Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2021-10-26 12:02:02 +00:00 committed by GitHub
commit 9d11ed2864
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
38 changed files with 286 additions and 119 deletions

View File

@ -158,9 +158,9 @@ One would think that `localSystem` and `crossSystem` overlap horribly with the t
### Implementation of dependencies {#ssec-cross-dependency-implementation} ### Implementation of dependencies {#ssec-cross-dependency-implementation}
The categories of dependencies developed in [](#ssec-cross-dependency-categorization) are specified as lists of derivations given to `mkDerivation`, as documented in [](#ssec-stdenv-dependencies). In short, each list of dependencies for "host → target" of "foo → bar" is called `depsFooBar`, with exceptions for backwards compatibility that `depsBuildHost` is instead called `nativeBuildInputs` and `depsHostTarget` is instead called `buildInputs`. Nixpkgs is now structured so that each `depsFooBar` is automatically taken from `pkgsFooBar`. (These `pkgsFooBar`s are quite new, so there is no special case for `nativeBuildInputs` and `buildInputs`.) For example, `pkgsBuildHost.gcc` should be used at build-time, while `pkgsHostTarget.gcc` should be used at run-time. The categories of dependencies developed in [](#ssec-cross-dependency-categorization) are specified as lists of derivations given to `mkDerivation`, as documented in [](#ssec-stdenv-dependencies). In short, each list of dependencies for "host → target" is called `deps<host><target>` (where `host`, and `target` values are either `build`, `host`, or `target`), with exceptions for backwards compatibility that `depsBuildHost` is instead called `nativeBuildInputs` and `depsHostTarget` is instead called `buildInputs`. Nixpkgs is now structured so that each `deps<host><target>` is automatically taken from `pkgs<host><target>`. (These `pkgs<host><target>`s are quite new, so there is no special case for `nativeBuildInputs` and `buildInputs`.) For example, `pkgsBuildHost.gcc` should be used at build-time, while `pkgsHostTarget.gcc` should be used at run-time.
Now, for most of Nixpkgs's history, there were no `pkgsFooBar` attributes, and most packages have not been refactored to use it explicitly. Prior to those, there were just `buildPackages`, `pkgs`, and `targetPackages`. Those are now redefined as aliases to `pkgsBuildHost`, `pkgsHostTarget`, and `pkgsTargetTarget`. It is acceptable, even recommended, to use them for libraries to show that the host platform is irrelevant. Now, for most of Nixpkgs's history, there were no `pkgs<host><target>` attributes, and most packages have not been refactored to use it explicitly. Prior to those, there were just `buildPackages`, `pkgs`, and `targetPackages`. Those are now redefined as aliases to `pkgsBuildHost`, `pkgsHostTarget`, and `pkgsTargetTarget`. It is acceptable, even recommended, to use them for libraries to show that the host platform is irrelevant.
But before that, there was just `pkgs`, even though both `buildInputs` and `nativeBuildInputs` existed. \[Cross barely worked, and those were implemented with some hacks on `mkDerivation` to override dependencies.\] What this means is the vast majority of packages do not use any explicit package set to populate their dependencies, just using whatever `callPackage` gives them even if they do correctly sort their dependencies into the multiple lists described above. And indeed, asking that users both sort their dependencies, _and_ take them from the right attribute set, is both too onerous and redundant, so the recommended approach (for now) is to continue just categorizing by list and not using an explicit package set. But before that, there was just `pkgs`, even though both `buildInputs` and `nativeBuildInputs` existed. \[Cross barely worked, and those were implemented with some hacks on `mkDerivation` to override dependencies.\] What this means is the vast majority of packages do not use any explicit package set to populate their dependencies, just using whatever `callPackage` gives them even if they do correctly sort their dependencies into the multiple lists described above. And indeed, asking that users both sort their dependencies, _and_ take them from the right attribute set, is both too onerous and redundant, so the recommended approach (for now) is to continue just categorizing by list and not using an explicit package set.

View File

@ -116,15 +116,27 @@ On Linux, `stdenv` also includes the `patchelf` utility.
## Specifying dependencies {#ssec-stdenv-dependencies} ## Specifying dependencies {#ssec-stdenv-dependencies}
As described in the Nix manual, almost any `*.drv` store path in a derivations attribute set will induce a dependency on that derivation. `mkDerivation`, however, takes a few attributes intended to, between them, include all the dependencies of a package. This is done both for structure and consistency, but also so that certain other setup can take place. For example, certain dependencies need their bin directories added to the `PATH`. That is built-in, but other setup is done via a pluggable mechanism that works in conjunction with these dependency attributes. See [](#ssec-setup-hooks) for details. As described in the Nix manual, almost any `*.drv` store path in a derivations attribute set will induce a dependency on that derivation. `mkDerivation`, however, takes a few attributes intended to include all the dependencies of a package. This is done both for structure and consistency, but also so that certain other setup can take place. For example, certain dependencies need their bin directories added to the `PATH`. That is built-in, but other setup is done via a pluggable mechanism that works in conjunction with these dependency attributes. See [](#ssec-setup-hooks) for details.
Dependencies can be broken down along three axes: their host and target platforms relative to the new derivations, and whether they are propagated. The platform distinctions are motivated by cross compilation; see [](#chap-cross) for exactly what each platform means. [^footnote-stdenv-ignored-build-platform] But even if one is not cross compiling, the platforms imply whether or not the dependency is needed at run-time or build-time, a concept that makes perfect sense outside of cross compilation. By default, the run-time/build-time distinction is just a hint for mental clarity, but with `strictDeps` set it is mostly enforced even in the native case. Dependencies can be broken down along three axes: their host and target platforms relative to the new derivations, and whether they are propagated. The platform distinctions are motivated by cross compilation; see [](#chap-cross) for exactly what each platform means. [^footnote-stdenv-ignored-build-platform] But even if one is not cross compiling, the platforms imply whether or not the dependency is needed at run-time or build-time, a concept that makes perfect sense outside of cross compilation. By default, the run-time/build-time distinction is just a hint for mental clarity, but with `strictDeps` set it is mostly enforced even in the native case.
The extension of `PATH` with dependencies, alluded to above, proceeds according to the relative platforms alone. The process is carried out only for dependencies whose host platform matches the new derivations build platform i.e. dependencies which run on the platform where the new derivation will be built. [^footnote-stdenv-native-dependencies-in-path] For each dependency \<dep\> of those dependencies, `dep/bin`, if present, is added to the `PATH` environment variable. The extension of `PATH` with dependencies, alluded to above, proceeds according to the relative platforms alone. The process is carried out only for dependencies whose host platform matches the new derivations build platform i.e. dependencies which run on the platform where the new derivation will be built. [^footnote-stdenv-native-dependencies-in-path] For each dependency \<dep\> of those dependencies, `dep/bin`, if present, is added to the `PATH` environment variable.
The dependency is propagated when it forces some of its other-transitive (non-immediate) downstream dependencies to also take it on as an immediate dependency. Nix itself already takes a packages transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like setup hooks (mentioned above) also are run as if the propagated dependency. A dependency is said to be **propagated** when some of its other-transitive (non-immediate) downstream dependencies also need it as an immediate dependency.
[^footnote-stdenv-propagated-dependencies]
It is important to note that dependencies are not necessarily propagated as the same sort of dependency that they were before, but rather as the corresponding sort so that the platform rules still line up. The exact rules for dependency propagation can be given by assigning to each dependency two integers based one how its host and target platforms are offset from the depending derivations platforms. Those offsets are given below in the descriptions of each dependency list attribute. Algorithmically, we traverse propagated inputs, accumulating every propagated dependencys propagated dependencies and adjusting them to account for the “shift in perspective” described by the current dependencys platform offsets. This results in sort a transitive closure of the dependency relation, with the offsets being approximately summed when two dependency links are combined. We also prune transitive dependencies whose combined offsets go out-of-bounds, which can be viewed as a filter over that transitive closure removing dependencies that are blatantly absurd. It is important to note that dependencies are not necessarily propagated as the same sort of dependency that they were before, but rather as the corresponding sort so that the platform rules still line up. To determine the exact rules for dependency propagation, we start by assigning to each dependency a couple of ternary numbers (`-1` for `build`, `0` for `host`, and `1` for `target`), representing how respectively its host and target platforms are "offset" from the depending derivations platforms. The following table summarize the different combinations that can be obtained:
| `host → target` | attribute name | offset |
| ------------------- | ------------------- | -------- |
| `build --> build` | `depsBuildBuild` | `-1, -1` |
| `build --> host` | `nativeBuildInputs` | `-1, 0` |
| `build --> target` | `depsBuildTarget` | `-1, 1` |
| `host --> host` | `depsHostHost` | `0, 0` |
| `host --> target` | `buildInputs` | `0, 1` |
| `target --> target` | `depsTargetTarget` | `1, 1` |
Algorithmically, we traverse propagated inputs, accumulating every propagated dependencys propagated dependencies and adjusting them to account for the “shift in perspective” described by the current dependencys platform offsets. This results is sort of a transitive closure of the dependency relation, with the offsets being approximately summed when two dependency links are combined. We also prune transitive dependencies whose combined offsets go out-of-bounds, which can be viewed as a filter over that transitive closure removing dependencies that are blatantly absurd.
We can define the process precisely with [Natural Deduction](https://en.wikipedia.org/wiki/Natural_deduction) using the inference rules. This probably seems a bit obtuse, but so is the bash code that actually implements it! [^footnote-stdenv-find-inputs-location] Theyre confusing in very different ways so… hopefully if something doesnt make sense in one presentation, it will in the other! We can define the process precisely with [Natural Deduction](https://en.wikipedia.org/wiki/Natural_deduction) using the inference rules. This probably seems a bit obtuse, but so is the bash code that actually implements it! [^footnote-stdenv-find-inputs-location] Theyre confusing in very different ways so… hopefully if something doesnt make sense in one presentation, it will in the other!
@ -179,37 +191,37 @@ Overall, the unifying theme here is that propagation shouldnt be introducing
#### `depsBuildBuild` {#var-stdenv-depsBuildBuild} #### `depsBuildBuild` {#var-stdenv-depsBuildBuild}
A list of dependencies whose host and target platforms are the new derivations build platform. This means a `-1` host and `-1` target offset from the new derivations platforms. These are programs and libraries used at build time that produce programs and libraries also used at build time. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it in `nativeBuildInputs` instead. The most common use of this `buildPackages.stdenv.cc`, the default C compiler for this role. That example crops up more than one might think in old commonly used C libraries. A list of dependencies whose host and target platforms are the new derivations build platform. These are programs and libraries used at build time that produce programs and libraries also used at build time. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it in `nativeBuildInputs` instead. The most common use of this `buildPackages.stdenv.cc`, the default C compiler for this role. That example crops up more than one might think in old commonly used C libraries.
Since these packages are able to be run at build-time, they are always added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future. Since these packages are able to be run at build-time, they are always added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future.
#### `nativeBuildInputs` {#var-stdenv-nativeBuildInputs} #### `nativeBuildInputs` {#var-stdenv-nativeBuildInputs}
A list of dependencies whose host platform is the new derivations build platform, and target platform is the new derivations host platform. This means a `-1` host offset and `0` target offset from the new derivations platforms. These are programs and libraries used at build-time that, if they are a compiler or similar tool, produce code to run at run-time—i.e. tools used to build the new derivation. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it here, rather than in `depsBuildBuild` or `depsBuildTarget`. This could be called `depsBuildHost` but `nativeBuildInputs` is used for historical continuity. A list of dependencies whose host platform is the new derivations build platform, and target platform is the new derivations host platform. These are programs and libraries used at build-time that, if they are a compiler or similar tool, produce code to run at run-time—i.e. tools used to build the new derivation. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it here, rather than in `depsBuildBuild` or `depsBuildTarget`. This could be called `depsBuildHost` but `nativeBuildInputs` is used for historical continuity.
Since these packages are able to be run at build-time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future. Since these packages are able to be run at build-time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future.
#### `depsBuildTarget` {#var-stdenv-depsBuildTarget} #### `depsBuildTarget` {#var-stdenv-depsBuildTarget}
A list of dependencies whose host platform is the new derivations build platform, and target platform is the new derivations target platform. This means a `-1` host offset and `1` target offset from the new derivations platforms. These are programs used at build time that produce code to run with code produced by the depending package. Most commonly, these are tools used to build the runtime or standard library that the currently-being-built compiler will inject into any code it compiles. In many cases, the currently-being-built-compiler is itself employed for that task, but when that compiler wont run (i.e. its build and host platform differ) this is not possible. Other times, the compiler relies on some other tool, like binutils, that is always built separately so that the dependency is unconditional. A list of dependencies whose host platform is the new derivations build platform, and target platform is the new derivations target platform. These are programs used at build time that produce code to run with code produced by the depending package. Most commonly, these are tools used to build the runtime or standard library that the currently-being-built compiler will inject into any code it compiles. In many cases, the currently-being-built-compiler is itself employed for that task, but when that compiler wont run (i.e. its build and host platform differ) this is not possible. Other times, the compiler relies on some other tool, like binutils, that is always built separately so that the dependency is unconditional.
This is a somewhat confusing concept to wrap ones head around, and for good reason. As the only dependency type where the platform offsets are not adjacent integers, it requires thinking of a bootstrapping stage *two* away from the current one. It and its use-case go hand in hand and are both considered poor form: try to not need this sort of dependency, and try to avoid building standard libraries and runtimes in the same derivation as the compiler produces code using them. Instead strive to build those like a normal library, using the newly-built compiler just as a normal library would. In short, do not use this attribute unless you are packaging a compiler and are sure it is needed. This is a somewhat confusing concept to wrap ones head around, and for good reason. As the only dependency type where the platform offsets, `-1` and `1`, are not adjacent integers, it requires thinking of a bootstrapping stage *two* away from the current one. It and its use-case go hand in hand and are both considered poor form: try to not need this sort of dependency, and try to avoid building standard libraries and runtimes in the same derivation as the compiler produces code using them. Instead strive to build those like a normal library, using the newly-built compiler just as a normal library would. In short, do not use this attribute unless you are packaging a compiler and are sure it is needed.
Since these packages are able to run at build time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future. Since these packages are able to run at build time, they are added to the `PATH`, as described above. But since these packages are only guaranteed to be able to run then, they shouldnt persist as run-time dependencies. This isnt currently enforced, but could be in the future.
#### `depsHostHost` {#var-stdenv-depsHostHost} #### `depsHostHost` {#var-stdenv-depsHostHost}
A list of dependencies whose host and target platforms match the new derivations host platform. This means a `0` host offset and `0` target offset from the new derivations host platform. These are packages used at run-time to generate code also used at run-time. In practice, this would usually be tools used by compilers for macros or a metaprogramming system, or libraries used by the macros or metaprogramming code itself. Its always preferable to use a `depsBuildBuild` dependency in the derivation being built over a `depsHostHost` on the tool doing the building for this purpose. A list of dependencies whose host and target platforms match the new derivations host platform. In practice, this would usually be tools used by compilers for macros or a metaprogramming system, or libraries used by the macros or metaprogramming code itself. Its always preferable to use a `depsBuildBuild` dependency in the derivation being built over a `depsHostHost` on the tool doing the building for this purpose.
#### `buildInputs` {#var-stdenv-buildInputs} #### `buildInputs` {#var-stdenv-buildInputs}
A list of dependencies whose host platform and target platform match the new derivations. This means a `0` host offset and a `1` target offset from the new derivations host platform. This would be called `depsHostTarget` but for historical continuity. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it here, rather than in `depsBuildBuild`. A list of dependencies whose host platform and target platform match the new derivations. This would be called `depsHostTarget` but for historical continuity. If the dependency doesnt care about the target platform (i.e. isnt a compiler or similar tool), put it here, rather than in `depsBuildBuild`.
These are often programs and libraries used by the new derivation at *run*-time, but that isnt always the case. For example, the machine code in a statically-linked library is only used at run-time, but the derivation containing the library is only needed at build-time. Even in the dynamic case, the library may also be needed at build-time to appease the linker. These are often programs and libraries used by the new derivation at *run*-time, but that isnt always the case. For example, the machine code in a statically-linked library is only used at run-time, but the derivation containing the library is only needed at build-time. Even in the dynamic case, the library may also be needed at build-time to appease the linker.
#### `depsTargetTarget` {#var-stdenv-depsTargetTarget} #### `depsTargetTarget` {#var-stdenv-depsTargetTarget}
A list of dependencies whose host platform matches the new derivations target platform. This means a `1` offset from the new derivations platforms. These are packages that run on the target platform, e.g. the standard library or run-time deps of standard library that a compiler insists on knowing about. Its poor form in almost all cases for a package to depend on another from a future stage \[future stage corresponding to positive offset\]. Do not use this attribute unless you are packaging a compiler and are sure it is needed. A list of dependencies whose host platform matches the new derivations target platform. These are packages that run on the target platform, e.g. the standard library or run-time deps of standard library that a compiler insists on knowing about. Its poor form in almost all cases for a package to depend on another from a future stage \[future stage corresponding to positive offset\]. Do not use this attribute unless you are packaging a compiler and are sure it is needed.
#### `depsBuildBuildPropagated` {#var-stdenv-depsBuildBuildPropagated} #### `depsBuildBuildPropagated` {#var-stdenv-depsBuildBuildPropagated}
@ -1228,6 +1240,7 @@ If the libraries lack `-fPIE`, you will get the error `recompile with -fPIE`.
[^footnote-stdenv-ignored-build-platform]: The build platform is ignored because it is a mere implementation detail of the package satisfying the dependency: As a general programming principle, dependencies are always *specified* as interfaces, not concrete implementation. [^footnote-stdenv-ignored-build-platform]: The build platform is ignored because it is a mere implementation detail of the package satisfying the dependency: As a general programming principle, dependencies are always *specified* as interfaces, not concrete implementation.
[^footnote-stdenv-native-dependencies-in-path]: Currently, this means for native builds all dependencies are put on the `PATH`. But in the future that may not be the case for sake of matching cross: the platforms would be assumed to be unique for native and cross builds alike, so only the `depsBuild*` and `nativeBuildInputs` would be added to the `PATH`. [^footnote-stdenv-native-dependencies-in-path]: Currently, this means for native builds all dependencies are put on the `PATH`. But in the future that may not be the case for sake of matching cross: the platforms would be assumed to be unique for native and cross builds alike, so only the `depsBuild*` and `nativeBuildInputs` would be added to the `PATH`.
[^footnote-stdenv-propagated-dependencies]: Nix itself already takes a packages transitive dependencies into account, but this propagation ensures nixpkgs-specific infrastructure like setup hooks (mentioned above) also are run as if the propagated dependency.
[^footnote-stdenv-find-inputs-location]: The `findInputs` function, currently residing in `pkgs/stdenv/generic/setup.sh`, implements the propagation logic. [^footnote-stdenv-find-inputs-location]: The `findInputs` function, currently residing in `pkgs/stdenv/generic/setup.sh`, implements the propagation logic.
[^footnote-stdenv-sys-lib-search-path]: It clears the `sys_lib_*search_path` variables in the Libtool script to prevent Libtool from using libraries in `/usr/lib` and such. [^footnote-stdenv-sys-lib-search-path]: It clears the `sys_lib_*search_path` variables in the Libtool script to prevent Libtool from using libraries in `/usr/lib` and such.
[^footnote-stdenv-build-time-guessing-impurity]: Eventually these will be passed building natively as well, to improve determinism: build-time guessing, as is done today, is a risk of impurity. [^footnote-stdenv-build-time-guessing-impurity]: Eventually these will be passed building natively as well, to improve determinism: build-time guessing, as is done today, is a risk of impurity.

View File

@ -453,7 +453,7 @@ in
cantarell-fonts cantarell-fonts
dejavu_fonts dejavu_fonts
source-code-pro # Default monospace font in 3.32 source-code-pro # Default monospace font in 3.32
source-sans-pro source-sans
]; ];
# Adapt from https://gitlab.gnome.org/GNOME/gnome-build-meta/blob/gnome-3-38/elements/core/meta-gnome-core-shell.bst # Adapt from https://gitlab.gnome.org/GNOME/gnome-build-meta/blob/gnome-3-38/elements/core/meta-gnome-core-shell.bst

View File

@ -6,14 +6,14 @@
let chia = python3Packages.buildPythonApplication rec { let chia = python3Packages.buildPythonApplication rec {
pname = "chia"; pname = "chia";
version = "1.2.9"; version = "1.2.10";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "Chia-Network"; owner = "Chia-Network";
repo = "chia-blockchain"; repo = "chia-blockchain";
rev = version; rev = version;
fetchSubmodules = true; fetchSubmodules = true;
sha256 = "sha256-ZDWkVCga/NsKOnj5HP0lnmnX6vqw+I0b3a1Wr1t1VN0="; sha256 = "sha256-TzSBGjgaE0IWaqJcCIoO/u+gDh17NtAqhE8ldbbjNIE=";
}; };
postPatch = '' postPatch = ''

View File

@ -3,13 +3,13 @@
mkDerivation rec { mkDerivation rec {
pname = "texstudio"; pname = "texstudio";
version = "4.0.0"; version = "4.0.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "${pname}-org"; owner = "${pname}-org";
repo = pname; repo = pname;
rev = version; rev = version;
sha256 = "0fapgc6dvzn47gmhxkqymwi3818rdiag33ml57j2mfmsi5pjxi0f"; sha256 = "sha256-SCrWoIZan8mFwQoXaXvM0Ujdhcic3FbmfgKZSFXFBGE=";
}; };
nativeBuildInputs = [ qmake wrapQtAppsHook pkg-config ]; nativeBuildInputs = [ qmake wrapQtAppsHook pkg-config ];

View File

@ -16,13 +16,13 @@ in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "imagemagick"; pname = "imagemagick";
version = "6.9.12-19"; version = "6.9.12-26";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "ImageMagick"; owner = "ImageMagick";
repo = "ImageMagick6"; repo = "ImageMagick6";
rev = version; rev = version;
sha256 = "sha256-8KofT9aNd8SXL0YBQ0RUOTccVxQNacvJL1uYPZiSPkY="; sha256 = "sha256-oNorY/93jk1v5BS1T3wqctXuzV4o8JlyZtHnsNYmO4U=";
}; };
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big

View File

@ -18,13 +18,13 @@ in
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "imagemagick"; pname = "imagemagick";
version = "7.1.0-9"; version = "7.1.0-11";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "ImageMagick"; owner = "ImageMagick";
repo = "ImageMagick"; repo = "ImageMagick";
rev = version; rev = version;
sha256 = "sha256-9eeOY6TvNykWA3yyQH1UR3ahdhOja87I9rsie9fMbso="; sha256 = "sha256-z7ZpoB8NlcS5NVyoW0ngSlakCcb5qC3bh3xDVYuWS6w=";
}; };
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big

View File

@ -42,18 +42,18 @@ with lib;
# Those pieces of software we entirely ignore upstream's handling of, and just # Those pieces of software we entirely ignore upstream's handling of, and just
# make sure they're in the path if desired. # make sure they're in the path if desired.
let let
k3sVersion = "1.21.4+k3s1"; # k3s git tag k3sVersion = "1.22.2+k3s2"; # k3s git tag
k3sCommit = "3e250fdbab72d88f7e6aae57446023a0567ffc97"; # k3s git commit at the above version k3sCommit = "3f5774b41eb475eb10c93bb0ce58459a6f777c5f"; # k3s git commit at the above version
k3sRepoSha256 = "1w7drvk0bmlmqrxh1y6dxjy7dk6bdrl72pkd25lc1ir6wbzb05h9"; k3sRepoSha256 = "1kjf2zkm5d3s1aj4w9gzsc3ms3a0cm900fyi9899ijczw1cbrc61";
traefikChartVersion = "9.18.2"; # taken from ./manifests/traefik.yaml at spec.version traefikChartVersion = "10.3.0"; # taken from ./manifests/traefik.yaml at spec.version
traefikChartSha256 = "sha256-9d7p0ngyMN27u4OPgz7yI14Zj9y36t9o/HMX5wyDpUI="; traefikChartSha256 = "0y6wr64xp7bgx24kqil0x6myr3pnfrg8rw0d1h5zd2n5a8nfd73f";
k3sRootVersion = "0.9.1"; # taken from ./scripts/download at ROOT_VERSION k3sRootVersion = "0.9.1"; # taken from ./scripts/download at ROOT_VERSION
k3sRootSha256 = "sha256-qI84KYJKY/T6pqWZW9lOTq5NzZiu//v1zrMzUCiRTGQ="; k3sRootSha256 = "0r2cj4l50cxkrvszpzxfk36lvbjf9vcmp6d5lvxg8qsah8lki3x8";
k3sCNIVersion = "0.8.6-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS k3sCNIVersion = "0.9.1-k3s1"; # taken from ./scripts/version.sh at VERSION_CNIPLUGINS
k3sCNISha256 = "sha256-uAy17eRRAXPCcnh481KxFMvFQecnnBs24jn5YnVNfY4="; k3sCNISha256 = "1327vmfph7b8i14q05c2xdfzk60caflg1zhycx0mrf3d59f4zsz5";
baseMeta = { baseMeta = {
description = "A lightweight Kubernetes distribution"; description = "A lightweight Kubernetes distribution";

View File

@ -12,7 +12,9 @@ LATEST_TAG_RAWFILE=${WORKDIR}/latest_tag.json
curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \
https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE} https://api.github.com/repos/k3s-io/k3s/releases > ${LATEST_TAG_RAWFILE}
LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | grep -v -e rc -e engine | sed 's/["|,| ]//g' | sort -V -r | head -n1) LATEST_TAG_NAME=$(jq 'map(.tag_name)' ${LATEST_TAG_RAWFILE} | \
grep -v -e rc -e engine | tail -n +2 | head -n -1 | sed 's|[", ]||g' | sort -rV | head -n1)
K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//') K3S_VERSION=$(echo ${LATEST_TAG_NAME} | sed 's/^v//')
K3S_COMMIT=$(curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \ K3S_COMMIT=$(curl --silent ${GITHUB_TOKEN:+"-u \":$GITHUB_TOKEN\""} \

View File

@ -2,7 +2,7 @@
(callPackage ./generic.nix { }) { (callPackage ./generic.nix { }) {
channel = "stable"; channel = "stable";
version = "2.10.2"; version = "2.11.0";
sha256 = "sha256-dOD0S4FJ2lXE+1VZooi8tKvC8ndGEHAxmAvSqoWI/m0="; sha256 = "172in8vmr7c5sff111rrd5127lz2pv7bbh7p399xafnk8ri0fx2i";
vendorSha256 = "sha256-Qb0FZOvKL9GgncfUl538PynkYbm3V8Q6lUpApUoIp5s="; vendorSha256 = "sha256-c3EyVrblqtFuoP7+YdbyPN0DdN6TcQ5DTtFQ/frKM0Q=";
} }

View File

@ -2,7 +2,7 @@
(callPackage ./generic.nix { }) { (callPackage ./generic.nix { }) {
channel = "edge"; channel = "edge";
version = "21.9.3"; version = "21.10.3";
sha256 = "0swqx4myvr24visj39icg8g90kj325pvf22bq447rnm0whq3cnyz"; sha256 = "09k4c0dgn9vvgp6xb20x0vylk6bbd03srk3sra8vnpywwi591mcv";
vendorSha256 = "sha256-fMtAR66TwMNR/HCVQ9Jg3sJ0XBx2jUKDG7/ts0lEZM4="; vendorSha256 = "sha256-uGj1sMEa791ZKA7hpJ1A9vtwsmrZDGAYp6HQo6QNAYY=";
} }

View File

@ -48,8 +48,13 @@ in
serif = makePackage { serif = makePackage {
family = "serif"; family = "serif";
description = "serif"; description = "serif";
rev = "1.001R"; rev = "2.000R";
sha256 = "0nnsb2w140ih0cnp1fh7s4csvzp9y0cavz9df2ryhv215mh9z4m0"; sha256 = "0x3n6s4khdd6l0crwd7g9sjaqp8lkvksglhc7kj3cv80hldab9wp";
postFetch = ''
mkdir -p $out/share/fonts/opentype/source-han-serif
unzip $downloadedFile -d $out/share/fonts/opentype/source-han-serif
'';
zip = ".zip";
}; };
mono = makePackage { mono = makePackage {

View File

@ -11,6 +11,8 @@ stdenv.mkDerivation {
buildInputs = [ libusb-compat-0_1 readline ]; buildInputs = [ libusb-compat-0_1 readline ];
configureFlags = [ "sysconfdir=/etc" ];
meta = with lib; { meta = with lib; {
description = "Open source library libnfc for Near Field Communication"; description = "Open source library libnfc for Near Field Communication";
license = licenses.gpl3; license = licenses.gpl3;

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "fastjet-contrib"; pname = "fastjet-contrib";
version = "1.045"; version = "1.046";
src = fetchurl { src = fetchurl {
url = "http://fastjet.hepforge.org/contrib/downloads/fjcontrib-${version}.tar.gz"; url = "http://fastjet.hepforge.org/contrib/downloads/fjcontrib-${version}.tar.gz";
sha256 = "1y45jx7i30ik2pjv33y16fi5i5jpmi0zp1jh32pwywd3diaiazv6"; sha256 = "sha256-cgavrH/rIHXZn7sDa7NRPTKy2sOvMDQQJjmGNUeT7s8=";
}; };
buildInputs = [ fastjet ]; buildInputs = [ fastjet ];

View File

@ -25,13 +25,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "vte"; pname = "vte";
version = "0.66.0"; version = "0.64.2";
outputs = [ "out" "dev" ]; outputs = [ "out" "dev" ];
src = fetchurl { src = fetchurl {
url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; url = "mirror://gnome/sources/${pname}/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
sha256 = "sha256-0IE6wA+x102IhR52X3VdSWyD4JcJc1jqG6rbOLN7ezM="; sha256 = "sha256-KzyCC2WmZ8HYhZuiBHi+Ym0VGcwxWdrCX3AzMMbQfhg=";
}; };
patches = [ patches = [

View File

@ -9,7 +9,7 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "casbin"; pname = "casbin";
version = "1.9.2"; version = "1.9.3";
disabled = isPy27; disabled = isPy27;
@ -17,7 +17,7 @@ buildPythonPackage rec {
owner = pname; owner = pname;
repo = "pycasbin"; repo = "pycasbin";
rev = "v${version}"; rev = "v${version}";
sha256 = "0awqdh4jsarf0lr2bl2qiaff1yk9vndq15jcl4abiig9wr2yghpc"; sha256 = "sha256-PN31/1BpXcNqsqBZ8sS/MM3UL47/Bi24bUh+jGOJevk=";
}; };
propagatedBuildInputs = [ propagatedBuildInputs = [

View File

@ -0,0 +1,27 @@
{ lib, buildPythonPackage, fetchPypi, pygments }:
buildPythonPackage rec {
pname = "insegel";
version = "1.3.1";
src = fetchPypi {
inherit pname version;
sha256 = "1d055dd64f6eb335580a485271511ba2f4e3b5e315f48f827f58da3cace4b4ae";
};
propagatedBuildInputs = [ pygments ];
# No tests included
doCheck = false;
pythonImportsCheck = [
"insegel"
];
meta = with lib; {
homepage = "https://github.com/autophagy/insegel";
description = "A monochrome 2 column Sphinx theme";
license = licenses.mit;
maintainers = with maintainers; [ autophagy ];
};
}

View File

@ -16,14 +16,14 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "minio"; pname = "minio";
version = "7.1.0"; version = "7.1.1";
disabled = pythonOlder "3.6"; disabled = pythonOlder "3.6";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "minio"; owner = "minio";
repo = "minio-py"; repo = "minio-py";
rev = version; rev = version;
sha256 = "sha256-0N9hPjGGYHFyGzEWWDnW7KsPQtv0y/j/lCBLNC9IlpA="; sha256 = "sha256-dUNx6r7KppfeHefa1IeJPXSEMyElPk+RAGdn447ax1g=";
}; };
propagatedBuildInputs = [ propagatedBuildInputs = [

View File

@ -1,28 +1,40 @@
{ lib { lib
, buildPythonPackage , buildPythonPackage
, fetchFromGitHub , fetchFromGitHub
, pytestCheckHook
, poetry-core , poetry-core
, urllib3 , pytestCheckHook
, requests , requests
, urllib3
}: }:
buildPythonPackage rec { buildPythonPackage rec {
pname = "py-synologydsm-api"; pname = "py-synologydsm-api";
version = "1.0.4"; version = "1.0.5";
format = "pyproject"; format = "pyproject";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "mib1185"; owner = "mib1185";
repo = "synologydsm-api"; repo = "synologydsm-api";
rev = "v${version}"; rev = "v${version}";
sha256 = "1f9fbcp6dbh1c7q1cpppwggnw4m89w14cjdgl64f1bzv72rggpn1"; sha256 = "sha256-mm5N2RKn2KP2dV7+dw0sNWlCDT5X/fRmH8POQqJIoZY=";
}; };
nativeBuildInputs = [ poetry-core ]; nativeBuildInputs = [
propagatedBuildInputs = [ urllib3 requests ]; poetry-core
pythonImportsCheck = [ "synology_dsm" ]; ];
checkInputs = [ pytestCheckHook ];
propagatedBuildInputs = [
requests
urllib3
];
checkInputs = [
pytestCheckHook
];
pythonImportsCheck = [
"synology_dsm"
];
meta = with lib; { meta = with lib; {
description = "Python API for Synology DSM"; description = "Python API for Synology DSM";

View File

@ -0,0 +1,39 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, requests
, pythonOlder
}:
buildPythonPackage rec {
pname = "pylgnetcast";
version = "0.3.4";
format = "setuptools";
disabled = pythonOlder "3.6";
src = fetchFromGitHub {
owner = "Drafteed";
repo = "python-lgnetcast";
rev = "v${version}-1";
sha256 = "04bh5i4zchdg0lgwpic8wfbk77n225g71z55iin9r0083xbhd7bh";
};
propagatedBuildInputs = [
requests
];
# Project has no tests
doCheck = false;
pythonImportsCheck = [
"pylgnetcast"
];
meta = with lib; {
description = "Python API client for the LG Smart TV running NetCast 3 or 4";
homepage = "https://github.com/Drafteed/python-lgnetcast";
license = with licenses; [ mit ];
maintainers = with maintainers; [ fab ];
};
}

View File

@ -9,7 +9,7 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "pytradfri"; pname = "pytradfri";
version = "7.1.0"; version = "7.1.1";
disabled = pythonOlder "3.7"; disabled = pythonOlder "3.7";
@ -17,7 +17,7 @@ buildPythonPackage rec {
owner = "home-assistant-libs"; owner = "home-assistant-libs";
repo = "pytradfri"; repo = "pytradfri";
rev = version; rev = version;
sha256 = "sha256-r/qt06YPia8PYhwOeDXk0oK3YvEZ/1kN//+LXj34fmE="; sha256 = "sha256-rLpqCpvHTXv6SyT3SOv6oUrWnSDhMG5r+BmznlnNKwg=";
}; };
propagatedBuildInputs = [ propagatedBuildInputs = [

View File

@ -10,14 +10,14 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "pyvicare"; pname = "pyvicare";
version = "2.13.0"; version = "2.13.1";
disabled = pythonOlder "3.7"; disabled = pythonOlder "3.7";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "somm15"; owner = "somm15";
repo = "PyViCare"; repo = "PyViCare";
rev = version; rev = version;
sha256 = "sha256-v1twWyxd0nhXxvbRCbnH5TP736eeDYE5Nz62sf6HIcA="; sha256 = "sha256-L43aickagJolw+VTRX4ZwRcfOm9fMBZOimPx8jLPHhE=";
}; };
SETUPTOOLS_SCM_PRETEND_VERSION = version; SETUPTOOLS_SCM_PRETEND_VERSION = version;

View File

@ -1,16 +1,37 @@
{ lib, fetchPypi, buildPythonPackage }: { lib
, buildPythonPackage
, fetchFromGitHub
, pytestCheckHook
}:
buildPythonPackage rec { buildPythonPackage rec {
pname = "simpleeval"; pname = "simpleeval";
version = "0.9.10"; version = "0.9.11";
src = fetchPypi { format = "pyproject";
inherit pname version;
sha256 = "1skvl467kj83rzkhk01i0wm8m5vmh6j5znrfdizn6r18ii45a839"; src = fetchFromGitHub {
owner = "danthedeckie";
repo = pname;
rev = version;
sha256 = "111w76mahbf3lm2p72dkqp5fhwg7nvnwm4l078dgsgkixssjazi7";
}; };
meta = {
checkInputs = [
pytestCheckHook
];
pytestFlagsArray = [
"test_simpleeval.py"
];
pythonImportsCheck = [
"simpleeval"
];
meta = with lib; {
description = "Simple, safe single expression evaluator library";
homepage = "https://github.com/danthedeckie/simpleeval"; homepage = "https://github.com/danthedeckie/simpleeval";
description = "A simple, safe single expression evaluator library"; license = licenses.mit;
maintainers = with lib.maintainers; [ johbo ]; maintainers = with maintainers; [ johbo ];
license = lib.licenses.mit;
}; };
} }

View File

@ -8,7 +8,7 @@
buildPythonPackage rec { buildPythonPackage rec {
pname = "wakeonlan"; pname = "wakeonlan";
version = "2.0.1"; version = "2.1.0";
disabled = pythonOlder "3.6"; disabled = pythonOlder "3.6";
format = "pyproject"; format = "pyproject";
@ -16,7 +16,7 @@ buildPythonPackage rec {
owner = "remcohaszing"; owner = "remcohaszing";
repo = "pywakeonlan"; repo = "pywakeonlan";
rev = version; rev = version;
sha256 = "sha256-WgoL8ntfEaHcvVbJjdewe0wE31Lq7WBj8Bppeq1uJx8="; sha256 = "sha256-5ri4bXc0EMNntzmcUZYpRIfaXoex4s5M6psf/9ta17Y=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [
@ -27,12 +27,16 @@ buildPythonPackage rec {
pytestCheckHook pytestCheckHook
]; ];
pytestFlagsArray = [ "test_wakeonlan.py" ]; pytestFlagsArray = [
"test_wakeonlan.py"
];
pythonImportsCheck = [ "wakeonlan" ]; pythonImportsCheck = [
"wakeonlan"
];
meta = with lib; { meta = with lib; {
description = "A small python module for wake on lan"; description = "Python module for wake on lan";
homepage = "https://github.com/remcohaszing/pywakeonlan"; homepage = "https://github.com/remcohaszing/pywakeonlan";
license = licenses.mit; license = licenses.mit;
maintainers = with maintainers; [ peterhoeg ]; maintainers = with maintainers; [ peterhoeg ];

View File

@ -1,16 +1,16 @@
{ lib, buildGoPackage, fetchFromGitLab, fetchurl }: { lib, buildGoPackage, fetchFromGitLab, fetchurl }:
let let
version = "14.3.2"; version = "14.4.0";
# Gitlab runner embeds some docker images these are prebuilt for arm and x86_64 # Gitlab runner embeds some docker images these are prebuilt for arm and x86_64
docker_x86_64 = fetchurl { docker_x86_64 = fetchurl {
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.x86_64"; url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.x86_64";
sha256 = "0np2ijgrq6yg3r0744qlj9a9va7y996f7csfs4ajyfqq3vm7jz2g"; sha256 = "0cd0bcqfy2cwkhgj1d4mmn0xv4n5mmhyf2yv42ynvv0yr5xk75n0";
}; };
docker_arm = fetchurl { docker_arm = fetchurl {
url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.arm"; url = "https://gitlab-runner-downloads.s3.amazonaws.com/v${version}/binaries/gitlab-runner-helper/gitlab-runner-helper.arm";
sha256 = "0adjczad3y2f55i76pcp1q2kzdwqr04y59bslb9523s4dlav9jcd"; sha256 = "06dnxj1w1nnqkkxrbhz8p85g1afr49j8jizkf2g8j01dsk5b2gvi";
}; };
in in
buildGoPackage rec { buildGoPackage rec {
@ -29,7 +29,7 @@ buildGoPackage rec {
owner = "gitlab-org"; owner = "gitlab-org";
repo = "gitlab-runner"; repo = "gitlab-runner";
rev = "v${version}"; rev = "v${version}";
sha256 = "15mwyhr7a4b9vl7c0qz299qv91h3kcmf6d6p5vjjrm1phiy3bpgf"; sha256 = "07dvbair8fiska7ay4k4hbdwlkgyrq8hmxxwdzkhcpyc0faxqlly";
}; };
patches = [ ./fix-shell-path.patch ]; patches = [ ./fix-shell-path.patch ];

View File

@ -0,0 +1,28 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "metal-cli";
version = "0.6.0";
src = fetchFromGitHub {
owner = "equinix";
repo = pname;
rev = "v${version}";
sha256 = "sha256-dGeOFrsqhW0+aQyB4f6pvv4ZBawqKX2+WRskDWoLS7E=";
};
vendorSha256 = "sha256-ifSfeJjrZI1Hrsq64zAGBiLVc8GKvq+Ddg26gQooyTs=";
postInstall = ''
ln -s $out/bin/metal-cli $out/bin/metal
'';
doCheck = false;
meta = with lib; {
description = "Official Equinix Metal CLI";
homepage = "https://github.com/equinix/metal-cli/";
license = licenses.mit;
maintainers = with maintainers; [ Br1ght0ne nshalman ];
};
}

View File

@ -1,28 +0,0 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "packet-cli";
version = "0.5.0";
src = fetchFromGitHub {
owner = "packethost";
repo = pname;
rev = version;
sha256 = "0dlcx186l8kh6w3i4dvj7v90lhjkgvq1xkjb2vijy6399z41grw2";
};
vendorSha256 = "1y1c369gsaf5crkdvv5g8d9p2g5602x2gcj8zy1q3wjx9lwhl0i6";
postInstall = ''
ln -s $out/bin/packet-cli $out/bin/packet
'';
doCheck = false;
meta = with lib; {
description = "Official Packet CLI";
homepage = "https://github.com/packethost/packet-cli";
license = licenses.mit;
maintainers = with maintainers; [ Br1ght0ne nshalman ];
};
}

View File

@ -38,8 +38,8 @@ in ((vscode-utils.override { stdenv = gccStdenv; }).buildVscodeMarketplaceExtens
mktplcRef = { mktplcRef = {
name = "vsliveshare"; name = "vsliveshare";
publisher = "ms-vsliveshare"; publisher = "ms-vsliveshare";
version = "1.0.4836"; version = "1.0.5043";
sha256 = "7hK2ptNU2mQt3iTZgkrKU9ZTVN+m7VFmAlXHxkiPL+o="; sha256 = "OdFOFvidUV/trySHvF8iELPNVP2kq8+vZQ4q4Nf7SiQ=";
}; };
}).overrideAttrs({ nativeBuildInputs ? [], buildInputs ? [], ... }: { }).overrideAttrs({ nativeBuildInputs ? [], buildInputs ? [], ... }: {
nativeBuildInputs = nativeBuildInputs ++ [ nativeBuildInputs = nativeBuildInputs ++ [

View File

@ -452,7 +452,7 @@
"lastfm" = ps: with ps; [ pylast ]; "lastfm" = ps: with ps; [ pylast ];
"launch_library" = ps: with ps; [ ]; # missing inputs: pylaunches "launch_library" = ps: with ps; [ ]; # missing inputs: pylaunches
"lcn" = ps: with ps; [ pypck ]; "lcn" = ps: with ps; [ pypck ];
"lg_netcast" = ps: with ps; [ ]; # missing inputs: pylgnetcast "lg_netcast" = ps: with ps; [ pylgnetcast ];
"lg_soundbar" = ps: with ps; [ ]; # missing inputs: temescal "lg_soundbar" = ps: with ps; [ ]; # missing inputs: temescal
"life360" = ps: with ps; [ ]; # missing inputs: life360 "life360" = ps: with ps; [ ]; # missing inputs: life360
"lifx" = ps: with ps; [ aiolifx aiolifx-effects ]; "lifx" = ps: with ps; [ aiolifx aiolifx-effects ];

View File

@ -2,16 +2,16 @@
buildGoModule rec { buildGoModule rec {
pname = "trivy"; pname = "trivy";
version = "0.19.2"; version = "0.20.2";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "aquasecurity"; owner = "aquasecurity";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-aYPG0xvuijASKXBGgB+6UyF9bmeU8l5snOoPWI8Ewh8="; sha256 = "sha256-ittOVWsM+1IaILCLCJNOeLxRbRHiiMN4qgLTS9gxV0w=";
}; };
vendorSha256 = "sha256-4FO6/1eNyxy/CH7XMUkLfRqEg2+XUXL1gKleL6o4EoM="; vendorSha256 = "sha256-HrDj09gUJtkZhQ3nYfoj0K8+T62ib0CWAhhcuvg8cyc=";
excludedPackages = "misc"; excludedPackages = "misc";

View File

@ -1,5 +1,5 @@
{ lib, stdenv, fetchurl, dpkg, gawk, perl, wget, coreutils, util-linux { lib, stdenv, fetchurl, dpkg, gawk, perl, wget, coreutils, util-linux
, gnugrep, gnutar, gnused, gzip, makeWrapper }: , gnugrep, gnupg1, gnutar, gnused, gzip, makeWrapper }:
# USAGE like this: debootstrap sid /tmp/target-chroot-directory # USAGE like this: debootstrap sid /tmp/target-chroot-directory
# There is also cdebootstrap now. Is that easier to maintain? # There is also cdebootstrap now. Is that easier to maintain?
let binPath = lib.makeBinPath [ let binPath = lib.makeBinPath [
@ -7,6 +7,7 @@ let binPath = lib.makeBinPath [
dpkg dpkg
gawk gawk
gnugrep gnugrep
gnupg1
gnused gnused
gnutar gnutar
gzip gzip

View File

@ -6,13 +6,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "snapper"; pname = "snapper";
version = "0.9.0"; version = "0.9.1";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "openSUSE"; owner = "openSUSE";
repo = "snapper"; repo = "snapper";
rev = "v${version}"; rev = "v${version}";
sha256 = "1gx3ichbkdqlzl7w187vc3xpmr9prmnp7as0h6ympgigradj5c7g"; sha256 = "1ci5mdsph2n5cqad51zf4sank35yj741adsqy2gg7vqwxrhpm8mj";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

View File

@ -7,13 +7,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "mu"; pname = "mu";
version = "1.6.7"; version = "1.6.9";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "djcb"; owner = "djcb";
repo = "mu"; repo = "mu";
rev = version; rev = version;
sha256 = "bhZrottFT5NX43Iz1wFGYzaUSAgvgkhOwNHX6fjUs7M="; sha256 = "RoSj283fcllEbirZOScKRU4BKLoxgatDdL1qYZu+LEI=";
}; };
postPatch = lib.optionalString (batchSize != null) '' postPatch = lib.optionalString (batchSize != null) ''

View File

@ -9,16 +9,16 @@
rustPlatform.buildRustPackage rec { rustPlatform.buildRustPackage rec {
pname = "sn0int"; pname = "sn0int";
version = "0.22.0"; version = "0.23.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "kpcyrd"; owner = "kpcyrd";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-0BadgWZhP73WOVO18jtcdhsM0L7AM0TQ3PF7MNJM7M0="; sha256 = "sha256-DsDSGF43yEyYYduRHu4+VRrPZ89Ce1fwtDxit0x8Apo=";
}; };
cargoSha256 = "sha256-KYrJIOaFX2wTDj4KeHn3d8wBHfVevCKQK/bDglfLWAU="; cargoSha256 = "sha256-dXNIbngfwMVvLx4uSO6MWpSrZfUGhlggGvXHysYAJIE=";
nativeBuildInputs = [ nativeBuildInputs = [
pkg-config pkg-config

View File

@ -0,0 +1,33 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "snowcat";
version = "0.1.3";
src = fetchFromGitHub {
owner = "praetorian-inc";
repo = pname;
rev = "v${version}";
sha256 = "sha256-EulQYGOMIh952e4Xp13hT/HMW3qP1QXYtt5PEej1VTY=";
};
vendorSha256 = "sha256-D6ipwGMxT0B3uYUzg6Oo2TYnsOVBY0mYO5lC7vtVPc0=";
ldflags = [ "-s" "-w" ];
meta = with lib; {
homepage = "https://github.com/praetorian-inc/snowcat";
changelog = "https://github.com/praetorian-inc/snowcat/releases/tag/v${version}";
description = "A tool to audit the istio service mesh";
longDescription = ''
Snowcat gathers and analyzes the configuration of an Istio cluster and
audits it for potential violations of security best practices.
There are two main modes of operation for Snowcat. With no positional
argument, Snowcat will assume it is running inside of a cluster enabled
with Istio, and begin to enumerate the required data. Optionally, you can
point snowcat at a directory containing Kubernets YAML files.
'';
license = licenses.asl20;
maintainers = with maintainers; [ jk ];
};
}

View File

@ -620,6 +620,7 @@ mapAliases ({
owncloudclient = owncloud-client; # added 2016-08 owncloudclient = owncloud-client; # added 2016-08
ocz-ssd-guru = throw "ocz-ssd-guru has been removed due to there being no source available"; # added 2021-07-12 ocz-ssd-guru = throw "ocz-ssd-guru has been removed due to there being no source available"; # added 2021-07-12
p11_kit = p11-kit; # added 2018-02-25 p11_kit = p11-kit; # added 2018-02-25
packet-cli = metal-cli; # added 2021-10-25
paperless = paperless-ng; # added 2021-06-06 paperless = paperless-ng; # added 2021-06-06
parity = openethereum; # added 2020-08-01 parity = openethereum; # added 2020-08-01
parquet-cpp = arrow-cpp; # added 2018-09-08 parquet-cpp = arrow-cpp; # added 2018-09-08
@ -775,6 +776,7 @@ mapAliases ({
qt-3 = throw "qt-3 has been removed from nixpkgs, as it's unmaintained and insecure"; # added 2021-02-15 qt-3 = throw "qt-3 has been removed from nixpkgs, as it's unmaintained and insecure"; # added 2021-02-15
rfkill = throw "rfkill has been removed, as it's included in util-linux"; # added 2020-08-23 rfkill = throw "rfkill has been removed, as it's included in util-linux"; # added 2020-08-23
riak-cs = throw "riak-cs is not maintained anymore"; # added 2020-10-14 riak-cs = throw "riak-cs is not maintained anymore"; # added 2020-10-14
ring-daemon = jami-daemon; #added 2021-10-26
radare2-cutter = cutter; # added 2021-03-30 radare2-cutter = cutter; # added 2021-03-30
redkite = throw "redkite was archived by upstream"; # added 2021-04-12 redkite = throw "redkite was archived by upstream"; # added 2021-04-12
rkt = throw "rkt was archived by upstream"; # added 2020-05-16 rkt = throw "rkt was archived by upstream"; # added 2020-05-16

View File

@ -3483,6 +3483,8 @@ with pkgs;
snippetpixie = callPackage ../tools/text/snippetpixie { }; snippetpixie = callPackage ../tools/text/snippetpixie { };
snowcat = callPackage ../tools/security/snowcat { };
socklog = callPackage ../tools/system/socklog { }; socklog = callPackage ../tools/system/socklog { };
soju = callPackage ../applications/networking/soju { }; soju = callPackage ../applications/networking/soju { };
@ -27147,7 +27149,7 @@ with pkgs;
packet-sd = callPackage ../development/tools/packet-sd { }; packet-sd = callPackage ../development/tools/packet-sd { };
packet-cli = callPackage ../development/tools/packet-cli { }; metal-cli = callPackage ../development/tools/metal-cli { };
pb_cli = callPackage ../tools/misc/pb_cli {}; pb_cli = callPackage ../tools/misc/pb_cli {};

View File

@ -3730,6 +3730,8 @@ in {
inquirer = callPackage ../development/python-modules/inquirer { }; inquirer = callPackage ../development/python-modules/inquirer { };
insegel = callPackage ../development/python-modules/insegel { };
intake = callPackage ../development/python-modules/intake { }; intake = callPackage ../development/python-modules/intake { };
intake-parquet = callPackage ../development/python-modules/intake-parquet { }; intake-parquet = callPackage ../development/python-modules/intake-parquet { };
@ -6507,6 +6509,8 @@ in {
pylev = callPackage ../development/python-modules/pylev { }; pylev = callPackage ../development/python-modules/pylev { };
pylgnetcast = callPackage ../development/python-modules/pylgnetcast { };
pylibacl = callPackage ../development/python-modules/pylibacl { }; pylibacl = callPackage ../development/python-modules/pylibacl { };
pylibconfig2 = callPackage ../development/python-modules/pylibconfig2 { }; pylibconfig2 = callPackage ../development/python-modules/pylibconfig2 { };