pkgs/development/tools/database/clickhouse-backup/default.nix +++ b/pkgs/development/tools/database/clickhouse-backup/default.nix @@ -7,13 +7,13 @@ buildGoModule rec { pname = "clickhouse-backup"; - version = "2.2.6"; + version = "2.2.7"; src = fetchFromGitHub { owner = "AlexAkulov"; repo = pname; rev = "v${version}"; - sha256 = "sha256-oFGaNxK8cVrs+rkmJR9wSYB4+i3B8BGYhsuHbUTK3es="; + sha256 = "sha256-r84mbjkS3qdTNeM4t1S4YRJdKa6qNUzZVI0NOBM2MPI="; }; vendorHash = "sha256-UY/8fWPoO3d0g1/CN215Q4z744S2cCT7fB4ctpridAI="; From d12ab6e1e76d6c81c0a3720a992b4beda22bd056 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 03:39:50 +0000 Subject: [PATCH 41/69] minio-client: 2023-05-18T16-59-00Z -> 2023-05-26T23-31-54Z --- pkgs/tools/networking/minio-client/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/minio-client/default.nix b/pkgs/tools/networking/minio-client/default.nix index bd36f0a29b58..df3c16877a60 100644 --- a/pkgs/tools/networking/minio-client/default.nix +++ b/pkgs/tools/networking/minio-client/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "minio-client"; - version = "2023-05-18T16-59-00Z"; + version = "2023-05-26T23-31-54Z"; src = fetchFromGitHub { owner = "minio"; repo = "mc"; rev = "RELEASE.${version}"; - sha256 = "sha256-43aL7UXKwOKHeLvjO/zK4CLf/uLESR23bO0Ro4WGAHQ="; + sha256 = "sha256-+SqFqrDzjI53tfdGOTm4KMcCLVnfxJLoxtzUSmc4RMw="; }; - vendorHash = "sha256-hfe/Y0eVPDpBNhaQknghQFkCIWuGg64CbrfKnVVB97I="; + vendorHash = "sha256-kjFAUBgMsydP4K32Yiu6BSA8heFhWEBf21iZs+1llCA="; subPackages = [ "." ]; From 599c8bb3afb3c9446ee7183d4d3e4cc390dbd659 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 04:00:34 +0000 Subject: [PATCH 42/69] rust-analyzer-unwrapped: 2023-05-22 -> 2023-05-29 --- pkgs/development/tools/rust/rust-analyzer/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/rust/rust-analyzer/default.nix b/pkgs/development/tools/rust/rust-analyzer/default.nix index 7eae0d0d55ed..7cdba5adbc88 100644 --- a/pkgs/development/tools/rust/rust-analyzer/default.nix +++ b/pkgs/development/tools/rust/rust-analyzer/default.nix @@ -13,14 +13,14 @@ rustPlatform.buildRustPackage rec { pname = "rust-analyzer-unwrapped"; - version = "2023-05-22"; - cargoSha256 = "sha256-44UNNHOegP2Q1THPnEa37etedwstQbnB2Gr3dF39ZXU="; + version = "2023-05-29"; + cargoSha256 = "sha256-Qsr+cpggftYR9JL1y3ZgmuNSNsyBeQVVr+pt3R9/gm8="; src = fetchFromGitHub { owner = "rust-lang"; repo = "rust-analyzer"; rev = version; - sha256 = "sha256-xDUpgRcACQQREemfVQnft6AImqF2+dbxmHupw6gzSho="; + sha256 = "sha256-8fOFw6B9lDUt4slKAGHj6Bipi5or7nNQvOB9vvN2R9U="; }; cargoBuildFlags = [ "--bin" "rust-analyzer" "--bin" "rust-analyzer-proc-macro-srv" ]; From 57d2ea7636c28fc6180b52f4d551231bf467c7fe Mon Sep 17 00:00:00 2001 From: Weijia Wang <9713184+wegank@users.noreply.github.com> Date: Tue, 30 May 2023 07:23:31 +0300 Subject: [PATCH 43/69] powershell: drop openssl_1_1 --- pkgs/shells/powershell/default.nix | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/pkgs/shells/powershell/default.nix b/pkgs/shells/powershell/default.nix index 5dbd8eb4f22e..ec0e36738329 100644 --- a/pkgs/shells/powershell/default.nix +++ b/pkgs/shells/powershell/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, autoPatchelfHook, fetchzip, libunwind, libuuid, icu, curl -, darwin, makeWrapper, less, openssl_1_1, pam, lttng-ust }: +, darwin, makeWrapper, less, openssl, pam, lttng-ust }: let archString = if stdenv.isAarch64 then "arm64" else if stdenv.isx86_64 then "x64" @@ -15,7 +15,7 @@ let archString = if stdenv.isAarch64 then "arm64" platformLdLibraryPath = if stdenv.isDarwin then "DYLD_FALLBACK_LIBRARY_PATH" else if stdenv.isLinux then "LD_LIBRARY_PATH" else throw "unsupported platform"; - libraries = [ libunwind libuuid icu curl openssl_1_1 ] ++ + libraries = [ libunwind libuuid icu curl openssl ] ++ (if stdenv.isLinux then [ pam lttng-ust ] else [ darwin.Libsystem ]); in stdenv.mkDerivation rec { @@ -42,17 +42,13 @@ stdenv.mkDerivation rec { cp -r * $pslibs - rm -f $pslibs/libcrypto${ext}.1.0.0 - rm -f $pslibs/libssl${ext}.1.0.0 - # At least the 7.1.4-osx package does not have the executable bit set. chmod a+x $pslibs/pwsh - ls $pslibs - '' + lib.optionalString (!stdenv.isDarwin && !stdenv.isAarch64) '' - patchelf --replace-needed libcrypto${ext}.1.0.0 libcrypto${ext}.1.1 $pslibs/libmi.so - patchelf --replace-needed libssl${ext}.1.0.0 libssl${ext}.1.1 $pslibs/libmi.so - '' + lib.optionalString (!stdenv.isDarwin) '' + '' + lib.optionalString (stdenv.isLinux && stdenv.isx86_64) '' + patchelf --replace-needed libcrypto${ext}.1.0.0 libcrypto${ext} $pslibs/libmi.so + patchelf --replace-needed libssl${ext}.1.0.0 libssl${ext} $pslibs/libmi.so + '' + lib.optionalString stdenv.isLinux '' patchelf --replace-needed liblttng-ust${ext}.0 liblttng-ust${ext}.1 $pslibs/libcoreclrtraceptprovider.so '' + '' From 8e82668efc15c85eb244221f454738c621488ff8 Mon Sep 17 00:00:00 2001 From: MGlolenstine Date: Tue, 30 May 2023 06:26:30 +0200 Subject: [PATCH 44/69] zinit: 3.7 -> 3.11.0 --- pkgs/shells/zsh/zinit/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/shells/zsh/zinit/default.nix b/pkgs/shells/zsh/zinit/default.nix index ca8b7ea2e46a..43fe2dc7d9fd 100644 --- a/pkgs/shells/zsh/zinit/default.nix +++ b/pkgs/shells/zsh/zinit/default.nix @@ -2,12 +2,12 @@ stdenvNoCC.mkDerivation rec { pname = "zinit"; - version = "3.7"; + version = "3.11.0"; src = fetchFromGitHub { owner = "zdharma-continuum"; repo = pname; rev = "v${version}"; - hash = "sha256-B+cTGz+U8MR22l6xXdRAAjDr+ulCk+CJ9GllFMK0axE="; + hash = "sha256-Gps7s26qqEjQPDhhSJr9u5SuRNRJnmayKfw45Ygjcd8="; }; # adapted from https://aur.archlinux.org/cgit/aur.git/tree/PKGBUILD?h=zsh-zplugin-git dontBuild = true; @@ -20,9 +20,9 @@ stdenvNoCC.mkDerivation rec { # Zplugin's source files install -dm0755 "$outdir" - # Installing also backward compatibility layer - install -m0644 z{plugin,init}{,-side,-install,-autoload}.zsh "$outdir" - install -m0755 git-process-output.zsh "$outdir" + # Installing backward compatibility layer + install -m0644 zinit{,-side,-install,-autoload}.zsh "$outdir" + install -m0755 share/git-process-output.zsh "$outdir" # Zplugin autocompletion installShellCompletion --zsh _zinit From 288b2fa580edf3e7a4814422717b6055a5cf65ea Mon Sep 17 00:00:00 2001 From: Nick Cao Date: Tue, 30 May 2023 12:31:11 +0800 Subject: [PATCH 45/69] maddy: 0.6.3 -> 0.7.0 Diff: https://github.com/foxcpp/maddy/compare/v0.6.3...v0.7.0 --- pkgs/servers/maddy/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/maddy/default.nix b/pkgs/servers/maddy/default.nix index d008bdf939ad..e48154bf02ea 100644 --- a/pkgs/servers/maddy/default.nix +++ b/pkgs/servers/maddy/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "maddy"; - version = "0.6.3"; + version = "0.7.0"; src = fetchFromGitHub { owner = "foxcpp"; repo = "maddy"; rev = "v${version}"; - sha256 = "sha256-vf+jkXerdwvQhtyiOObBRxh8sYMEcgXC5vNzm5wquBs="; + sha256 = "sha256-EMw07yTFP0aBSuGDWivB8amuxWLFHhYV6J9faTEW5z4="; }; - vendorSha256 = "sha256-10cLNl9jWYX8XIKQkCxJ+/ymZC1YJRHUJWZQhq7zeV4="; + vendorSha256 = "sha256-LyfkETZPkhJKN8CEivNp7Se4IBpzyAtmCM1xil4n2po="; tags = [ "libpam" ]; From e2f30e50a87d221ed0cc16b6566d653f1e8ad9b1 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 04:39:23 +0000 Subject: [PATCH 46/69] netbird-ui: 0.20.3 -> 0.20.5 --- pkgs/tools/networking/netbird/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/netbird/default.nix b/pkgs/tools/networking/netbird/default.nix index b75b7e98918f..3922fa53ca3b 100644 --- a/pkgs/tools/networking/netbird/default.nix +++ b/pkgs/tools/networking/netbird/default.nix @@ -30,16 +30,16 @@ let in buildGoModule rec { pname = "netbird"; - version = "0.20.3"; + version = "0.20.5"; src = fetchFromGitHub { owner = "netbirdio"; repo = pname; rev = "v${version}"; - sha256 = "sha256-aKgqkmNM+NQ2BujOG7tVyYees0Gxwf8LzrFft4FCLZk="; + sha256 = "sha256-Di3Y5Pa4A6Iw0rXp0VdAPUuzFO3SnpV6Ip6N1gyFuoU="; }; - vendorHash = "sha256-mO0I0+nT1eL4DbUpgS8wCKjXH80ca6q6RLoagz9W5uI="; + vendorHash = "sha256-wgiDwf1aV8hM33ADgqAbmeLu9lDKdvw0d88IrVg0fmo="; nativeBuildInputs = [ installShellFiles ] ++ lib.optional ui pkg-config; From 63f73b3295d165a6d60cc3322ec46b2c37f646d0 Mon Sep 17 00:00:00 2001 From: Jonas Heinrich Date: Sat, 27 May 2023 15:49:05 +0200 Subject: [PATCH 47/69] nixos/maddy: change secrets option to accept a list of paths --- nixos/modules/services/mail/maddy.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/nixos/modules/services/mail/maddy.nix b/nixos/modules/services/mail/maddy.nix index 701d57f18e0c..3b4a517fb859 100644 --- a/nixos/modules/services/mail/maddy.nix +++ b/nixos/modules/services/mail/maddy.nix @@ -335,12 +335,13 @@ in { }; secrets = lib.mkOption { - type = lib.types.path; + type = with types; listOf path; description = lib.mdDoc '' - A file containing the various secrets. Should be in the format + A list of files containing the various secrets. Should be in the format expected by systemd's `EnvironmentFile` directory. Secrets can be referenced in the format `{env:VAR}`. ''; + default = [ ]; }; }; @@ -379,7 +380,7 @@ in { User = cfg.user; Group = cfg.group; StateDirectory = [ "maddy" ]; - EnvironmentFile = lib.mkIf (cfg.secrets != null) "${cfg.secrets}"; + EnvironmentFile = cfg.secrets; }; restartTriggers = [ config.environment.etc."maddy/maddy.conf".source ]; wantedBy = [ "multi-user.target" ]; From 3407d5eae1b9b96e9175564aaa91c5df9a72b0fc Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 05:15:50 +0000 Subject: [PATCH 48/69] dagger: 0.5.3 -> 0.6.0 --- .../tools/continuous-integration/dagger/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/continuous-integration/dagger/default.nix b/pkgs/development/tools/continuous-integration/dagger/default.nix index 3d1f4d5f5696..b850b3b55555 100644 --- a/pkgs/development/tools/continuous-integration/dagger/default.nix +++ b/pkgs/development/tools/continuous-integration/dagger/default.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "dagger"; - version = "0.5.3"; + version = "0.6.0"; src = fetchFromGitHub { owner = "dagger"; repo = "dagger"; rev = "v${version}"; - hash = "sha256-yMegSRO9wkpw2o429mLoDmUmysXmR93MULHjtc/V/cQ="; + hash = "sha256-NFQ1VPgY3WDwMsOi0wZ/b7sV/Ckv/WCeegSyLCnOPJM="; }; - vendorHash = "sha256-LuCbo7T0lXoQUBfSeCGw3SLydA2iM7dv7pYCterapHU="; + vendorHash = "sha256-KniHuJWkwZEzFcdtZUaYEoqcvmotbO+yuEB5L3Q3FGI="; proxyVendor = true; subPackages = [ From 997a334cd2476c97e85abcad6fdbcbb18eb5f9af Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 05:21:33 +0000 Subject: [PATCH 49/69] re-flex: 3.3.2 -> 3.3.3 --- pkgs/development/tools/parsing/re-flex/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/parsing/re-flex/default.nix b/pkgs/development/tools/parsing/re-flex/default.nix index 1b4f5051e71f..0ae0dc9eb933 100644 --- a/pkgs/development/tools/parsing/re-flex/default.nix +++ b/pkgs/development/tools/parsing/re-flex/default.nix @@ -9,13 +9,13 @@ stdenv.mkDerivation rec { pname = "re-flex"; - version = "3.3.2"; + version = "3.3.3"; src = fetchFromGitHub { owner = "Genivia"; repo = "RE-flex"; rev = "v${version}"; - sha256 = "sha256-nThI0o9m2AM8LTew3TX/lz80kxGoq87geaYw/VokIVk="; + sha256 = "sha256-pfCszi75TAo9ibpuWlfIDm5OO7Eo6joNPIer4JoDJRw="; }; nativeBuildInputs = [ boost autoconf automake ]; From b1a0d1607e17da1052ea8e6099a3966a1b876b26 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 05:30:46 +0000 Subject: [PATCH 50/69] pacparser: 1.4.1 -> 1.4.2 --- pkgs/tools/networking/pacparser/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/pacparser/default.nix b/pkgs/tools/networking/pacparser/default.nix index 8caf4568c99b..89fca0a220ba 100644 --- a/pkgs/tools/networking/pacparser/default.nix +++ b/pkgs/tools/networking/pacparser/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "pacparser"; - version = "1.4.1"; + version = "1.4.2"; src = fetchFromGitHub { owner = "manugarg"; repo = pname; rev = "v${version}"; - sha256 = "sha256-tEbkMRHCdiKXpz9Ksg2LEzfOVhF8xbUHWMeExPMlGVM="; + sha256 = "sha256-p83aAcZ3fGOrokq4HDgF5/VxMl3Q11voSjdaBUUO4S0="; }; makeFlags = [ "NO_INTERNET=1" ]; From e5c96ab6fd5471cc710f45b1d5bd5833bff21c35 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 06:08:24 +0000 Subject: [PATCH 51/69] vtm: 0.9.9k -> 0.9.9l --- pkgs/tools/misc/vtm/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/vtm/default.nix b/pkgs/tools/misc/vtm/default.nix index 35e4e5b67418..b73b3f8bd4ae 100644 --- a/pkgs/tools/misc/vtm/default.nix +++ b/pkgs/tools/misc/vtm/default.nix @@ -6,13 +6,13 @@ stdenv.mkDerivation rec { pname = "vtm"; - version = "0.9.9k"; + version = "0.9.9l"; src = fetchFromGitHub { owner = "netxs-group"; repo = "vtm"; rev = "v${version}"; - sha256 = "sha256-vmgjonMjhVEfsujWUuX+50NPAzgIfJADp8qjnDmfV1E="; + sha256 = "sha256-thahwqgXMgEY02dLnmXsdOy0/WUYJJewB9ax7GP6LK0="; }; nativeBuildInputs = [ cmake ]; From 38d50c81f27e61b19e6bc688d88cb1a4475c8444 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 06:17:16 +0000 Subject: [PATCH 52/69] clj-kondo: 2023.05.18 -> 2023.05.26 --- pkgs/development/tools/clj-kondo/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/clj-kondo/default.nix b/pkgs/development/tools/clj-kondo/default.nix index 53a9573a92e1..41e63d8667bf 100644 --- a/pkgs/development/tools/clj-kondo/default.nix +++ b/pkgs/development/tools/clj-kondo/default.nix @@ -2,11 +2,11 @@ buildGraalvmNativeImage rec { pname = "clj-kondo"; - version = "2023.05.18"; + version = "2023.05.26"; src = fetchurl { url = "https://github.com/clj-kondo/${pname}/releases/download/v${version}/${pname}-${version}-standalone.jar"; - sha256 = "sha256-ZWGP8P/RJ5vBm6ijAcAlqDwlICrGFa+uieLG49JMkFI="; + sha256 = "sha256-YnieYpRTBTnV3/jjcy1m469qH4m8uTeAVt3SG55r2/0="; }; extraNativeImageBuildArgs = [ From 9db2a0900132fb83832dac8323acec8db60e400d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 May 2023 11:59:42 +0000 Subject: [PATCH 53/69] build(deps): bump cachix/install-nix-action from 20 to 21 Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 20 to 21. - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v20...v21) --- updated-dependencies: - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/basic-eval.yml | 2 +- .github/workflows/check-maintainers-sorted.yaml | 2 +- .github/workflows/editorconfig.yml | 2 +- .github/workflows/manual-nixos.yml | 2 +- .github/workflows/manual-nixpkgs.yml | 2 +- .github/workflows/manual-rendering.yml | 2 +- .github/workflows/update-terraform-providers.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/basic-eval.yml b/.github/workflows/basic-eval.yml index 605d6a30a383..3af716e88976 100644 --- a/.github/workflows/basic-eval.yml +++ b/.github/workflows/basic-eval.yml @@ -19,7 +19,7 @@ jobs: # we don't limit this action to only NixOS repo since the checks are cheap and useful developer feedback steps: - uses: actions/checkout@v3 - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 - uses: cachix/cachix-action@v12 with: # This cache is for the nixpkgs repo checks and should not be trusted or used elsewhere. diff --git a/.github/workflows/check-maintainers-sorted.yaml b/.github/workflows/check-maintainers-sorted.yaml index fc03988b068d..c72679af4a9e 100644 --- a/.github/workflows/check-maintainers-sorted.yaml +++ b/.github/workflows/check-maintainers-sorted.yaml @@ -16,7 +16,7 @@ jobs: with: # pull_request_target checks out the base branch by default ref: refs/pull/${{ github.event.pull_request.number }}/merge - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: # explicitly enable sandbox extra_nix_config: sandbox = true diff --git a/.github/workflows/editorconfig.yml b/.github/workflows/editorconfig.yml index 5dd85ca26f9d..f62ab05da452 100644 --- a/.github/workflows/editorconfig.yml +++ b/.github/workflows/editorconfig.yml @@ -28,7 +28,7 @@ jobs: with: # pull_request_target checks out the base branch by default ref: refs/pull/${{ github.event.pull_request.number }}/merge - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: # nixpkgs commit is pinned so that it doesn't break # editorconfig-checker 2.4.0 diff --git a/.github/workflows/manual-nixos.yml b/.github/workflows/manual-nixos.yml index 85c7ac2d6929..30cecf607d17 100644 --- a/.github/workflows/manual-nixos.yml +++ b/.github/workflows/manual-nixos.yml @@ -18,7 +18,7 @@ jobs: with: # pull_request_target checks out the base branch by default ref: refs/pull/${{ github.event.pull_request.number }}/merge - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: # explicitly enable sandbox extra_nix_config: sandbox = true diff --git a/.github/workflows/manual-nixpkgs.yml b/.github/workflows/manual-nixpkgs.yml index 4f76a0d732c8..43ee63af127d 100644 --- a/.github/workflows/manual-nixpkgs.yml +++ b/.github/workflows/manual-nixpkgs.yml @@ -19,7 +19,7 @@ jobs: with: # pull_request_target checks out the base branch by default ref: refs/pull/${{ github.event.pull_request.number }}/merge - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: # explicitly enable sandbox extra_nix_config: sandbox = true diff --git a/.github/workflows/manual-rendering.yml b/.github/workflows/manual-rendering.yml index ad4777608622..dbaea583ef7d 100644 --- a/.github/workflows/manual-rendering.yml +++ b/.github/workflows/manual-rendering.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: # explicitly enable sandbox extra_nix_config: sandbox = true diff --git a/.github/workflows/update-terraform-providers.yml b/.github/workflows/update-terraform-providers.yml index e0e68b4bf14a..1276a0867aac 100644 --- a/.github/workflows/update-terraform-providers.yml +++ b/.github/workflows/update-terraform-providers.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v3 - - uses: cachix/install-nix-action@v20 + - uses: cachix/install-nix-action@v21 with: nix_path: nixpkgs=channel:nixpkgs-unstable - name: setup From 60706045e7d96358d7d9532dae92127a97702d13 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 06:52:23 +0000 Subject: [PATCH 54/69] credhub-cli: 2.9.15 -> 2.9.16 --- pkgs/tools/admin/credhub-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/admin/credhub-cli/default.nix b/pkgs/tools/admin/credhub-cli/default.nix index d7e2af079fd1..c85116abaf78 100644 --- a/pkgs/tools/admin/credhub-cli/default.nix +++ b/pkgs/tools/admin/credhub-cli/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "credhub-cli"; - version = "2.9.15"; + version = "2.9.16"; src = fetchFromGitHub { owner = "cloudfoundry-incubator"; repo = "credhub-cli"; rev = version; - sha256 = "sha256-0cs2ChbhUHvjHOGVv/wazo8g5f5JWuDKHJkKLC6Qp4g="; + sha256 = "sha256-NfGS5kUfmv1djYMqB1HrNFgM2cBfW4EZHrkxhwmBWKQ="; }; # these tests require network access that we're not going to give them From 80a0edea9e3efdd2f2f51784a1b121dbd70a820e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 07:22:12 +0000 Subject: [PATCH 55/69] gpg-tui: 0.9.5 -> 0.9.6 --- pkgs/tools/security/gpg-tui/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/gpg-tui/default.nix b/pkgs/tools/security/gpg-tui/default.nix index da591cd1fefb..99a99e74c4a5 100644 --- a/pkgs/tools/security/gpg-tui/default.nix +++ b/pkgs/tools/security/gpg-tui/default.nix @@ -17,16 +17,16 @@ rustPlatform.buildRustPackage rec { pname = "gpg-tui"; - version = "0.9.5"; + version = "0.9.6"; src = fetchFromGitHub { owner = "orhun"; repo = "gpg-tui"; rev = "v${version}"; - hash = "sha256-WBOjdcqBHvXYAFEsv0249W7HrABDsZe9pfc3jM9LUSA="; + hash = "sha256-vzdQqiAguwXZ3QNlctnfsuFxNYwBLICVqonFKXdMvSQ="; }; - cargoHash = "sha256-0xNCQQG9S2sqxfc3MIZnftCSrVsrk4DO/cIM0iW33oI="; + cargoHash = "sha256-clxpTayrWSu0esu8L4/Kf8oKk8zAK3XJwT8IJqHoZpw="; nativeBuildInputs = [ gpgme # for gpgme-config From f1a6437259a395d20d96bbed23c3149a69a847e2 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Tue, 30 May 2023 10:32:41 +0300 Subject: [PATCH 56/69] picard: Fix inputs Add qt5.qtwayland - for the wrapper. Put most qt5 inputs in `buildInputs` - not `nativeBuildInputs`. Remove `fetchpatch` unused argument. --- pkgs/applications/audio/picard/default.nix | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/audio/picard/default.nix b/pkgs/applications/audio/picard/default.nix index 4e7323b128b3..983457530ad1 100644 --- a/pkgs/applications/audio/picard/default.nix +++ b/pkgs/applications/audio/picard/default.nix @@ -1,7 +1,6 @@ { lib , python3Packages , fetchFromGitHub -, fetchpatch , gettext , chromaprint , qt5 @@ -28,16 +27,22 @@ pythonPackages.buildPythonApplication rec { sha256 = "sha256-ukqlAXGaqX89U77cM9Ux0RYquT31Ho8ri1Ue7S3+MwQ="; }; - nativeBuildInputs = [ gettext qt5.wrapQtAppsHook qt5.qtbase ] - ++ lib.optionals (pyqt5.multimediaEnabled) [ - qt5.qtmultimedia.bin + nativeBuildInputs = [ + gettext + qt5.wrapQtAppsHook + ] ++ lib.optionals (pyqt5.multimediaEnabled) [ gst_all_1.gst-libav gst_all_1.gst-plugins-base gst_all_1.gst-plugins-good gst_all_1.gst-vaapi gst_all_1.gstreamer - ] - ; + ]; + buildInputs = [ + qt5.qtbase + qt5.qtwayland + ] ++ lib.optionals (pyqt5.multimediaEnabled) [ + qt5.qtmultimedia.bin + ]; propagatedBuildInputs = with pythonPackages; [ chromaprint From 43abbf53f8ef60ecf6cb5567ba38c8ba9c6ad6e2 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 07:33:15 +0000 Subject: [PATCH 57/69] httplib: 0.12.3 -> 0.12.4 --- pkgs/development/libraries/httplib/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/httplib/default.nix b/pkgs/development/libraries/httplib/default.nix index 9061cbbb15e6..c1eaab6d5046 100644 --- a/pkgs/development/libraries/httplib/default.nix +++ b/pkgs/development/libraries/httplib/default.nix @@ -7,13 +7,13 @@ stdenv.mkDerivation rec { pname = "httplib"; - version = "0.12.3"; + version = "0.12.4"; src = fetchFromGitHub { owner = "yhirose"; repo = "cpp-httplib"; rev = "v${version}"; - hash = "sha256-QHsa+Lmw9XTnwfyyY8b5I5PC8DFEIzwPvIdCwJWQz+I="; + hash = "sha256-tofgBLjVOuHgQW1iwOJER3VTj4L/uG0cBbaoXaKBWE0="; }; nativeBuildInputs = [ cmake ]; From 3ef1b8d27d58c2ffec7501174cecd3e54cc82902 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 07:34:24 +0000 Subject: [PATCH 58/69] prom2json: 1.3.2 -> 1.3.3 --- pkgs/servers/monitoring/prometheus/prom2json.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/monitoring/prometheus/prom2json.nix b/pkgs/servers/monitoring/prometheus/prom2json.nix index ade0f87c62f1..5778bdd589da 100644 --- a/pkgs/servers/monitoring/prometheus/prom2json.nix +++ b/pkgs/servers/monitoring/prometheus/prom2json.nix @@ -2,16 +2,16 @@ buildGoModule rec { pname = "prom2json"; - version = "1.3.2"; + version = "1.3.3"; src = fetchFromGitHub { rev = "v${version}"; owner = "prometheus"; repo = "prom2json"; - sha256 = "sha256-5RPpgUEFLecu0qRg7KSNLwdUEiXeebrGdP/udCtq4z0="; + sha256 = "sha256-VwJv2Y+YrlhLRx0lRPtHTzjvSz7GPfADCZibkQU6S1Y="; }; - vendorSha256 = "sha256-fPGkqrnl21as1xiT279qPzkz01tDNOSMcsm/DSNHDU0="; + vendorHash = "sha256-m9f3tCX21CMdcXcUcLFOxgs9oDR2Uaj5u22eJPDmpeE="; meta = with lib; { description = "Tool to scrape a Prometheus client and dump the result as JSON"; From 3dea44a74e7a123b4a9c26bf41a77e0191ddd582 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 08:01:05 +0000 Subject: [PATCH 59/69] gopsuinfo: 0.1.3 -> 0.1.4 --- pkgs/tools/system/gopsuinfo/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/system/gopsuinfo/default.nix b/pkgs/tools/system/gopsuinfo/default.nix index 77cee156d0ea..beaa9171ee17 100644 --- a/pkgs/tools/system/gopsuinfo/default.nix +++ b/pkgs/tools/system/gopsuinfo/default.nix @@ -5,13 +5,13 @@ buildGoModule rec { pname = "gopsuinfo"; - version = "0.1.3"; + version = "0.1.4"; src = fetchFromGitHub { owner = "nwg-piotr"; repo = "gopsuinfo"; rev = "v${version}"; - sha256 = "sha256-e+obIFbhjxsdnyJe3+sUpe9pK9eNTspxNH+Cvf4RBMQ="; + sha256 = "sha256-kivxuy0fdSfF5zAKiflTkYsb6jdeQ75Or7WmbadxsrY="; }; vendorHash = "sha256-S2ZHfrbEjPDweazwWbMbEMcMl/i+8Nru0G0e7RjOJMk="; From 896e70681ec0e11ba068d640d9707f3850b66d60 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 08:04:36 +0000 Subject: [PATCH 60/69] supabase-cli: 1.64.2 -> 1.64.8 --- pkgs/development/tools/supabase-cli/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/tools/supabase-cli/default.nix b/pkgs/development/tools/supabase-cli/default.nix index 54d3149b1d48..e12122ddb0c3 100644 --- a/pkgs/development/tools/supabase-cli/default.nix +++ b/pkgs/development/tools/supabase-cli/default.nix @@ -9,16 +9,16 @@ buildGoModule rec { pname = "supabase-cli"; - version = "1.64.2"; + version = "1.64.8"; src = fetchFromGitHub { owner = "supabase"; repo = "cli"; rev = "v${version}"; - sha256 = "sha256-xqH4twh65nOcB+IqqYjGRdbCYC7MZjAVKeIJARGTG3U="; + sha256 = "sha256-ueOOEiJ6NWwBaSarXWiAZLnNZg/1RM9Tej602selbC8="; }; - vendorSha256 = "sha256-sQ4lJKQaSUWlet3dEnD8bKLYtkEtdnLuGHVfqCTdFyg="; + vendorSha256 = "sha256-dNK8ZqV6Cr88BsGWQEU8uAzi+eOQh0IhKpKmjUbrViA="; ldflags = [ "-s" From b4995a61c7aba0f8718f9d871c24b7a6f5b66466 Mon Sep 17 00:00:00 2001 From: Weijia Wang <9713184+wegank@users.noreply.github.com> Date: Tue, 30 May 2023 11:04:59 +0300 Subject: [PATCH 61/69] powershell: 7.3.2 -> 7.3.4 --- pkgs/shells/powershell/default.nix | 22 ++++++++++++---------- pkgs/shells/powershell/getHashes.sh | 12 +++--------- 2 files changed, 15 insertions(+), 19 deletions(-) diff --git a/pkgs/shells/powershell/default.nix b/pkgs/shells/powershell/default.nix index ec0e36738329..2f7bc15c1b3c 100644 --- a/pkgs/shells/powershell/default.nix +++ b/pkgs/shells/powershell/default.nix @@ -1,4 +1,4 @@ -{ stdenv, lib, autoPatchelfHook, fetchzip, libunwind, libuuid, icu, curl +{ stdenv, lib, autoPatchelfHook, fetchurl, libunwind, libuuid, icu, curl , darwin, makeWrapper, less, openssl, pam, lttng-ust }: let archString = if stdenv.isAarch64 then "arm64" @@ -7,11 +7,12 @@ let archString = if stdenv.isAarch64 then "arm64" platformString = if stdenv.isDarwin then "osx" else if stdenv.isLinux then "linux" else throw "unsupported platform"; - platformSha = if (stdenv.isDarwin && stdenv.isx86_64) then "sha256-JKB7Oy+3KWtVo1Aqmc7vZiO88FrF9+8N/tdGlvIQolM=" - else if (stdenv.isDarwin && stdenv.isAarch64) then "sha256-9UwB1tT2VaW+favw/KWPziFMSRWcw7AqeeZvbaGOBqc=" - else if (stdenv.isLinux && stdenv.isx86_64) then "sha256-kAcT9av4PFZfYqpS0XwKC0IiquUcVtN30Mq649PUnSM=" - else if (stdenv.isLinux && stdenv.isAarch64) then "sha256-3Lm9WYVcfkEVfji/h52VqFy1Jo1AiSQ22JhEGiCPzzM=" - else throw "unsupported platform"; + platformHash = { + x86_64-darwin = "sha256-FX3OyVzwU+Ms2tgjpZ4dPdjeJx2H5541dQZAjhI3n1U="; + aarch64-darwin = "sha256-Dg7FRF5inRnzP6tjDhIgHTJ1J2EQXnegqimZPK574WQ="; + x86_64-linux = "sha256-6F1VROE6kk+LLEpdwtQ6vkbkZjP4no0TjTnAqurLmXY="; + aarch64-linux = "sha256-NO4E2TOUIYyUFJmi3zKJzOyP0/rTPTZgJZcebVNkSfk="; + }.${stdenv.hostPlatform.system} or (throw "unsupported platform"); platformLdLibraryPath = if stdenv.isDarwin then "DYLD_FALLBACK_LIBRARY_PATH" else if stdenv.isLinux then "LD_LIBRARY_PATH" else throw "unsupported platform"; @@ -20,14 +21,15 @@ let archString = if stdenv.isAarch64 then "arm64" in stdenv.mkDerivation rec { pname = "powershell"; - version = "7.3.2"; + version = "7.3.4"; - src = fetchzip { + src = fetchurl { url = "https://github.com/PowerShell/PowerShell/releases/download/v${version}/powershell-${version}-${platformString}-${archString}.tar.gz"; - sha256 = platformSha; - stripRoot = false; + hash = platformHash; }; + sourceRoot = "."; + strictDeps = true; buildInputs = [ less ] ++ libraries; nativeBuildInputs = [ makeWrapper ] diff --git a/pkgs/shells/powershell/getHashes.sh b/pkgs/shells/powershell/getHashes.sh index 727eabb3de89..785ab264ebcc 100755 --- a/pkgs/shells/powershell/getHashes.sh +++ b/pkgs/shells/powershell/getHashes.sh @@ -1,5 +1,5 @@ #!/usr/bin/env nix-shell -#!nix-shell -i bash -p bash wget coreutils gnutar nix +#!nix-shell -i bash -p bash wget coreutils nix version=$1 if [[ -z $version ]] @@ -11,9 +11,8 @@ fi allOutput="" dlDest=$(mktemp) -exDest=$(mktemp -d) -trap 'rm $dlDest; rm -r $exDest' EXIT +trap 'rm $dlDest' EXIT for plat in osx linux; do for arch in x64 arm64; do @@ -21,18 +20,13 @@ for plat in osx linux; do URL="https://github.com/PowerShell/PowerShell/releases/download/v$version/powershell-$version-$plat-$arch.tar.gz" wget $URL -O $dlDest >&2 - tar -xzf $dlDest -C $exDest >&2 - - hash=$(nix hash path $exDest) + hash=$(nix hash file $dlDest) allOutput+=" variant: $plat $arch hash: $hash " - rm -r $exDest - mkdir $exDest - done done From 3f6b022a4f74d3e6ca4981da67af5a2f3697870f Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 08:28:49 +0000 Subject: [PATCH 62/69] mongodb-compass: 1.36.4 -> 1.37.0 --- pkgs/tools/misc/mongodb-compass/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/mongodb-compass/default.nix b/pkgs/tools/misc/mongodb-compass/default.nix index 01c446dbbe45..a1b42d4e2934 100644 --- a/pkgs/tools/misc/mongodb-compass/default.nix +++ b/pkgs/tools/misc/mongodb-compass/default.nix @@ -33,7 +33,7 @@ xorg, }: let - version = "1.36.4"; + version = "1.37.0"; rpath = lib.makeLibraryPath [ alsa-lib @@ -82,7 +82,7 @@ let if stdenv.hostPlatform.system == "x86_64-linux" then fetchurl { url = "https://downloads.mongodb.com/compass/mongodb-compass_${version}_amd64.deb"; - sha256 = "sha256-GAg5zj2ETXdXVfVwNvf4VjRVEHePNWf28xMDsTyjiEs="; + sha256 = "sha256-SeglhwIKsxhmhA3rNcg6paSBwlB4a4Aiq9L2DFR9/d4="; } else throw "MongoDB compass is not supported on ${stdenv.hostPlatform.system}"; From f22a89cc93a0f0a349f5dbf99d9e6ed236d7a57e Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 08:41:44 +0000 Subject: [PATCH 63/69] asnmap: 1.0.3 -> 1.0.4 --- pkgs/tools/security/asnmap/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/asnmap/default.nix b/pkgs/tools/security/asnmap/default.nix index e327aa6c0757..2295d183ea84 100644 --- a/pkgs/tools/security/asnmap/default.nix +++ b/pkgs/tools/security/asnmap/default.nix @@ -5,16 +5,16 @@ buildGoModule rec { pname = "asnmap"; - version = "1.0.3"; + version = "1.0.4"; src = fetchFromGitHub { owner = "projectdiscovery"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-nkDa54+4bAMtQ/s/vn7x9hAt7p+ErKMOZ70MoH45CoM="; + hash = "sha256-J5Dn5eDzwj+ApwQ3ibTsMbwCobRAb1Cli+hbf74I9VQ="; }; - vendorHash = "sha256-owpu0oANYipso33HOwwSqL8G0VDT53B9HeLQA/GvmxU="; + vendorHash = "sha256-0vU7YWZKiqi3WsjSTNvtUiskIczADgfRRC7rwCx8ho4="; # Tests require network access doCheck = false; From 5cac5fa348ea38adad50da67fb872249ab842405 Mon Sep 17 00:00:00 2001 From: "R. Ryantm" Date: Tue, 30 May 2023 08:48:33 +0000 Subject: [PATCH 64/69] rathole: 0.4.7 -> 0.4.8 --- pkgs/tools/networking/rathole/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/networking/rathole/default.nix b/pkgs/tools/networking/rathole/default.nix index 65cd33eb2443..db1f2921917c 100644 --- a/pkgs/tools/networking/rathole/default.nix +++ b/pkgs/tools/networking/rathole/default.nix @@ -9,16 +9,16 @@ rustPlatform.buildRustPackage rec { pname = "rathole"; - version = "0.4.7"; + version = "0.4.8"; src = fetchFromGitHub { owner = "rapiz1"; repo = pname; rev = "refs/tags/v${version}"; - hash = "sha256-YauQg+P4Y8oO8Kn6FB3NxBI7PHoo/bjS38bM1lFeCH0="; + hash = "sha256-yqZPs0rp3LD7n4+JGa55gZ4xMcumy+oazrxCqpDzIfQ="; }; - cargoHash = "sha256-OcPmHqjW79SKMET6J5HIwmR5vESh+PJcQjSMsqmnIb8="; + cargoHash = "sha256-BZ6AgH/wnxrDLkyncR0pbayae9v5P7X7UnlJ48JR8sM="; nativeBuildInputs = [ pkg-config From 304940d98e80e398df28a5388dbc4868ff97661d Mon Sep 17 00:00:00 2001 From: zowoq <59103226+zowoq@users.noreply.github.com> Date: Sun, 28 May 2023 07:46:45 +1000 Subject: [PATCH 65/69] buildGoModule: format Co-authored-by: Yueh-Shun Li --- pkgs/build-support/go/module.nix | 92 ++++++++++++++++---------------- 1 file changed, 47 insertions(+), 45 deletions(-) diff --git a/pkgs/build-support/go/module.nix b/pkgs/build-support/go/module.nix index 2b63d9e9f533..2432ac3a4982 100644 --- a/pkgs/build-support/go/module.nix +++ b/pkgs/build-support/go/module.nix @@ -2,51 +2,52 @@ { name ? "${args'.pname}-${args'.version}" , src -, nativeBuildInputs ? [] -, passthru ? {} -, patches ? [] +, nativeBuildInputs ? [ ] +, passthru ? { } +, patches ? [ ] -# Go tags, passed to go via -tag -, tags ? [] + # Go tags, passed to go via -tag +, tags ? [ ] -# A function to override the go-modules derivation -, overrideModAttrs ? (_oldAttrs : {}) + # A function to override the go-modules derivation +, overrideModAttrs ? (_oldAttrs: { }) -# path to go.mod and go.sum directory + # path to go.mod and go.sum directory , modRoot ? "./" -# vendorHash is the SRI hash of the vendored dependencies -# -# if vendorHash is null, then we won't fetch any dependencies and -# rely on the vendor folder within the source. + # vendorHash is the SRI hash of the vendored dependencies + # + # if vendorHash is null, then we won't fetch any dependencies and + # rely on the vendor folder within the source. , vendorHash ? args'.vendorSha256 or (throw "buildGoModule: vendorHash is missing") -# Whether to delete the vendor folder supplied with the source. + # Whether to delete the vendor folder supplied with the source. , deleteVendor ? false -# Whether to fetch (go mod download) and proxy the vendor directory. -# This is useful if your code depends on c code and go mod tidy does not -# include the needed sources to build or if any dependency has case-insensitive -# conflicts which will produce platform dependant `vendorHash` checksums. + # Whether to fetch (go mod download) and proxy the vendor directory. + # This is useful if your code depends on c code and go mod tidy does not + # include the needed sources to build or if any dependency has case-insensitive + # conflicts which will produce platform dependant `vendorHash` checksums. , proxyVendor ? false -# We want parallel builds by default + # We want parallel builds by default , enableParallelBuilding ? true -# Do not enable this without good reason -# IE: programs coupled with the compiler + # Do not enable this without good reason + # IE: programs coupled with the compiler , allowGoReference ? false , CGO_ENABLED ? go.CGO_ENABLED -, meta ? {} +, meta ? { } -# Not needed with buildGoModule + # Not needed with buildGoModule , goPackagePath ? "" -# needed for buildFlags{,Array} warning + # needed for buildFlags{,Array} warning , buildFlags ? "" , buildFlagsArray ? "" -, ... }@args': +, ... +}@args': assert goPackagePath != "" -> throw "`goPackagePath` is not needed with `buildGoModule`"; assert (args' ? vendorHash && args' ? vendorSha256) -> throw "both `vendorHash` and `vendorSha256` set. only one can be set."; @@ -55,11 +56,10 @@ let args = removeAttrs args' [ "overrideModAttrs" "vendorSha256" "vendorHash" ]; go-modules = if (vendorHash == null) then "" else - (stdenv.mkDerivation { - + (stdenv.mkDerivation { name = "${name}-go-modules"; - nativeBuildInputs = (args.nativeBuildInputs or []) ++ [ go git cacert ]; + nativeBuildInputs = (args.nativeBuildInputs or [ ]) ++ [ go git cacert ]; inherit (args) src; inherit (go) GOOS GOARCH; @@ -69,8 +69,8 @@ let # out in the wild. In anycase, it's documented in: # doc/languages-frameworks/go.section.md prePatch = args.prePatch or ""; - patches = args.patches or []; - patchFlags = args.patchFlags or []; + patches = args.patches or [ ]; + patchFlags = args.patchFlags or [ ]; postPatch = args.postPatch or ""; preBuild = args.preBuild or ""; postBuild = args.modPostBuild or ""; @@ -79,7 +79,9 @@ let GO111MODULE = "on"; impureEnvVars = lib.fetchers.proxyImpureEnvVars ++ [ - "GIT_PROXY_COMMAND" "SOCKS_SERVER" "GOPROXY" + "GIT_PROXY_COMMAND" + "SOCKS_SERVER" + "GOPROXY" ]; configurePhase = args.modConfigurePhase or '' @@ -105,15 +107,15 @@ let exit 10 fi - ${if proxyVendor then '' - mkdir -p "''${GOPATH}/pkg/mod/cache/download" - go mod download - '' else '' - if (( "''${NIX_DEBUG:-0}" >= 1 )); then - goModVendorFlags+=(-v) - fi - go mod vendor "''${goModVendorFlags[@]}" - ''} + ${if proxyVendor then '' + mkdir -p "''${GOPATH}/pkg/mod/cache/download" + go mod download + '' else '' + if (( "''${NIX_DEBUG:-0}" >= 1 )); then + goModVendorFlags+=(-v) + fi + go mod vendor "''${goModVendorFlags[@]}" + ''} mkdir -p vendor @@ -123,12 +125,12 @@ let installPhase = args.modInstallPhase or '' runHook preInstall - ${if proxyVendor then '' - rm -rf "''${GOPATH}/pkg/mod/cache/download/sumdb" - cp -r --reflink=auto "''${GOPATH}/pkg/mod/cache/download" $out - '' else '' - cp -r --reflink=auto vendor $out - ''} + ${if proxyVendor then '' + rm -rf "''${GOPATH}/pkg/mod/cache/download/sumdb" + cp -r --reflink=auto "''${GOPATH}/pkg/mod/cache/download" $out + '' else '' + cp -r --reflink=auto vendor $out + ''} if ! [ "$(ls -A $out)" ]; then echo "vendor folder is empty, please set 'vendorHash = null;' in your expression" From afc0839bfd1a39b4071dcbfde259016096f79ee6 Mon Sep 17 00:00:00 2001 From: Heinz Deinhart Date: Tue, 30 May 2023 11:43:04 +0200 Subject: [PATCH 66/69] ddnet: 17.0.1 -> 17.0.2 https://ddnet.org/downloads/#17.0.2 --- pkgs/games/ddnet/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/games/ddnet/default.nix b/pkgs/games/ddnet/default.nix index c71219da3e04..ff1e9d43d53f 100644 --- a/pkgs/games/ddnet/default.nix +++ b/pkgs/games/ddnet/default.nix @@ -34,19 +34,19 @@ stdenv.mkDerivation rec { pname = "ddnet"; - version = "17.0.1"; + version = "17.0.2"; src = fetchFromGitHub { owner = "ddnet"; repo = pname; rev = version; - hash = "sha256-QN4hjUBQFDfyNm/f8TqgrexUAoNtGY4tKC0JcQBL8i0="; + hash = "sha256-+k+QiRSFvaGhifN/SKf6bKtooRbnArV2M9o64X5GckE="; }; cargoDeps = rustPlatform.fetchCargoTarball { name = "${pname}-${version}"; inherit src; - hash = "sha256-5Iwn8JSeOnAAXOt+QGcVx4b9WZ4Xe2aLjbiQUUnqJBQ="; + hash = "sha256-kbVHeavCIrLq9ImA2Z7H2O0NXNPjA+3qiba5LoADyG0="; }; nativeBuildInputs = [ From 5e64b96a12d3120d0336bdd09afdeeeacf0f44db Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Tue, 30 May 2023 01:38:54 +0200 Subject: [PATCH 67/69] rl-2305: alpha version for 23.05 This is an alpha version worked out by the release managers. Co-Authored-By: Martin Weinelt --- .../manual/release-notes/rl-2305.section.md | 480 +++++++++--------- 1 file changed, 235 insertions(+), 245 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2305.section.md b/nixos/doc/manual/release-notes/rl-2305.section.md index 770c65f9d10d..c2a4b69b8625 100644 --- a/nixos/doc/manual/release-notes/rl-2305.section.md +++ b/nixos/doc/manual/release-notes/rl-2305.section.md @@ -1,65 +1,80 @@ -# Release 23.05 (“Stoat”, 2023.05/??) {#sec-release-23.05} +# Release 23.05 (“Stoat”, 2023.05/31) {#sec-release-23.05} -Support is planned until the end of December 2023, handing over to 23.11. +The NixOS release team is happy to announce a new version of NixOS. The release is called NixOS 23.05 ("Stoat"). + +NixOS is a Linux distribution, whose set of packages can also be used on other Linux systems and macOS. + +Support is planned until the end of December 2023, handing over to NixOS 23.11. + +To upgrade to the latest release, follow the [upgrade chapter](https://nixos.org/manual/nixos/stable/index.html#sec-upgrading). ## Highlights {#sec-release-23.05-highlights} -In addition to numerous new and upgraded packages, this release has the following highlights: +In addition to numerous new and updated packages, this release has the following highlights: - +- The default Linux kernel has been updated from 5.15 to 6.1, all kernels version supported on are also available. -- Core version changes: +- systemd has been updated from v252 to v253, see [release notes](https://github.com/systemd/systemd/blob/main/NEWS#L21-L677) for more info. + - Updating with `nixos-rebuild boot` and `reboot` is recommended, since in some rare cases the `switch` into the new generation on a live system might fail due to missing mount units. - - default linux: 5.15 -\> 6.1, all supported kernels available +- The glibc has been updated from 2.35 to 2.37 - - systemd has been updated to v253.1, see [the pull request](https://github.com/NixOS/nixpkgs/pull/216826) for more info. - It's recommended to use `nixos-rebuild boot` and `reboot`, rather than `nixos-rebuild switch` - since in some rare cases - the switch of a live system might fail. - - - glibc: 2.35 -\> 2.37 - -- Cinnamon has been updated to 5.6, see [the pull request](https://github.com/NixOS/nixpkgs/pull/201328#issue-1449910204) for what is changed. - -- GNOME has been upgraded to version 44. Please see the [release notes](https://release.gnome.org/44/) for details. +- GNOME has been updated to version 44. Please see the [release notes](https://release.gnome.org/44/) for details. - KDE Plasma has been updated to v5.27, see [the release notes](https://kde.org/announcements/plasma/5/5.27.0/) for what is changed. -- Python implements [PEP 668](https://peps.python.org/pep-0668/), providing better feedback to users that try to run `pip install` system-wide. +- Cinnamon has been updated to 5.6, see [the pull request](https://github.com/NixOS/nixpkgs/pull/201328#issue-1449910204) for what is changed. -- `nixos-rebuild` now supports an extra `--specialisation` option that can be used to change specialisation for `switch` and `test` commands. +- `libxcrypt`, the library providing the `crypt(3)` password hashing function, is now built without support for algorithms not flagged [`strong`](https://github.com/besser82/libxcrypt/blob/v4.4.33/lib/hashes.conf#L48). This affects the availability of password hashing algorithms used for system login (`login(1)`, `passwd(1)`), but also Apache2 Basic-Auth, Samba, OpenLDAP, Dovecot, and [many other packages](https://sourcegraph.com/search?q=context:global+repo:%5Egithub%5C.com/NixOS/nixpkgs%24+libxcrypt&patternType=standard&sm=1&groupBy=path). -- `libxcrypt`, the library providing the `crypt(3)` password hashing function, is now built without support for algorithms not flagged [`strong`](https://github.com/besser82/libxcrypt/blob/v4.4.33/lib/hashes.conf#L48). This affects the availability of password hashing algorithms used for system login (`login(1)`, `passwd(1)`), but also Apache2 Basic-Auth, Samba, OpenLDAP, Dovecot, and [many other packages](https://github.com/search?q=repo%3ANixOS%2Fnixpkgs%20libxcrypt&type=code). +- NixOS now defaults to using [nsncd](https://github.com/twosigma/nsncd), a non-caching reimplementation of nscd in Rust, as its NSS lookup dispatcher. This replaces the buggy and deprecated nscd implementation provided through glibc. When you find problems, you can switch back by setting + ```nix + services.nscd.enableNsncd = false; + ``` + but please open an issue in nixpkgs, so your problem can be addressed. -- `boot.bootspec.enable` (internal option) is now enabled by default because [RFC-0125](https://github.com/NixOS/rfcs/pull/125) was merged. This means you will have a bootspec document called `boot.json` generated for each system and specialisation in the top-level. This is useful to enable advanced boot usecases in NixOS such as SecureBoot. +- Python implements [PEP 668](https://peps.python.org/pep-0668/), providing better feedback to users that try to run `pip install` for system-wide or user home installations. + +- There have been two changes to `nixos-rebuild`: + - Support for an extra `--specialisation` option was added that can be used to change specialisation for `switch` and `test` commands. + - The `--target-host` and `--build-host` options no longer treat the `localhost` value specially – to build on/deploy to a local machine, omit the relevant flag. + +- `boot.bootspec.enable` (internal option) is now enabled by default because [RFC 0125](https://github.com/NixOS/rfcs/pull/125) was merged. This means you will have a bootspec document called `boot.json` generated for each system and specialisation in the top-level. This is useful to enable advanced boot use cases in NixOS, such as Secure Boot. ## New Services {#sec-release-23.05-new-services} - - - [Akkoma](https://akkoma.social), an ActivityPub microblogging server. Available as [services.akkoma](options.html#opt-services.akkoma.enable). -- [Pixelfed](https://pixelfed.org/), an Instagram-like ActivityPub server. Available as [services.pixelfed](options.html#opt-services.pixelfed.enable). +- [alertmanager-irc-relay](https://github.com/google/alertmanager-irc-relay), a Prometheus Alertmanager IRC Relay. Available as [services.prometheus.alertmanagerIrcRelay](options.html#opt-services.prometheus.alertmanagerIrcRelay.enable). + +- [alice-lg](github.com/alice-lg/alice-lg), a looking-glass for BGP sessions. Available as [services.alice-lg](#opt-services.alice-lg.enable). + +- [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable). + +- [authelia](https://www.authelia.com/), an open-source authentication and authorization server. Available as [services.authelia](options.html#opt-services.authelia.enable). + +- [birdwatcher](github.com/alice-lg/birdwatcher), a small HTTP server meant to provide an API defined by Barry O'Donovan's birds-eye to the BIRD internet routing daemon. Available as [services.birdwatcher](#opt-services.birdwatcher.enable). - [blesh](https://github.com/akinomyoga/ble.sh), a line editor written in pure bash. Available as [programs.bash.blesh](#opt-programs.bash.blesh.enable). -- [webhook](https://github.com/adnanh/webhook), a lightweight webhook server. Available as [services.webhook](#opt-services.webhook.enable). +- [Budgie Desktop](https://github.com/BuddiesOfBudgie/budgie-desktop), a familiar, modern desktop environment. Available as [services.xserver.desktopManager.budgie](options.html#opt-services.xserver.desktopManager.budgie). -- [cups-pdf-to-pdf](https://github.com/alexivkin/CUPS-PDF-to-PDF), a pdf-generating cups backend based on [cups-pdf](https://www.cups-pdf.de/). Available as [services.printing.cups-pdf](#opt-services.printing.cups-pdf.enable). - -- [clash-verge](https://github.com/zzzgydi/clash-verge), A Clash GUI based on tauri. Available as [programs.clash-verge](#opt-programs.clash-verge.enable). +- [clash-verge](https://github.com/zzzgydi/clash-verge), a Clash GUI based on tauri. Available as [programs.clash-verge](#opt-programs.clash-verge.enable). - [Cloudlog](https://www.magicbug.co.uk/cloudlog/), a web-based Amateur Radio logging application. Available as [services.cloudlog](#opt-services.cloudlog.enable). +- [consul-template](https://github.com/hashicorp/consul-template/), a template renderer, notifier, and supervisor for HashiCorp Consul and Vault data. Available as [services.consul-template](#opt-services.consul-template.instances). + +- [cups-pdf-to-pdf](https://github.com/alexivkin/CUPS-PDF-to-PDF), a PDF-generating CUPS backend based on [cups-pdf](https://www.cups-pdf.de/). Available as [services.printing.cups-pdf](#opt-services.printing.cups-pdf.enable). + - [Deepin Desktop Environment](https://github.com/linuxdeepin/dde), an elegant, easy to use and reliable desktop environment. Available as [services.xserver.desktopManager.deepin](options.html#opt-services.xserver.desktopManager.deepin). -- [system-repart](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html), grow and add partitions to a partition table. Available as [systemd.repart](options.html#opt-systemd.repart) and [boot.initrd.systemd.repart](options.html#opt-boot.initrd.systemd.repart) +- [esphome](https://esphome.io), a dashboard to configure ESP8266/ESP32 devices for use with Home Automation systems. Available as [services.esphome](#opt-services.esphome.enable). - [frigate](https://frigate.video), an open source NVR built around real-time AI object detection. Available as [services.frigate](#opt-services.frigate.enable). - [fzf](https://github.com/junegunn/fzf), a command line fuzzyfinder. Available as [programs.fzf](#opt-programs.fzf.fuzzyCompletion). -- [readarr](https://github.com/Readarr/Readarr), Book Manager and Automation (Sonarr for Ebooks). Available as [services.readarr](options.html#opt-services.readarr.enable). - - [gemstash](https://github.com/rubygems/gemstash), a RubyGems.org cache and private gem server. Available as [services.gemstash](#opt-services.gemstash.enable). - [gitea-actions-runner](https://gitea.com/gitea/act_runner), a CI runner for Gitea/Forgejo Actions. Available as [services.gitea-actions-runner](#opt-services.gitea-actions-runner.instances). @@ -68,131 +83,122 @@ In addition to numerous new and upgraded packages, this release has the followin - [go2rtc](https://github.com/AlexxIT/go2rtc), a camera streaming appliation with support for RTSP, WebRTC, HomeKit, FFMPEG, RTMP and other protocols. Available as [services.go2rtc](options.html#opt-services.go2rtc.enable). -- [harmonia](https://github.com/nix-community/harmonia/), Nix binary cache implemented in rust using libnix-store. Available as [services.harmonia](options.html#opt-services.harmonia.enable). - -- [hyprland](https://github.com/hyprwm/hyprland), a dynamic tiling Wayland compositor that doesn't sacrifice on its looks. Available as [programs.hyprland](#opt-programs.hyprland.enable). - -- [minipro](https://gitlab.com/DavidGriffith/minipro/), an open source program for controlling the MiniPRO TL866xx series of chip programmers. Available as [programs.minipro](options.html#opt-programs.minipro.enable). - -- [stevenblack-blocklist](https://github.com/StevenBlack/hosts), A unified hosts file with base extensions for blocking unwanted websites. Available as [networking.stevenblack](options.html#opt-networking.stevenblack.enable). - -- [Budgie Desktop](https://github.com/BuddiesOfBudgie/budgie-desktop), a familiar, modern desktop environment. Available as [services.xserver.desktopManager.budgie](options.html#opt-services.xserver.desktopManager.budgie). - -- [imaginary](https://github.com/h2non/imaginary), a microservice for high-level image processing that Nextcloud can use to generate previews. Available as [services.imaginary](#opt-services.imaginary.enable). - -- [opensearch](https://opensearch.org), a search server alternative to Elasticsearch. Available as [services.opensearch](options.html#opt-services.opensearch.enable). - -- [kavita](https://kavitareader.com), a self-hosted digital library. Available as [services.kavita](options.html#opt-services.kavita.enable). - -- [monica](https://www.monicahq.com), an open source personal CRM. Available as [services.monica](options.html#opt-services.monica.enable). - -- [authelia](https://www.authelia.com/), is an open-source authentication and authorization server. Available under [services.authelia](options.html#opt-services.authelia.enable). - -- [goeland](https://github.com/slurdge/goeland), an alternative to rss2email written in golang with many filters. Available as [services.goeland](#opt-services.goeland.enable). - -- [alertmanager-irc-relay](https://github.com/google/alertmanager-irc-relay), a Prometheus Alertmanager IRC Relay. Available as [services.prometheus.alertmanagerIrcRelay](options.html#opt-services.prometheus.alertmanagerIrcRelay.enable). - -- [tts](https://github.com/coqui-ai/TTS), a battle-tested deep learning toolkit for Text-to-Speech. Multiple servers may be configured below [services.tts.servers](#opt-services.tts.servers). - -- [atuin](https://github.com/ellie/atuin), a sync server for shell history. Available as [services.atuin](#opt-services.atuin.enable). - -- [SFTPGo](https://github.com/drakkan/sftpgo), a fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. Available as [services.sftpgo](options.html#opt-services.sftpgo.enable). - -- [esphome](https://esphome.io), a dashboard to configure ESP8266/ESP32 devices for use with Home Automation systems. Available as [services.esphome](#opt-services.esphome.enable). - -- [networkd-dispatcher](https://gitlab.com/craftyguy/networkd-dispatcher), a dispatcher service for systemd-networkd connection status changes. Available as [services.networkd-dispatcher](#opt-services.networkd-dispatcher.enable). +- [goeland](https://github.com/slurdge/goeland), an alternative to rss2email written in Golang with many filters. Available as [services.goeland](#opt-services.goeland.enable). - [gonic](https://github.com/sentriz/gonic), a Subsonic music streaming server. Available as [services.gonic](#opt-services.gonic.enable). -- [mmsd](https://gitlab.com/kop316/mmsd), a lower level daemon that transmits and receives MMSes. Available as [services.mmsd](#opt-services.mmsd.enable). +- [hardware.ipu6](#opt-hardware.ipu6.enable), drivers for IPU6 based webcams on Intel Tiger Lake and Alder Lake. -- [QDMR](https://dm3mat.darc.de/qdmr/), a GUI application and command line tool for programming DMR radios [programs.qdmr](#opt-programs.qdmr.enable) +- [harmonia](https://github.com/nix-community/harmonia/), a Nix binary cache implemented in Rust using [libnixstore](https://docs.rs/libnixstore/latest/libnixstore/). Available as [services.harmonia](options.html#opt-services.harmonia.enable). -- [keyd](https://github.com/rvaiya/keyd), a key remapping daemon for linux. Available as [services.keyd](#opt-services.keyd.enable). +- [hyprland](https://github.com/hyprwm/hyprland), a dynamic tiling Wayland compositor that doesn't sacrifice on its looks. Available as [programs.hyprland](#opt-programs.hyprland.enable). -- [consul-template](https://github.com/hashicorp/consul-template/), a template rendering, notifier, and supervisor for HashiCorp Consul and Vault data. Available as [services.consul-template](#opt-services.consul-template.instances). - -- [vault-agent](https://developer.hashicorp.com/vault/docs/agent), a template rendering and API auth proxy for HashiCorp Vault, similar to `consul-template`. Available as [services.vault-agent](#opt-services.vault-agent.instances). - -- [trippy](https://github.com/fujiapple852/trippy), a network diagnostic tool. Available as [programs.trippy](#opt-programs.trippy.enable). - -- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable). - -- [rshim](https://github.com/Mellanox/rshim-user-space), the user-space rshim driver for the BlueField SoC. Available as [services.rshim](options.html#opt-services.rshim.enable). - -- [wstunnel](https://github.com/erebe/wstunnel), a proxy tunnelling arbitrary TCP or UDP traffic through a WebSocket connection. Instances may be configured via [services.wstunnel](options.html#opt-services.wstunnel.enable). - -- [ulogd](https://www.netfilter.org/projects/ulogd/index.html), a userspace logging daemon for netfilter/iptables related logging. Available as [services.ulogd](options.html#opt-services.ulogd.enable). - -- [PufferPanel](https://pufferpanel.com), game server management panel designed to be easy to use. Available as [services.pufferpanel](#opt-services.pufferpanel.enable). - -- [jellyseerr](https://github.com/Fallenbagel/jellyseerr), a web-based requests manager for Jellyfin, forked from Overseerr. Available as [services.jellyseerr](#opt-services.jellyseerr.enable). - -- [stargazer](https://sr.ht/~zethra/stargazer/), a fast and easy to use Gemini server. Available as [services.stargazer](#opt-services.stargazer.enable). - -- [sniffnet](https://github.com/GyulyVGC/sniffnet), an application to monitor your network traffic. Available as [programs.sniffnet](#opt-programs.sniffnet.enable). - -- [photoprism](https://photoprism.app/), a AI-Powered Photos App for the Decentralized Web. Available as [services.photoprism](options.html#opt-services.photoprism.enable). - -- [alice-lg](github.com/alice-lg/alice-lg), a looking-glass for BGP sessions. Available as [services.alice-lg](#opt-services.alice-lg.enable). - -- [birdwatcher](github.com/alice-lg/birdwatcher), a small HTTP server meant to provide an API defined by Barry O'Donovan's birds-eye to the BIRD internet routing daemon. Available as [services.birdwatcher](#opt-services.birdwatcher.enable). - -- [peroxide](https://github.com/ljanyst/peroxide), a fork of the official [ProtonMail bridge](https://github.com/ProtonMail/proton-bridge) that aims to be similar to [Hydroxide](https://github.com/emersion/hydroxide). Available as [services.peroxide](#opt-services.peroxide.enable). - -- [autosuspend](https://github.com/languitar/autosuspend), a python daemon that suspends a system if certain conditions are met, or not met. - -- [sharing](https://github.com/parvardegr/sharing), a command-line tool to share directories and files from the CLI to iOS and Android devices without the need of an extra client app. Available as [programs.sharing](#opt-programs.sharing.enable). - -- [nimdow](https://github.com/avahe-kellenberger/nimdow), a window manager written in Nim, inspired by dwm. - -- [trurl](https://github.com/curl/trurl), a command line tool for URL parsing and manipulation. - -- [wgautomesh](https://git.deuxfleurs.fr/Deuxfleurs/wgautomesh), a simple utility to help connect wireguard nodes together in a full mesh topology. Available as [services.wgautomesh](options.html#opt-services.wgautomesh.enable). - -- [woodpecker-agents](https://woodpecker-ci.org/), a simple CI engine with great extensibility. Available as [services.woodpecker-agents](#opt-services.woodpecker-agents.agents._name_.enable). - -- [woodpecker-server](https://woodpecker-ci.org/), a simple CI engine with great extensibility. Available as [services.woodpecker-server](#opt-services.woodpecker-server.enable). - -- [lldap](https://github.com/lldap/lldap), a lightweight authentication server that provides an opinionated, simplified LDAP interface for authentication. Available as [services.lldap](#opt-services.lldap.enable). - -- [ReGreet](https://github.com/rharish101/ReGreet), a clean and customizable greeter for greetd. Available as [programs.regreet](#opt-programs.regreet.enable). - -- [v4l2-relayd](https://git.launchpad.net/v4l2-relayd), a streaming relay for v4l2loopback using gstreamer. Available as [services.v4l2-relayd](#opt-services.v4l2-relayd.instances._name_.enable). - -- [hardware.ipu6](#opt-hardware.ipu6.enable) adds support for ipu6 based webcams on intel tiger lake and alder lake. +- [imaginary](https://github.com/h2non/imaginary), a microservice for high-level image processing that Nextcloud can use to generate previews. Available as [services.imaginary](#opt-services.imaginary.enable). - [ivpn](https://www.ivpn.net/), a secure, private VPN with fast WireGuard connections. Available as [services.ivpn](#opt-services.ivpn.enable). +- [jellyseerr](https://github.com/Fallenbagel/jellyseerr), a web-based requests manager for Jellyfin, forked from Overseerr. Available as [services.jellyseerr](#opt-services.jellyseerr.enable). + +- [kavita](https://kavitareader.com), a self-hosted digital library. Available as [services.kavita](options.html#opt-services.kavita.enable). + +- [keyd](https://github.com/rvaiya/keyd), a key remapping daemon for Linux. Available as [services.keyd](#opt-services.keyd.enable). + +- [lldap](https://github.com/lldap/lldap), a lightweight authentication server that provides an opinionated, simplified LDAP interface for authentication. Available as [services.lldap](#opt-services.lldap.enable). + +- [minipro](https://gitlab.com/DavidGriffith/minipro/), an open source program for controlling the MiniPRO TL866xx series of chip programmers. Available as [programs.minipro](options.html#opt-programs.minipro.enable). + +- [mmsd](https://gitlab.com/kop316/mmsd), a lower level daemon that transmits and receives MMSes. Available as [services.mmsd](#opt-services.mmsd.enable). + +- [monica](https://www.monicahq.com), an open source personal CRM. Available as [services.monica](options.html#opt-services.monica.enable). + +- [networkd-dispatcher](https://gitlab.com/craftyguy/networkd-dispatcher), a dispatcher service for systemd-networkd connection status changes. Available as [services.networkd-dispatcher](#opt-services.networkd-dispatcher.enable). + +- [nimdow](https://github.com/avahe-kellenberger/nimdow), a window manager written in Nim, inspired by dwm. Available as [services.xserver.windowManager.nimdow.enable](options.html#opt-services.xserver.windowManager.nimdow.enable). + +- [opensearch](https://opensearch.org), a search server alternative to Elasticsearch. Available as [services.opensearch](options.html#opt-services.opensearch.enable). + - [openvscode-server](https://github.com/gitpod-io/openvscode-server), run VS Code on a remote machine with access through a modern web browser from any device, anywhere. Available as [services.openvscode-server](#opt-services.openvscode-server.enable). +- [peroxide](https://github.com/ljanyst/peroxide), a fork of the official [ProtonMail bridge](https://github.com/ProtonMail/proton-bridge) that aims to be similar to [Hydroxide](https://github.com/emersion/hydroxide). Available as [services.peroxide](#opt-services.peroxide.enable). + +- [photoprism](https://photoprism.app/), a AI-powered photos app for the decentralized web. Available as [services.photoprism](options.html#opt-services.photoprism.enable). + +- [Pixelfed](https://pixelfed.org/), an Instagram-like ActivityPub server. Available as [services.pixelfed](options.html#opt-services.pixelfed.enable). + +- [PufferPanel](https://pufferpanel.com), a game server management panel designed to be easy to use. Available as [services.pufferpanel](#opt-services.pufferpanel.enable). + +- [QDMR](https://dm3mat.darc.de/qdmr/), a GUI application and command line tool for programming DMR radios [programs.qdmr](#opt-programs.qdmr.enable). + +- [readarr](https://github.com/Readarr/Readarr), book manager and automation (Sonarr for ebooks). Available as [services.readarr](options.html#opt-services.readarr.enable). + +- [ReGreet](https://github.com/rharish101/ReGreet), a clean and customizable greeter for greetd. Available as [programs.regreet](#opt-programs.regreet.enable). + +- [rshim](https://github.com/Mellanox/rshim-user-space), the user-space rshim driver for the BlueField SoC. Available as [services.rshim](options.html#opt-services.rshim.enable). + +- [SFTPGo](https://github.com/drakkan/sftpgo), a fully featured and highly configurable SFTP server with optional HTTP/S, FTP/S and WebDAV support. Available as [services.sftpgo](options.html#opt-services.sftpgo.enable). + +- [sharing](https://github.com/parvardegr/sharing), a command-line tool to share directories and files from the CLI to iOS and Android devices without the need of an extra client app. Available as [programs.sharing](#opt-programs.sharing.enable). + +- [sniffnet](https://github.com/GyulyVGC/sniffnet), an application to monitor your network traffic. Available as [programs.sniffnet](#opt-programs.sniffnet.enable). + +- [stargazer](https://sr.ht/~zethra/stargazer/), a fast and easy to use Gemini server. Available as [services.stargazer](#opt-services.stargazer.enable). + +- [stevenblack-blocklist](https://github.com/StevenBlack/hosts), a unified hosts file with base extensions for blocking unwanted websites. Available as [networking.stevenblack](options.html#opt-networking.stevenblack.enable). + +- [systemd-repart](https://www.freedesktop.org/software/systemd/man/systemd-repart.service.html), grow and add partitions to a partition table. Available as [systemd.repart](options.html#opt-systemd.repart) and [boot.initrd.systemd.repart](options.html#opt-boot.initrd.systemd.repart) + +- [trippy](https://github.com/fujiapple852/trippy), a network diagnostic tool. Available as [programs.trippy](#opt-programs.trippy.enable). + +- [tts](https://github.com/coqui-ai/TTS), a battle-tested deep learning toolkit for Text-to-Speech. Multiple servers may be configured below [services.tts.servers](#opt-services.tts.servers). + +- [ulogd](https://www.netfilter.org/projects/ulogd/index.html), a userspace logging daemon for netfilter/iptables related logging. Available as [services.ulogd](options.html#opt-services.ulogd.enable). + +- [v2rayA](https://v2raya.org), a Linux web GUI client of Project V which supports V2Ray, Xray, SS, SSR, Trojan and Pingtunnel. Available as [services.v2raya](options.html#opt-services.v2raya.enable). + +- [v4l2-relayd](https://git.launchpad.net/v4l2-relayd), a streaming relay for v4l2loopback using gstreamer. Available as [services.v4l2-relayd](#opt-services.v4l2-relayd.instances._name_.enable). + +- [vault-agent](https://developer.hashicorp.com/vault/docs/agent), a template renderer and API auth proxy for HashiCorp Vault, similar to `consul-template`. Available as [services.vault-agent](#opt-services.vault-agent.instances). + +- [webhook](https://github.com/adnanh/webhook), a lightweight webhook server. Available as [services.webhook](#opt-services.webhook.enable). + +- [wgautomesh](https://git.deuxfleurs.fr/Deuxfleurs/wgautomesh), a simple utility to help connect wireguard nodes together in a full mesh topology. Available as [services.wgautomesh](options.html#opt-services.wgautomesh.enable). + +- [woodpecker](https://woodpecker-ci.org/), a simple CI engine with great extensibility. Available as [services.woodpecker-server](#opt-services.woodpecker-server.enable) and [services.woodpecker-agents](#opt-services.woodpecker-agents.agents._name_.enable). + +- [wstunnel](https://github.com/erebe/wstunnel), a proxy tunnelling arbitrary TCP or UDP traffic through a WebSocket connection. Instances may be configured via [services.wstunnel](options.html#opt-services.wstunnel.enable). + ## Backward Incompatibilities {#sec-release-23.05-incompatibilities} - - -- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead. - - `services.asusd` configuration now uses strings instead of structured configuration, as upstream switched to the [RON](https://github.com/ron-rs/ron) configuration format. Support for structured configuration may return when [RON](https://github.com/ron-rs/ron) generation is implemented in nixpkgs. -- `checkInputs` have been renamed to `nativeCheckInputs`, because they behave the same as `nativeBuildInputs` when `doCheck` is set. `checkInputs` now denote a new type of dependencies, added to `buildInputs` when `doCheck` is set. As a rule of thumb, `nativeCheckInputs` are tools on `$PATH` used during the tests, and `checkInputs` are libraries which are linked to executables built as part of the tests. Similarly, `installCheckInputs` are renamed to `nativeInstallCheckInputs`, corresponding to `nativeBuildInputs`, and `installCheckInputs` are a new type of dependencies added to `buildInputs` when `doInstallCheck` is set. (Note that this change will not cause breakage to derivations with `strictDeps` unset, which are most packages except python, rust, ocaml and go packages). - -- `buildDunePackage` now defaults to `strictDeps = true` which means that any library should go into `buildInputs` or `checkInputs`. Any executable that is run on the building machine should go into `nativeBuildInputs` or `nativeCheckInputs` respectively. Example of executables are `ocaml`, `findlib` and `menhir`. PPXs are libraries which are built by dune and should therefore not go into `nativeBuildInputs`. - - `borgbackup` module now has an option for inhibiting system sleep while backups are running, defaulting to off (not inhibiting sleep), available as [`services.borgbackup.jobs..inhibitsSleep`](#opt-services.borgbackup.jobs._name_.inhibitsSleep). -- The `ssh` client tool now disables the `~C` escape sequence by default. This can be re-enabled by setting `EnableEscapeCommandline yes` +- The `openssh` client now comes with the `~C` escape sequence disabled by default. It can be re-enabled by setting `EnableEscapeCommandline yes` + +- The `programs.ssh` client module does not read `/etc/ssh/ssh_known_hosts2` anymore, since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2). + +- The `services.openssh` server module does not read `~/.ssh/authorized_keys2` anymore, since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2). + +- MAC-then-encrypt algorithms were removed from the default selection of `services.openssh.settings.Macs`. If you still require these [MACs](https://en.wikipedia.org/wiki/Message_authentication_code), for example when you are relying on libssh2 (e.g. VLC) or the SSH library shipped on the iPhone, you can re-add them like this: + + ```nix + services.openssh.settings.Macs = [ + "hmac-sha2-512" + "hmac-sha2-256" + "umac-128@openssh.com" + }; + ``` - Many `services.syncthing` options have been moved to `services.syncthing.settings`, as part of [RFC 42](https://github.com/NixOS/rfcs/pull/42)'s implementation, see [#226088](https://github.com/NixOS/nixpkgs/pull/226088). -- The `ssh` module does not read `/etc/ssh/ssh_known_hosts2` anymore since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2). - -- The openssh module does not read `~/.ssh/authorized_keys2` anymore since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2). - - `podman` now uses the `netavark` network stack. Users will need to delete all of their local containers, images, volumes, etc, by running `podman system reset --force` once before upgrading their systems. - `git-bug` has been updated to at least version 0.8.0, which includes backwards incompatible changes. The `git-bug-migration` package can be used to upgrade existing repositories. -- `graylog` has been updated to version 5, which can not be upgraded directly from the previously packaged version 3.3. If you had installed the previously packaged version 3.3, please follow the [upgrade path](https://go2docs.graylog.org/5-0/upgrading_graylog/upgrade_path.htm) from 3.3 to 4.0 to 4.3 to 5.0. +- `graylog` has been updated to version 5, which can not be updated directly from the previously packaged version 3.3. If you had installed the previously packaged version 3.3, please follow the [upgrade path](https://go2docs.graylog.org/5-0/upgrading_graylog/upgrade_path.htm) from 3.3 to 4.0 to 4.3 to 5.0. + +- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChrootenv` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. + - `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChrootenv` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. @@ -202,16 +208,16 @@ In addition to numerous new and upgraded packages, this release has the followin - `keepassx` and `keepassx2` have been removed, due to upstream [stopping development](https://www.keepassx.org/index.html%3Fp=636.html). Consider [KeePassXC](https://keepassxc.org) as a maintained alternative. -- The [services.kubo.settings](#opt-services.kubo.settings) option is now no longer stateful. If you changed any of the options in [services.kubo.settings](#opt-services.kubo.settings) in the past and then removed them from your NixOS configuration again, those changes are still in your Kubo configuration file but will now be reset to the default. If you're unsure, you may want to make a backup of your configuration file (probably /var/lib/ipfs/config) and compare after the update. +- The [services.kubo.settings](#opt-services.kubo.settings) option is now no longer stateful. If you changed any of the options in [services.kubo.settings](#opt-services.kubo.settings) in the past and then removed them from your NixOS configuration again, those changes are still in your Kubo configuration file but will now be reset to the default. If you're unsure, you may want to make a backup of your configuration file (probably `/var/lib/ipfs/config`) and compare after the update. - The Kubo HTTP API will no longer listen on localhost and will instead only listen on a Unix domain socket by default. Read the [services.kubo.settings.Addresses.API](#opt-services.kubo.settings.Addresses.API) option description for more information. - The EC2 image module no longer fetches instance metadata in stage-1. This results in a significantly smaller initramfs, since network drivers no longer need to be included, and faster boots, since metadata fetching can happen in parallel with startup of other services. This breaks services which rely on metadata being present by the time stage-2 is entered. Anything which reads EC2 metadata from `/etc/ec2-metadata` should now have an `after` dependency on `fetch-ec2-metadata.service` -- The mailman service now defaults to using a randomly generated REST API password instead of a hardcoded one. +- The mailman service now defaults to using a randomly generated REST API password instead of a hard-coded one. -- `minio` removed support for its legacy filesystem backend in [RELEASE.2022-10-29T06-21-33Z](https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z). This means if your storage was created with the old format, minio will no longer start. Unfortunately minio doesn't provide a an automatic migration, they only provide [instructions how to manually convert the node](https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html). To facilitate this migration we keep around the last version that still supports the old filesystem backend as `minio_legacy_fs`. Use it via `services.minio.package = minio_legacy_fs;` to export your data before switching to the new version. See the corresponding [issue](https://github.com/NixOS/nixpkgs/issues/199318) for more details. +- `minio` removed support for its legacy filesystem backend in [RELEASE.2022-10-29T06-21-33Z](https://github.com/minio/minio/releases/tag/RELEASE.2022-10-29T06-21-33Z). This means if your storage was created with the old format, minio will no longer start. Unfortunately, minio doesn't provide an automatic migration, they only provide [instructions how to manually convert the node](https://min.io/docs/minio/windows/operations/install-deploy-manage/migrate-fs-gateway.html). To facilitate this migration, we keep around the last version that still supports the old filesystem backend as `minio_legacy_fs`. Use it via `services.minio.package = minio_legacy_fs;` to export your data before switching to the new version. See the corresponding [issue](https://github.com/NixOS/nixpkgs/issues/199318) for more details. - `services.sourcehut.dispatch` and the corresponding package (`sourcehut.dispatchsrht`) have been removed due to [upstream deprecation](https://sourcehut.org/blog/2022-08-01-dispatch-deprecation-plans/). @@ -235,15 +241,20 @@ In addition to numerous new and upgraded packages, this release has the followin }; ``` -- The [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall. +- The default module options for [services.snapserver.openFirewall](#opt-services.snapserver.openFirewall), [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) and [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) have been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall. -- The [services.tmate-ssh-server.openFirewall](#opt-services.tmate-ssh-server.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall. +- The option `i18n.inputMethod.fcitx5.enableRimeData` has been removed. Default RIME data is now included in `fcitx5-rime` by default, and can be customized using -- The [services.unifi-video.openFirewall](#opt-services.unifi-video.openFirewall) module option default value has been changed from `true` to `false`. You will need to explicitly set this option to `true`, or configure your firewall. + ```nix + fcitx5-rime.override { + rimeDataPkgs = [ + pkgs.rime-data + # ... + ]; + } + ``` -- The option `i18n.inputMethod.fcitx5.enableRimeData` has been removed. Default RIME data is now included in `fcitx5-rime` by default, and can be customized using `fcitx5-rime.override { rimeDataPkgs = [ pkgs.rime-data, package2, ... ]; }` - -- The udev hwdb.bin file is now built with systemd-hwdb rather than the [deprecated "udevadm hwdb"](https://github.com/systemd/systemd/pull/25714). This may impact mappings where the same key is defined in multiple matching entries. The updated behavior will select the latest definition in case of conflict. In general, this should be a positive change, as the hwdb source files are designed with this ordering in mind. As an example, the mapping of the HP Dev One keyboard scan code for "mute mic" is corrected by this update. This change may impact users who have worked-around previously incorrect mappings. +- The `udev` hwdb.bin file is now built with systemd-hwdb rather than the [deprecated "udevadm hwdb"](https://github.com/systemd/systemd/pull/25714). This may impact mappings where the same key is defined in multiple matching entries. The updated behavior will select the latest definition in case of conflict. In general, this should be a positive change, as the hwdb source files are designed with this ordering in mind. As an example, the mapping of the HP Dev One keyboard scan code for "mute mic" is corrected by this update. This change may impact users who have worked-around previously incorrect mappings. - Kime has been updated from 2.5.6 to 3.0.2 and the `i18n.inputMethod.kime.config` option has been removed. Users should use `daemonModules`, `iconColor`, and `extraConfig` options under `i18n.inputMethod.kime` instead. @@ -251,28 +262,22 @@ In addition to numerous new and upgraded packages, this release has the followin - `i3status-rust` has been updated from 0.22.0 to 0.30.5, and this brings many changes to its configuration format. Additional information can be found [here](https://github.com/greshake/i3status-rust/blob/v0.30.0/NEWS.md). -- The `wordpress` derivation no longer contains any builtin plugins or themes. If you need them you have to add them back to prevent your site from breaking. You can find them in `wordpressPackages.{plugins,themes}`. +- The `wordpress` derivation no longer contains any built-in plugins or themes. If you need them, you have to add them back to prevent your site from breaking. You can find them in `wordpressPackages.{plugins,themes}`. - `llvmPackages_rocm.llvm` will not contain `clang` or `compiler-rt`. `llvmPackages_rocm.clang` will not contain `llvm`. `llvmPackages_rocm.clangNoCompilerRt` has been removed in favor of using `llvmPackages_rocm.clang-unwrapped`. -- `services.xserver.desktopManager.plasma5.excludePackages` has been moved to `environment.plasma5.excludePackages`, for consistency with other Desktop Environments +- `services.xserver.desktopManager.plasma5.excludePackages` has been moved to `environment.plasma5.excludePackages`, for consistency with other Desktop Environments. + +- `teleport` has been updated from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version at a time. If you're running Teleport server components, it is recommended to first upgrade to an intermediate 11.x version by setting `services.teleport.package = pkgs.teleport_11`. Afterwards, this option can be removed to upgrade to the default version (12). - The EC2 image module previously detected and automatically mounted ext3-formatted instance store devices and partitions in stage-1 (initramfs), storing `/tmp` on the first discovered device. This behaviour, which only catered to very specific use cases and could not be disabled, has been removed. Users relying on this should provide their own implementation, and probably use ext4 and perform the mount in stage-2. -- `teleport` has been upgraded from major version 10 to major version 12. Please see upstream [upgrade instructions](https://goteleport.com/docs/setup/operations/upgrading/) and release notes for versions [11](https://goteleport.com/docs/changelog/#1100) and [12](https://goteleport.com/docs/changelog/#1201). Note that Teleport does not officially support upgrades across more than one major version at a time. If you're running Teleport server components, it is recommended to first upgrade to an intermediate 11.x version by setting `services.teleport.package = pkgs.teleport_11`. Afterwards, this option can be removed to upgrade to the default version (12). - - The EC2 image module previously detected and activated swap-formatted instance store devices and partitions in stage-1 (initramfs). This behaviour has been removed. Users relying on this should provide their own implementation. - `fail2ban` has been updated to 1.0.2, which has a few breaking changes compared to 0.11.2 ([changelog for 1.0.1](https://github.com/fail2ban/fail2ban/blob/1.0.1/ChangeLog), [changelog for 1.0.2](https://github.com/fail2ban/fail2ban/blob/1.0.2/ChangeLog)) - `albert` has been updated from 0.17.6 to 0.20.13, and 0.18.0 changed the config format and many plugins ([changelog for 0.18.0](https://github.com/albertlauncher/albert/blob/v0.18.0/CHANGELOG.md)) -- Calling `makeSetupHook` without passing a `name` argument is deprecated. - -- Top-level buildPlatform,hostPlatform,targetPlatform have been deprecated, use stdenv.X instead. - -- `lib.systems.examples.ghcjs` and consequently `pkgsCross.ghcjs` now use the target triplet `javascript-unknown-ghcjs` instead of `js-unknown-ghcjs`. This has been done to match an [upstream decision](https://gitlab.haskell.org/ghc/ghc/-/commit/6636b670233522f01d002c9b97827d00289dbf5c) to follow Cabal's platform naming more closely. Nixpkgs will also reject `js` as an architecture name. - - `dokuwiki` has been updated from 2023-07-31a (Igor) to 2023-04-04 (Jack Jackrum), which has [completely removed](https://www.dokuwiki.org/changes#release_2023-04-04_jack_jackrum) the options to embed HTML and PHP for security reasons. The [htmlok plugin](https://www.dokuwiki.org/plugin:htmlok) can be used to regain this functionality. - The old unsupported version 6.x of the ELK-stack and Elastic beats have been removed. Use OpenSearch instead. @@ -283,10 +288,6 @@ In addition to numerous new and upgraded packages, this release has the followin - The [services.wordpress.sites.<name>.plugins](#opt-services.wordpress.sites._name_.plugins) and [services.wordpress.sites.<name>.themes](#opt-services.wordpress.sites._name_.themes) options have been converted from sets to attribute sets to allow for consumers to specify explicit install paths via attribute name. -- [`services.nextcloud.database.createLocally`](#opt-services.nextcloud.database.createLocally) now uses socket authentication and is no longer compatible with password authentication. - - If you want the module to manage the database for you, unset [`services.nextcloud.config.dbpassFile`](#opt-services.nextcloud.config.dbpassFile) (and [`services.nextcloud.config.dbhost`](#opt-services.nextcloud.config.dbhost), if it's set). - - If you want to use password authentication **and** create the database locally, you will have to use [`services.mysql`](#opt-services.mysql.enable) to set it up. - - `protonmail-bridge` package has been updated to major version 3. - Nebula now runs as a system user and group created for each nebula network, using the `CAP_NET_ADMIN` ambient capability on launch rather than starting as root. Ensure that any files each Nebula instance needs to access are owned by the correct user and group, by default `nebula-${networkName}`. @@ -295,12 +296,8 @@ In addition to numerous new and upgraded packages, this release has the followin - In `mastodon` it is now necessary to specify location of file with `PostgreSQL` database password. In `services.mastodon.database.passwordFile` parameter default value `/var/lib/mastodon/secrets/db-password` has been changed to `null`. -- The `--target-host` and `--build-host` options of `nixos-rebuild` no longer treat the `localhost` value specially – to build on/deploy to local machine, omit the relevant flag. - - The `nix.readOnlyStore` option has been renamed to `boot.readOnlyNixStore` to clarify that it configures the NixOS boot process, not the Nix daemon. -- Deprecated `xlibsWrapper` transitional package has been removed in favour of direct use of its constituents: `xorg.libX11`, `freetype` and others. - - The latest available version of Nextcloud is v26 (available as `pkgs.nextcloud26`) which uses PHP 8.2 as interpreter by default. The installation logic is as follows: - If `system.stateVersion` is >=23.05, `pkgs.nextcloud26` will be installed by default. - If `system.stateVersion` is >=22.11, `pkgs.nextcloud25` will be installed by default. @@ -314,7 +311,7 @@ In addition to numerous new and upgraded packages, this release has the followin [upstream's release notes](https://github.com/iputils/iputils/releases/tag/20221126) for more details and available replacements. -- The ppp plugin `rp-pppoe.so` has been renamed to `pppoe.so` in ppp 2.4.9. Starting from ppp 2.5.0, there is no longer a alias for backwards compatibility. Configurations that use this plugin must be updated accordingly from `plugin rp-pppoe.so` to `plugin pppoe.so`. See [upstream change](https://github.com/ppp-project/ppp/commit/610a7bd76eb1f99f22317541b35001b1e24877ed). +- The ppp plugin `rp-pppoe.so` has been renamed to `pppoe.so` in ppp 2.4.9. Starting from ppp 2.5.0, there is no longer an alias for backwards compatibility. Configurations that use this plugin must be updated accordingly from `plugin rp-pppoe.so` to `plugin pppoe.so`. See [upstream change](https://github.com/ppp-project/ppp/commit/610a7bd76eb1f99f22317541b35001b1e24877ed). - [services.xserver.videoDrivers](options.html#opt-services.xserver.videoDrivers) now defaults to the `modesetting` driver over device-specific ones. The `radeon`, `amdgpu` and `nouveau` drivers are still available, but effectively unmaintained and not recommended for use. @@ -357,14 +354,6 @@ In addition to numerous new and upgraded packages, this release has the followin -- `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are _customizable_ (in the sense of user configuration, like vimrc). - -- Pantheon now defaults to Mutter 43 and GNOME settings daemon 43, all Pantheon packages are now tracking elementary OS 7 updates. - -- The module for the application firewall `opensnitch` got the ability to configure rules. Available as [services.opensnitch.rules](#opt-services.opensnitch.rules) - -- The module `usbmuxd` now has the ability to change the package used by the daemon. In case you're experiencing issues with `usbmuxd` you can try an alternative program like `usbmuxd2`. Available as [services.usbmuxd.package](#opt-services.usbmuxd.package) - - A few openssh options have been moved from extraConfig to the new freeform option `settings` and renamed as follows: - `services.openssh.forwardX11` to `services.openssh.settings.X11Forwarding` - `services.openssh.kbdInteractiveAuthentication` -> `services.openssh.settings.KbdInteractiveAuthentication` @@ -377,18 +366,21 @@ In addition to numerous new and upgraded packages, this release has the followin - `services.openssh.ciphers` to `services.openssh.settings.Ciphers` - `services.openssh.gatewayPorts` to `services.openssh.settings.GatewayPorts` + +- `vim_configurable` has been renamed to `vim-full` to avoid confusion: `vim-full`'s build-time features are configurable, but both `vim` and `vim-full` are _customizable_ (in the sense of user configuration, like vimrc). + +- Pantheon now defaults to Mutter 43 and GNOME settings daemon 43, all Pantheon packages are now tracking elementary OS 7 updates. + +- The module for the application firewall `opensnitch` got the ability to configure rules. Available as [services.opensnitch.rules](#opt-services.opensnitch.rules) + +- The module `usbmuxd` now has the ability to change the package used by the daemon. In case you're experiencing issues with `usbmuxd` you can try an alternative program like `usbmuxd2`. Available as [services.usbmuxd.package](#opt-services.usbmuxd.package) + - `netbox` was updated to 3.5. NixOS' `services.netbox.package` still defaults to 3.3 if `stateVersion` is earlier than 23.05. Please review upstream's breaking changes [for 3.4.0](https://github.com/netbox-community/netbox/releases/tag/v3.4.0) and [for 3.5.0](https://github.com/netbox-community/netbox/releases/tag/v3.5.0), and upgrade NetBox by changing `services.netbox.package`. Database migrations will be run automatically. - `services.netbox` now support RFC42-style options, through `services.netbox.settings`. - `services.mastodon` gained a tootctl wrapped named `mastodon-tootctl` similar to `nextcloud-occ` which can be executed from any user and switches to the configured mastodon user with sudo and sources the environment variables. -- DocBook option documentation, which has been deprecated since 22.11, will now cause a warning when documentation is built. Out-of-tree modules should migrate to using CommonMark documentation as outlined in [](#sec-option-declarations) to silence this warning. - - DocBook option documentation support will be removed in the next release and CommonMark will become the default. DocBook option documentation that has not been migrated until then will no longer render properly or cause errors. - -- NixOS now defaults to using nsncd (a non-caching reimplementation in Rust) as NSS lookup dispatcher, instead of the buggy and deprecated glibc-provided nscd. If you need to switch back, set `services.nscd.enableNsncd = false`, but please open an issue in nixpkgs so your issue can be fixed. - - `services.borgmatic` now allows for multiple configurations, placed in `/etc/borgmatic.d/`, you can define them with `services.borgmatic.configurations`. - `service.openafsServer` features a new backup server `pkgs.fabs` as a @@ -406,8 +398,6 @@ In addition to numerous new and upgraded packages, this release has the followin `services.dnsmasq.extraConfig` will be deprecated when NixOS 22.11 reaches end of life. -- `kube3d` has now been renamed to `k3d` since the 3d editor that originally took that name has been dropped from nixpkgs. `kube3d` will continue to work as an alias for now. - - The `dokuwiki` service is now configured via `services.dokuwiki.sites..settings` attribute set; `extraConfig` has been removed. The `{aclUse,superUser,disableActions}` attributes have been renamed accordingly. `pluginsConfig` now only accepts an attribute set of booleans. Passing plain PHP is no longer possible. @@ -430,106 +420,87 @@ In addition to numerous new and upgraded packages, this release has the followin If undesired, the old behavior can be restored by overriding the builders with `{ installDocumentation = false; }`. -- The new option `networking.nftables.checkRuleset` controls whether the ruleset is checked for syntax or not during build. It is `true` by default. The check might fail because it is in a sandbox environment. To circumvent this, the ruleset file can be edited using the `networking.nftables.preCheckRuleset` option. +- The nftables module now validates its ruleset at build time. The new `networking.nftables.checkRuleset` option allows disabling this check, which may fail when rules have very specific requirements, that the sandbox environment, by default, will not cover. The `networking.nftables.preCheckRuleset` option can be used to prepare the environment before the checks are run. -- `mastodon` now supports connection to a remote `PostgreSQL` database. +- The `services.mastodon` module now supports connection to a remote `PostgreSQL` database. -- `nextcloud` has an option to enable SSE-C in S3. +- [`services.nextcloud.database.createLocally`](#opt-services.nextcloud.database.createLocally) now uses socket authentication and is no longer compatible with password authentication. + - If you want the module to manage the database for you, unset [`services.nextcloud.config.dbpassFile`](#opt-services.nextcloud.config.dbpassFile) (and [`services.nextcloud.config.dbhost`](#opt-services.nextcloud.config.dbhost), if it's set). + - If you want to use password authentication **and** create the database locally, you will have to use [`services.mysql`](#opt-services.mysql.enable) to set it up. -- NixOS swap partitions with random encryption can now control the sector size, cipher, and key size used to setup the plain encryption device over the - underlying block device rather than allowing them to be determined by `cryptsetup(8)`. One can use these features like so: +- [`services.nextcloud.config.objectstore.s3.sseCKeyFile`](#opt-services.nextcloud.config.objectstore.s3.sseCKeyFile) is a new option to enable server-side encryption with customer provided keys (SSE-C) for your S3 in Nextcloud. + +- NixOS swap partitions with random encryption can now control the sector size, cipher, and key size used to set up the plain encryption device over the underlying block device rather than allowing them to be determined by `cryptsetup(8)`. One can use these features like so: ```nix - { - swapDevices = [ - { - device = "/dev/disk/by-partlabel/swapspace"; - - randomEncryption = { - enable = true; - cipher = "aes-xts-plain64"; - keySize = 512; - sectorSize = 4096; - }; - } - ]; - } + swapDevices = [ { + device = "/dev/disk/by-partlabel/swapspace"; + randomEncryption = { + enable = true; + cipher = "aes-xts-plain64"; + keySize = 512; + sectorSize = 4096; + }; + } ]; ``` - New option `security.pam.zfs` to enable unlocking and mounting of encrypted ZFS home dataset at login. -- `services.peertube` now requires you to specify the secret file `secrets.secretsFile`. It can be generated by running `openssl rand -hex 32`. - Before upgrading, read the release notes for PeerTube: - - [Release v5.0.0](https://github.com/Chocobozzz/PeerTube/releases/tag/v5.0.0) - - And backup your data. +- `services.peertube` now requires you to specify the secret file `secrets.secretsFile`. It can be generated by running `openssl rand -hex 32`. Before upgrading, check the release notes for [PeerTube v5.0.0](https://github.com/Chocobozzz/PeerTube/releases/tag/v5.0.0).And backup your data. - `services.chronyd` is now started with additional systemd sandbox/hardening options for better security. -- PostgreSQL has opt-in support for [JIT compilation](https://www.postgresql.org/docs/current/jit-reason.html). It can be enabled like this: +- PostgreSQL has added opt-in support for [JIT compilation](https://www.postgresql.org/docs/current/jit-reason.html). It can be enabled like this: ```nix - { - services.postgresql = { - enable = true; - enableJIT = true; - }; - } + services.postgresql.enableJIT = true; ``` -- `services.netdata` offers a `deadlineBeforeStopSec` option which enable users who have netdata instance that takes time to initialize to not have systemd kill them for no reason. +- `services.netdata` offers a [`services.netdata.deadlineBeforeStopSec`](#opt-services.netdata.deadlineBeforeStopSec) option which will control the deadline (in seconds) after which systemd will consider your netdata instance as dead if it didn't start in the elapsed time. It is helpful when your netdata instance takes longer to start because of a large amount of state or upgrades. -- `services.dhcpcd` service now don't solicit or accept IPv6 Router Advertisements on interfaces that use static IPv6 addresses. - If network uses both IPv6 Unique local addresses (ULA) and global IPv6 address auto-configuration with SLAAC, must add the parameter `networking.dhcpcd.IPv6rs = true;`. +- `services.dhcpcd` service stopped soliciting or accepting IPv6 Router Advertisements on interfaces that use static IPv6 addresses. + If your network provides both IPv6 unique local addresses (ULA) and globally unique addresses (GUA) through autoconfiguration with SLAAC, you must add the parameter `networking.dhcpcd.IPv6rs = true;`. - The module `services.headscale` was refactored to be compliant with [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). To be precise, this means that the following things have changed: - - Most settings has been migrated under [services.headscale.settings](#opt-services.headscale.settings) which is an attribute-set that + - Most settings have been migrated below [services.headscale.settings](#opt-services.headscale.settings) which is a freeform attribute-set that will be converted into headscale's YAML config format. This means that the configuration from [headscale's example configuration](https://github.com/juanfont/headscale/blob/main/config-example.yaml) can be directly written as attribute-set in Nix within this option. - `services.kubo` now unmounts `ipfsMountDir` and `ipnsMountDir` even if it is killed unexpectedly when `autoMount` is enabled. -- `nixos/lib/make-disk-image.nix` can now mutate EFI variables, run user-provided EFI firmware or variable templates. This is now extensively documented in the NixOS manual. - -- `services.grafana` listens only on localhost by default again. This was changed to upstreams default of `0.0.0.0` by accident in the freeform setting conversion. +- `services.grafana` listens only on localhost by default again. This was changed to the upstream default of `0.0.0.0` by accident in the freeform setting conversion. - Grafana Tempo has been updated to version 2.0. See the [upstream upgrade guide](https://grafana.com/docs/tempo/latest/release-notes/v2-0/#upgrade-considerations) for migration instructions. -- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=unstable&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm). +- A new `virtualisation.rosetta` module was added to allow running `x86_64` binaries through [Rosetta](https://developer.apple.com/documentation/apple-silicon/about-the-rosetta-translation-environment) inside virtualised NixOS guests on Apple Silicon. This feature works by default with the [UTM](https://docs.getutm.app/) virtualisation [package](https://search.nixos.org/packages?channel=23.05&show=utm&from=0&size=1&sort=relevance&type=packages&query=utm). - The new option `users.motdFile` allows configuring a Message Of The Day that can be updated dynamically. - The `root` package is now built with the `"-Dgnuinstall=ON"` CMake flag, making the output conform the `bin` `lib` `share` layout. In this layout, `tutorials` is under `share/doc/ROOT/`; `cmake`, `font`, `icons`, `js` and `macro` under `share/root`; `Makefile.comp` and `Makefile.config` under `etc/root`. -- Enabling global redirect in `services.nginx.virtualHosts` now allows one to add exceptions with the `locations` option. +- There are various new options in the `services.nginx` module: + - Enabling global redirect in `services.nginx.virtualHosts` now allows one to add exceptions with the `locations` option. + - The `proxyCachePath` option has been added to `services.nginx`. It allows configuring the [`proxy_cache_path`](https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_cache_path), that configures the storage path and various other settings for the cache. + - A new option `recommendedBrotliSettings` has been added to `services.nginx`. Learn more about compression in Brotli format [here](https://github.com/google/ngx_brotli/blob/master/README.md). + - `services.nginx.recommendedProxySettings` now removes the `Connection` header preventing clients from closing backend connections. -- A new option `proxyCachePath` has been added to `services.nginx`. Learn more about proxy_cache_path: . - -- A new option `recommendedBrotliSettings` has been added to `services.nginx`. Learn more about compression in Brotli format [here](https://github.com/google/ngx_brotli/blob/master/README.md). - -- Updated recommended settings in `services.nginx.recommendedGzipSettings`: +- The nginx module also received an update to `services.nginx.recommendedGzipSettings`: - Enables gzip compression for only certain proxied requests. - Allow checking and loading of precompressed files. - Updated gzip mime-types. - Increased the minimum length of a response that will be gzipped. -- [Garage](https://garagehq.deuxfleurs.fr/) version is based on [system.stateVersion](options.html#opt-system.stateVersion), existing installations will keep using version 0.7. New installations will use version 0.8. In order to upgrade a Garage cluster, please follow [upstream instructions](https://garagehq.deuxfleurs.fr/documentation/cookbook/upgrading/) and force [services.garage.package](options.html#opt-services.garage.package) or upgrade accordingly [system.stateVersion](options.html#opt-system.stateVersion). +- [Garage](https://garagehq.deuxfleurs.fr/) version is based on [system.stateVersion](options.html#opt-system.stateVersion), existing installations will keep using version 0.7. New installations will use version 0.8. In order to upgrade a Garage cluster, please follow [upstream instructions](https://garagehq.deuxfleurs.fr/documentation/cookbook/upgrading/) and configure [services.garage.package](options.html#opt-services.garage.package). - Nebula now supports the `services.nebula.networks..isRelay` and `services.nebula.networks..relays` configuration options for setting up or allowing traffic relaying. See the [announcement](https://www.defined.net/blog/announcing-relay-support-in-nebula/) for more details about relays. -- `hip` has been separated into `hip`, `hip-common` and `hipcc`. - -- `services.nginx.recommendedProxySettings` now removes the `Connection` header preventing clients from closing backend connections. - - Resilio sync secret keys can now be provided using a secrets file at runtime, preventing these secrets from ending up in the Nix store. -- The `firewall` and `nat` module now has a nftables based implementation. Enable `networking.nftables` to use it. +- The `firewall` and `nat` modules can now optionally rely on an nftables based implementation. Enable `networking.nftables` to use it. - The `services.fwupd` module now allows arbitrary daemon settings to be configured in a structured manner ([`services.fwupd.daemonSettings`](#opt-services.fwupd.daemonSettings)). -- Nixpkgs now uses [IEEE-standard floating point arithmetic](https://github.com/NixOS/nixpkgs/pull/170215) on `powerpc64le-linux`. - - `services.xserver.desktopManager.plasma5.phononBackend` now defaults to vlc according to [upstrean recommendation](https://community.kde.org/Distributions/Packaging_Recommendations#Non-Plasma_packages) - The `zramSwap` is now implemented with `zram-generator`, and the option `zramSwap.numDevices` for using ZRAM devices as general purpose ephemeral block devices has been removed. @@ -540,19 +511,13 @@ In addition to numerous new and upgraded packages, this release has the followin * `apptainer`: From `github.com/apptainer/apptainer`, which is the new repo after renaming. * `singularity`: From `github.com/sylabs/singularity`, which is the fork by Sylabs Inc.. - `programs.singularity` got a new `package` option to specify which package to use. - `singularity-tools.buildImage` got a new input argument `singularity` to specify which package to use. - The new option `programs.singularity.enableFakeroot`, if set to `true`, provides `--fakeroot` support for `apptainer` and `singularity`. -- The `unifi-poller` package and corresponding NixOS module have been renamed to `unpoller` to match upstream. - -- The `rtsp-simple-server` package and corresponding NixOS module have been renamed to `mediamtx` to match upstream. - - The new option `services.tailscale.useRoutingFeatures` controls various settings for using Tailscale features like exit nodes and subnet routers. If you wish to use your machine as an exit node, you can set this setting to `server`, otherwise if you wish to use an exit node you can set this setting to `client`. The strict RPF warning has been removed as the RPF will be loosened automatically based on the value of this setting. -- `openjdk` from version 11 and above is not build with `openjfx` (i.e.: JavaFX) support by default anymore. You can re-enable it by overriding, e.g.: `openjdk11.override { enableJavaFX = true; };`. +- `openjdk` from versioggn 11 and above is not build with `openjfx` (i.e.: JavaFX) support by default anymore. You can re-enable it by overriding, e.g.: `openjdk11.override { enableJavaFX = true; };`. - [Xastir](https://xastir.org/index.php/Main_Page) can now access AX.25 interfaces via the `libax25` package. @@ -562,25 +527,50 @@ In addition to numerous new and upgraded packages, this release has the followin - The option `services.prometheus.exporters.pihole.interval` does not exist anymore and has been removed. -- The option `services.gpsd.device` has been replaced with - `services.gpsd.devices`, which supports multiple devices. +- The option `services.gpsd.device` has been replaced with `services.gpsd.devices`, which supports multiple devices. -- `k3s` can now be configured with an EnvironmentFile for its systemd service, allowing secrets to be provided without ending up in the Nix Store. +- `k3s` can now be configured with an `EnvironmentFile` for its systemd service, allowing secrets to be provided without ending up in the Nix Store. -- `gitea` module options have been changed to be RFC042 conforming (i.e. some options were moved to be located under `services.gitea.settings`) +- The `gitea` module options have been moved into a freeform attribute set below `services.gitea.settings`. -- `boot.initrd.luks.device.` has a new `tryEmptyPassphrase` option, this is useful for OEM's who need to install an encrypted disk with a future settable passphrase - -- there is a new `boot/stratisroot.nix` module that enables booting from a volume managed by the Stratis storage management daemon. Use `fileSystems..stratis.poolUuid` to configure the pool containing the fs. - -- Lisp gained a [manual section](https://nixos.org/manual/nixpkgs/stable/#lisp), documenting a new and backwards incompatible interface. The previous interface will be removed in a future release. +- `boot.initrd.luks.device.` has a new `tryEmptyPassphrase` option, this is useful for OEMs who need to install an encrypted disk with a future settable passphrase - The `bind` module now allows the per-zone `allow-query` setting to be configured (previously it was hard-coded to `any`; it still defaults to `any` to retain compatibility). -- `make-disk-image` handles `contents` arguments that are directories better, fixing a bug where it used to put them in a subdirectory of the intended `target`. - - The option `services.jitsi-videobridge.apis` has been renamed to `colibriRestApi` and turned into a boolean. Setting it to `true` will enable the private rest API, useful for monitoring using `services.prometheus.exporters.jitsi.enable`. Learn more about the API: "[The COLIBRI control interface (/colibri/)](https://github.com/jitsi/jitsi-videobridge/blob/v2.3/doc/rest.md)". +- Booting from a volume managed by the Stratis storage management daemon is now supported. Use `fileSystems..stratis.poolUuid` to configure the pool containing the fs. + +## Nixpkgs internals {#sec-release-23.05-nixpkgs-internals} + +- `buildDunePackage` now defaults to `strictDeps = true` which means that any library should go into `buildInputs` or `checkInputs`. Any executable that is run on the building machine should go into `nativeBuildInputs` or `nativeCheckInputs` respectively. Example of executables are `ocaml`, `findlib` and `menhir`. PPXs are libraries which are built by dune and should therefore not go into `nativeBuildInputs`. + +- `buildFHSUserEnv` is now called `buildFHSEnv` and uses FlatPak's Bubblewrap sandboxing tool rather than Nixpkgs' own chrootenv. The old chrootenv-based implemenation is still available via `buildFHSEnvChrootenv` but is considered deprecated and will be removed when the remaining uses inside Nixpkgs have been migrated. If your FHSEnv-wrapped application misbehaves when using the new bubblewrap implementation, please create an issue in Nixpkgs. + +- Top-level `buildPlatform`, `hostPlatform`, `targetPlatform` have been deprecated, use `stdenv.X` instead. + +- `carnix` and `cratesIO` has been removed due to being unmaintained, use alternatives such as [naersk](https://github.com/nix-community/naersk) and [crate2nix](https://github.com/kolloch/crate2nix) instead. + +- `checkInputs` have been renamed to `nativeCheckInputs`, because they behave the same as `nativeBuildInputs` when `doCheck` is set. `checkInputs` now denote a new type of dependencies, added to `buildInputs` when `doCheck` is set. As a rule of thumb, `nativeCheckInputs` are tools on `$PATH` used during the tests, and `checkInputs` are libraries which are linked to executables built as part of the tests. Similarly, `installCheckInputs` are renamed to `nativeInstallCheckInputs`, corresponding to `nativeBuildInputs`, and `installCheckInputs` are a new type of dependencies added to `buildInputs` when `doInstallCheck` is set. (Note that this change will not cause breakage to derivations with `strictDeps` unset, which are most packages except python, rust, ocaml and go packages). + +- DocBook option documentation, which has been deprecated since 22.11, will now cause a warning when documentation is built. Out-of-tree modules should migrate to using CommonMark documentation as outlined in [](#sec-option-declarations) to silence this warning. + + DocBook option documentation support will be removed in the next release and CommonMark will become the default. DocBook option documentation that has not been migrated until then will no longer render properly or cause errors. + +- `lib.systems.examples.ghcjs` and consequently `pkgsCross.ghcjs` now use the target triplet `javascript-unknown-ghcjs` instead of `js-unknown-ghcjs`. This has been done to match an [upstream decision](https://gitlab.haskell.org/ghc/ghc/-/commit/6636b670233522f01d002c9b97827d00289dbf5c) to follow Cabal's platform naming more closely. Nixpkgs will also reject `js` as an architecture name. + +- Lisp gained a [manual section](https://nixos.org/manual/nixpkgs/stable/#lisp), documenting a new and backwards incompatible interface. The previous interface will be removed in a future release. + +- Calling `makeSetupHook` without passing a `name` argument is deprecated. + +- `nixos/lib/make-disk-image.nix` handles `contents` arguments that are directories better, fixing a bug where it used to put them in a subdirectory of the intended `target`. + +- `nixos/lib/make-disk-image.nix` can now mutate EFI variables, run user-provided EFI firmware or variable templates. This is now extensively documented in the NixOS manual. + +- Nixpkgs now uses [IEEE-standard floating point arithmetic](https://github.com/NixOS/nixpkgs/pull/170215) on `powerpc64le-linux`. + +- Deprecated `xlibsWrapper` transitional package has been removed in favour of direct use of its constituents: `xorg.libX11`, `freetype` and others. + ## Detailed migration information {#sec-release-23.05-migration} ### Pipewire configuration overrides {#sec-release-23.05-migration-pipewire} From caa0a24ab0c913ea250808ddfeef486ac2ac9f70 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Sat, 27 May 2023 12:47:41 +0000 Subject: [PATCH 68/69] doc: clarify that meta.timeout is only for Hydra I read this and expected it to be a timeout that was always applied when building the derivation, but it's actually a Hydra-specific thing. --- doc/stdenv/meta.chapter.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/stdenv/meta.chapter.md b/doc/stdenv/meta.chapter.md index 2e0cae67d50d..a21dfd0821af 100644 --- a/doc/stdenv/meta.chapter.md +++ b/doc/stdenv/meta.chapter.md @@ -182,7 +182,7 @@ runCommand "my-package-test" { ### `timeout` {#var-meta-timeout} -A timeout (in seconds) for building the derivation. If the derivation takes longer than this time to build, it can fail due to breaking the timeout. However, all computers do not have the same computing power, hence some builders may decide to apply a multiplicative factor to this value. When filling this value in, try to keep it approximately consistent with other values already present in `nixpkgs`. +A timeout (in seconds) for building the derivation. If the derivation takes longer than this time to build, Hydra will fail it due to breaking the timeout. However, all computers do not have the same computing power, hence some builders may decide to apply a multiplicative factor to this value. When filling this value in, try to keep it approximately consistent with other values already present in `nixpkgs`. `meta` attributes are not stored in the instantiated derivation. Therefore, this setting may be lost when the package is used as a dependency. From 794e01a0d481413a9907d629a69eee8c1a4a7c40 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Tue, 23 May 2023 10:04:22 +0000 Subject: [PATCH 69/69] python3.pkgs.glean-sdk: unvendor lmdb --- pkgs/development/libraries/lmdb/default.nix | 3 +++ .../development/python-modules/glean-sdk/default.nix | 12 ++++++++++++ pkgs/top-level/python-packages.nix | 4 +++- 3 files changed, 18 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/lmdb/default.nix b/pkgs/development/libraries/lmdb/default.nix index dbc15f11c3aa..a186f2993a46 100644 --- a/pkgs/development/libraries/lmdb/default.nix +++ b/pkgs/development/libraries/lmdb/default.nix @@ -46,6 +46,9 @@ stdenv.mkDerivation rec { Cflags: -I$dev/include Libs: -L$out/lib -llmdb EOF + + # Expected by Rust libraries. + ln -s lmdb.pc "$dev/lib/pkgconfig/liblmdb.pc" ''; meta = with lib; { diff --git a/pkgs/development/python-modules/glean-sdk/default.nix b/pkgs/development/python-modules/glean-sdk/default.nix index a6137bdc2dd4..22ac0e96ea9a 100644 --- a/pkgs/development/python-modules/glean-sdk/default.nix +++ b/pkgs/development/python-modules/glean-sdk/default.nix @@ -6,8 +6,11 @@ , fetchPypi , glean-parser , iso8601 +, lmdb +, pkg-config , pytest-localserver , pytestCheckHook +, python , pythonOlder , rustc , rustPlatform @@ -34,11 +37,16 @@ buildPythonPackage rec { nativeBuildInputs = [ cargo + pkg-config rustc rustPlatform.cargoSetupHook setuptools-rust ]; + buildInputs = [ + lmdb + ]; + propagatedBuildInputs = [ cffi glean-parser @@ -57,6 +65,10 @@ buildPythonPackage rec { "test_flipping_upload_enabled_respects_order_of_events" ]; + postInstallCheck = lib.optionalString (stdenv.hostPlatform.parsed.kernel.execFormat == lib.systems.parse.execFormats.elf) '' + readelf -a $out/${python.sitePackages}/glean/libglean_ffi.so | grep -F 'Shared library: [liblmdb.so' + ''; + pythonImportsCheck = [ "glean" ]; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 4cab148b9505..79f7feb94854 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4090,7 +4090,9 @@ self: super: with self; { glean-parser = callPackage ../development/python-modules/glean-parser { }; - glean-sdk = callPackage ../development/python-modules/glean-sdk { }; + glean-sdk = callPackage ../development/python-modules/glean-sdk { + inherit (pkgs) lmdb; + }; glfw = callPackage ../development/python-modules/glfw { };