nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-22 06:53:01 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge staging-next into staging

Browse Source
This commit is contained in:
github-actions[bot] 2024-09-23 00:14:52 +00:00 committed by GitHub
commit a468f6a433
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
162 changed files with 6158 additions and 1808 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/CODEOWNERS vendored
View File

@ -336,9 +336,6 @@ pkgs/by-name/fo/forgejo/ @adamcstephens @bendlas @emilylange
/pkgs/build-support/node/fetch-npm-deps @winterqt
/doc/languages-frameworks/javascript.section.md @winterqt
# environment.noXlibs option aka NoX
/nixos/modules/config/no-x-libs.nix @SuperSandro2000
# OCaml
/pkgs/build-support/ocaml @ulrikstrid
/pkgs/development/compilers/ocaml @ulrikstrid

6
maintainers/maintainer-list.nix
View File

@ -2757,6 +2757,12 @@
githubId = 10164833;
name = "Birk Bohne";
};
bjesus = {
email = "nixpkgs@yoavmoshe.com";
github = "bjesus";
githubId = 55081;
name = "Yo'av Moshe";
};
bjornfor = {
email = "bjorn.forsman@gmail.com";
github = "bjornfor";

0
maintainers/scripts/pluginupdate-py/__init__.py Normal file
View File

0
maintainers/scripts/pluginupdate.py → maintainers/scripts/pluginupdate-py/pluginupdate.py
View File

8
nixos/doc/manual/configuration/profiles/minimal.section.md
View File

@ -1,8 +1,6 @@
# Minimal {#sec-profile-minimal}
This profile defines a small NixOS configuration. It does not contain any
graphical stuff. It's a very short file that enables
[noXlibs](#opt-environment.noXlibs), sets
[](#opt-i18n.supportedLocales) to
only support the user-selected locale,
and [disables packages' documentation](#opt-documentation.enable).
graphical stuff. It's a very short file that sets [](#opt-i18n.supportedLocales)
to only support the user-selected locale, and
[disables packages' documentation](#opt-documentation.enable).

9
nixos/doc/manual/release-notes/rl-2411.section.md
View File

@ -54,7 +54,7 @@
- The [Xen Hypervisor](https://xenproject.org) is once again available as a virtualisation option under [`virtualisation.xen`](#opt-virtualisation.xen.enable).
- This release includes Xen [4.17.5](https://wiki.xenproject.org/wiki/Xen_Project_4.17_Release_Notes), [4.18.3](https://wiki.xenproject.org/wiki/Xen_Project_4.18_Release_Notes) and [4.19.0](https://wiki.xenproject.org/wiki/Xen_Project_4.19_Release_Notes), as well as support for booting the hypervisor on EFI systems.
::: {.warning}
Booting into Xen through a legacy BIOS bootloader or with the legacy script-based Stage 1 initrd have been **deprecated**. Only EFI booting and the new systemd-based Stage 1 initrd are supported.
Booting into Xen through a legacy BIOS bootloader or with the legacy script-based Stage 1 initrd have been **deprecated**. Only EFI booting and the new systemd-based Stage 1 initrd are supported.
:::
- There are two flavours of Xen available by default: `xen`, which includes all built-in components, and `xen-slim`, which replaces the built-in components with their Nixpkgs equivalents.
- The `qemu-xen-traditional` component has been deprecated by upstream Xen, and is no longer available in any of the Xen packages.
@ -151,6 +151,8 @@
- [ToDesk](https://www.todesk.com/linux.html), a remote desktop applicaton. Available as [services.todesk.enable](#opt-services.todesk.enable).
- [Dependency Track](https://dependencytrack.org/), an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain. Available as [services.dependency-track](option.html#opt-services.dependency-track).
## Backward Incompatibilities {#sec-release-24.11-incompatibilities}
- `transmission` package has been aliased with a `trace` warning to `transmission_3`. Since [Transmission 4 has been released last year](https://github.com/transmission/transmission/releases/tag/4.0.0), and Transmission 3 will eventually go away, it was decided perform this warning alias to make people aware of the new version. The `services.transmission.package` defaults to `transmission_3` as well because the upgrade can cause data loss in certain specific usage patterns (examples: [#5153](https://github.com/transmission/transmission/issues/5153), [#6796](https://github.com/transmission/transmission/issues/6796)). Please make sure to back up to your data directory per your usage:
@ -264,6 +266,9 @@
- `pkgs.nextcloud27` has been removed since it's EOL.
- The `environment.noXlibs` option has been removed. It was a common source of unexpected rebuilds and breakage that was often hard to diagnose.
If you need to disable certain libraries, you're encouraged to add your own overlay to your configuration that targets the packages you care about.
- `frigate` was updated past 0.14.0. This release includes various breaking changes, so please go read the [release notes](https://github.com/blakeblackshear/frigate/releases/tag/v0.14.0).
Most prominently access to the webinterface and API are now protected by authentication. Retrieve the auto-created
admin account from the `frigate.service` journal after upgrading.
@ -531,6 +536,8 @@
The derivation now installs "impl" headers selectively instead of by a wildcard.
Use `imgui.src` if you just want to access the unpacked sources.
- Linux 4.19 has been removed because it will reach its end of life within the lifespan of 24.11
- Unprivileged access to the kernel syslog via `dmesg` is now restricted by default. Users wanting to keep an
unrestricted access to it can set `boot.kernel.sysctl."kernel.dmesg_restrict" = false`.

91
nixos/modules/config/no-x-libs.nix
View File

@ -1,91 +0,0 @@
# This module gets rid of all dependencies on X11 client libraries
# (including fontconfig).
{ config, lib, ... }:
{
options = {
environment.noXlibs = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Switch off the options in the default configuration that
require X11 libraries. This includes client-side font
configuration and SSH forwarding of X11 authentication
in. Thus, you probably do not want to enable this option if
you want to run X11 programs on this machine via SSH.
'';
};
};
config = lib.mkIf config.environment.noXlibs {
programs.ssh.setXAuthLocation = false;
security.pam.services.su.forwardXAuth = lib.mkForce false;
fonts.fontconfig.enable = false;
nixpkgs.overlays = lib.singleton (lib.const (super: {
beam = super.beam_nox;
cairo = super.cairo.override { x11Support = false; };
dbus = super.dbus.override { x11Support = false; };
fastfetch = super.fastfetch.override { vulkanSupport = false; waylandSupport = false; x11Support = false; };
ffmpeg = super.ffmpeg.override { ffmpegVariant = "headless"; };
ffmpeg_4 = super.ffmpeg_4.override { ffmpegVariant = "headless"; };
ffmpeg_6 = super.ffmpeg_6.override { ffmpegVariant = "headless"; };
ffmpeg_7 = super.ffmpeg_7.override { ffmpegVariant = "headless"; };
# dep of graphviz, libXpm is optional for Xpm support
gd = super.gd.override { withXorg = false; };
ghostscript = super.ghostscript.override { cupsSupport = false; x11Support = false; };
gjs = (super.gjs.override { installTests = false; }).overrideAttrs { doCheck = false; }; # avoid test dependency on gtk3
gobject-introspection = super.gobject-introspection.override { x11Support = false; };
gpg-tui = super.gpg-tui.override { x11Support = false; };
gpsd = super.gpsd.override { guiSupport = false; };
graphviz = super.graphviz-nox;
gst_all_1 = super.gst_all_1 // {
gst-plugins-bad = super.gst_all_1.gst-plugins-bad.override { guiSupport = false; };
gst-plugins-base = super.gst_all_1.gst-plugins-base.override { enableGl = false; enableWayland = false; enableX11 = false; };
gst-plugins-good = super.gst_all_1.gst-plugins-good.override { enableWayland = false; enableX11 = false; gtkSupport = false; qt5Support = false; qt6Support = false; };
gst-plugins-rs = super.gst_all_1.gst-plugins-rs.override { withGtkPlugins = false; };
};
imagemagick = super.imagemagick.override { libX11Support = false; libXtSupport = false; };
imagemagickBig = super.imagemagickBig.override { libX11Support = false; libXtSupport = false; };
intel-vaapi-driver = super.intel-vaapi-driver.override { enableGui = false; };
libdevil = super.libdevil-nox;
libextractor = super.libextractor.override { gtkSupport = false; };
libplacebo = super.libplacebo.override { vulkanSupport = false; };
libva = super.libva-minimal;
limesuite = super.limesuite.override { withGui = false; };
mc = super.mc.override { x11Support = false; };
mpv-unwrapped = super.mpv-unwrapped.override { drmSupport = false; screenSaverSupport = false; sdl2Support = false; vulkanSupport = false; waylandSupport = false; x11Support = false; };
msmtp = super.msmtp.override { withKeyring = false; };
mupdf = super.mupdf.override { enableGL = false; enableX11 = false; };
neofetch = super.neofetch.override { x11Support = false; };
networkmanager-fortisslvpn = super.networkmanager-fortisslvpn.override { withGnome = false; };
networkmanager-iodine = super.networkmanager-iodine.override { withGnome = false; };
networkmanager-l2tp = super.networkmanager-l2tp.override { withGnome = false; };
networkmanager-openconnect = super.networkmanager-openconnect.override { withGnome = false; };
networkmanager-openvpn = super.networkmanager-openvpn.override { withGnome = false; };
networkmanager-sstp = super.networkmanager-vpnc.override { withGnome = false; };
networkmanager-vpnc = super.networkmanager-vpnc.override { withGnome = false; };
pango = super.pango.override { x11Support = false; };
pinentry-curses = super.pinentry-curses.override { withLibsecret = false; };
pinentry-tty = super.pinentry-tty.override { withLibsecret = false; };
pipewire = super.pipewire.override { vulkanSupport = false; x11Support = false; };
pythonPackagesExtensions = super.pythonPackagesExtensions ++ [
(python-final: python-prev: {
# tk feature requires wayland which fails to compile
matplotlib = python-prev.matplotlib.override { enableTk = false; };
})
];
qemu = super.qemu.override { gtkSupport = false; spiceSupport = false; sdlSupport = false; };
qrencode = super.qrencode.overrideAttrs (_: { doCheck = false; });
qt5 = super.qt5.overrideScope (lib.const (super': {
qtbase = super'.qtbase.override { withGtk3 = false; withQttranslation = false; };
}));
stoken = super.stoken.override { withGTK3 = false; };
# translateManpages -> perlPackages.po4a -> texlive-combined-basic -> texlive-core-big -> libX11
util-linux = super.util-linux.override { translateManpages = false; };
vim-full = super.vim-full.override { guiSupport = false; };
vte = super.vte.override { gtkVersion = null; };
zbar = super.zbar.override { enableVideo = false; withXorg = false; };
}));
};
}

2
nixos/modules/module-list.nix
View File

@ -20,7 +20,6 @@
./config/nix-channel.nix
./config/nix-flakes.nix
./config/nix-remote-build.nix
./config/no-x-libs.nix
./config/nsswitch.nix
./config/power-management.nix
./config/pulseaudio.nix
@ -1397,6 +1396,7 @@
./services/web-apps/crabfit.nix
./services/web-apps/davis.nix
./services/web-apps/cryptpad.nix
./services/web-apps/dependency-track.nix
./services/web-apps/dex.nix
./services/web-apps/discourse.nix
./services/web-apps/documize.nix

4
nixos/modules/profiles/minimal.nix
View File

@ -19,7 +19,7 @@ with lib;
# Perl is a default package.
environment.defaultPackages = mkDefault [ ];
environment.stub-ld.enable = false;
environment.stub-ld.enable = mkDefault false;
# The lessopen package pulls in Perl.
programs.less.lessopen = mkDefault null;
@ -29,6 +29,8 @@ with lib;
programs.command-not-found.enable = mkDefault false;
programs.ssh.setXAuthLocation = mkDefault false;
services.logrotate.enable = mkDefault false;
services.udisks2.enable = mkDefault false;

4
nixos/modules/rename.nix
View File

@ -21,6 +21,10 @@ in
# Completely removed modules
(mkRemovedOptionModule [ "environment" "blcr" "enable" ] "The BLCR module has been removed")
(mkRemovedOptionModule [ "environment" "noXlibs" ] ''
The environment.noXlibs option was removed, as it often caused surprising breakages for new users.
If you need its functionality, you can apply similar overlays in your own config.
'')
(mkRemovedOptionModule [ "fonts" "fontconfig" "penultimate" ] "The corresponding package has removed from nixpkgs.")
(mkRemovedOptionModule [ "hardware" "brightnessctl" ] ''
The brightnessctl module was removed because newer versions of

608
nixos/modules/services/web-apps/dependency-track.nix Normal file
View File

@ -0,0 +1,608 @@
{
config,
pkgs,
lib,
...
}:
let
cfg = config.services.dependency-track;
settingsFormat = pkgs.formats.javaProperties { };
frontendConfigFormat = pkgs.formats.json { };
frontendConfigFile = frontendConfigFormat.generate "config.json" {
API_BASE_URL = cfg.frontend.baseUrl;
OIDC_ISSUER = cfg.oidc.issuer;
OIDC_CLIENT_ID = cfg.oidc.clientId;
OIDC_SCOPE = cfg.oidc.scope;
OIDC_FLOW = cfg.oidc.flow;
OIDC_LOGIN_BUTTON_TEXT = cfg.oidc.loginButtonText;
};
sslEnabled =
config.services.nginx.virtualHosts.${cfg.nginx.domain}.addSSL
|| config.services.nginx.virtualHosts.${cfg.nginx.domain}.forceSSL
|| config.services.nginx.virtualHosts.${cfg.nginx.domain}.onlySSL
|| config.services.nginx.virtualHosts.${cfg.nginx.domain}.enableACME;
assertStringPath =
optionName: value:
if lib.isPath value then
throw ''
services.dependency-track.${optionName}:
${toString value}
is a Nix path, but should be a string, since Nix
paths are copied into the world-readable Nix store.
''
else
value;
filterNull = lib.filterAttrs (_: v: v != null);
renderSettings =
settings:
lib.mapAttrs' (
n: v:
lib.nameValuePair (lib.toUpper (lib.replaceStrings [ "." ] [ "_" ] n)) (
if lib.isBool v then lib.boolToString v else v
)
) (filterNull settings);
in
{
options.services.dependency-track = {
enable = lib.mkEnableOption "dependency-track";
package = lib.mkPackageOption pkgs "dependency-track" { };
logLevel = lib.mkOption {
type = lib.types.enum [
"INFO"
"WARN"
"ERROR"
"DEBUG"
"TRACE"
];
default = "INFO";
description = "Log level for dependency-track";
};
port = lib.mkOption {
type = lib.types.port;
default = 8080;
description = ''
On which port dependency-track should listen for new HTTP connections.
'';
};
javaArgs = lib.mkOption {
type = lib.types.listOf lib.types.str;
default = [ "-Xmx4G" ];
description = "Java options passed to JVM";
};
database = {
type = lib.mkOption {
type = lib.types.enum [
"h2"
"postgresql"
"manual"
];
default = "postgresql";
description = ''
`h2` database is not recommended for a production setup.
`postgresql` this settings it recommended for production setups.
`manual` the module doesn't handle database settings.
'';
};
createLocally = lib.mkOption {
type = lib.types.bool;
default = true;
description = ''
Whether a database should be automatically created on the
local host. Set this to false if you plan on provisioning a
local database yourself.
'';
};
databaseName = lib.mkOption {
type = lib.types.str;
default = "dependency-track";
description = ''
Database name to use when connecting to an external or
manually provisioned database; has no effect when a local
database is automatically provisioned.
To use this with a local database, set {option}`services.dependency-track.database.createLocally`
to `false` and create the database and user.
'';
};
username = lib.mkOption {
type = lib.types.str;
default = "dependency-track";
description = ''
Username to use when connecting to an external or manually
provisioned database; has no effect when a local database is
automatically provisioned.
To use this with a local database, set {option}`services.dependency-track.database.createLocally`
to `false` and create the database and user.
'';
};
passwordFile = lib.mkOption {
type = lib.types.path;
example = "/run/keys/db_password";
apply = assertStringPath "passwordFile";
description = ''
The path to a file containing the database password.
'';
};
};
ldap.bindPasswordFile = lib.mkOption {
type = lib.types.path;
example = "/run/keys/ldap_bind_password";
apply = assertStringPath "bindPasswordFile";
description = ''
The path to a file containing the LDAP bind password.
'';
};
frontend = {
baseUrl = lib.mkOption {
type = lib.types.str;
default = lib.optionalString cfg.nginx.enable "${
if sslEnabled then "https" else "http"
}://${cfg.nginx.domain}";
defaultText = lib.literalExpression ''
lib.optionalString config.services.dependency-track.nginx.enable "''${
if sslEnabled then "https" else "http"
}://''${config.services.dependency-track.nginx.domain}";
'';
description = ''
The base URL of the API server.
NOTE:
* This URL must be reachable by the browsers of your users.
* The frontend container itself does NOT communicate with the API server directly, it just serves static files.
* When deploying to dedicated servers, please use the external IP or domain of the API server.
'';
};
};
oidc = {
enable = lib.mkEnableOption "oidc support";
issuer = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
Defines the issuer URL to be used for OpenID Connect.
See alpine.oidc.issuer property of the API server.
'';
};
clientId = lib.mkOption {
type = lib.types.str;
default = "";
description = ''
Defines the client ID for OpenID Connect.
'';
};
scope = lib.mkOption {
type = lib.types.str;
default = "openid profile email";
description = ''
Defines the scopes to request for OpenID Connect.
See also: https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
'';
};
flow = lib.mkOption {
type = lib.types.enum [
"code"
"implicit"
];
default = "code";
description = ''
Specifies the OpenID Connect flow to use.
Values other than "implicit" will result in the Code+PKCE flow to be used.
Usage of the implicit flow is strongly discouraged, but may be necessary when
the IdP of choice does not support the Code+PKCE flow.
See also:
- https://oauth.net/2/grant-types/implicit/
- https://oauth.net/2/pkce/
'';
};
loginButtonText = lib.mkOption {
type = lib.types.str;
default = "Login with OpenID Connect";
description = ''
Defines the scopes to request for OpenID Connect.
See also: https://openid.net/specs/openid-connect-basic-1_0.html#Scopes
'';
};
usernameClaim = lib.mkOption {
type = lib.types.str;
default = "name";
example = "preferred_username";
description = ''
Defines the name of the claim that contains the username in the provider's userinfo endpoint.
Common claims are "name", "username", "preferred_username" or "nickname".
See also: https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
'';
};
userProvisioning = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
Specifies if mapped OpenID Connect accounts are automatically created upon successful
authentication. When a user logs in with a valid access token but an account has
not been previously provisioned, an authentication failure will be returned.
This allows admins to control specifically which OpenID Connect users can access the
system and which users cannot. When this value is set to true, a local OpenID Connect
user will be created and mapped to the OpenID Connect account automatically. This
automatic provisioning only affects authentication, not authorization.
'';
};
teamSynchronization = lib.mkOption {
type = lib.types.bool;
default = false;
example = true;
description = ''
This option will ensure that team memberships for OpenID Connect users are dynamic and
synchronized with membership of OpenID Connect groups or assigned roles. When a team is
mapped to an OpenID Connect group, all local OpenID Connect users will automatically be
assigned to the team if they are a member of the group the team is mapped to. If the user
is later removed from the OpenID Connect group, they will also be removed from the team. This
option provides the ability to dynamically control user permissions via the identity provider.
Note that team synchronization is only performed during user provisioning and after successful
authentication.
'';
};
teams = {
claim = lib.mkOption {
type = lib.types.str;
default = "groups";
description = ''
Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint.
The claim must be an array of strings. Most public identity providers do not support group or role management.
When using a customizable / on-demand hosted identity provider, name, content, and inclusion in the userinfo endpoint
will most likely need to be configured.
'';
};
default = lib.mkOption {
type = lib.types.nullOr lib.types.commas;
default = null;
description = ''
Defines one or more team names that auto-provisioned OIDC users shall be added to.
Multiple team names may be provided as comma-separated list.
Has no effect when {option}`services.dependency-track.oidc.userProvisioning`=false,
or {option}`services.dependency-track.oidc.teamSynchronization`=true.
'';
};
};
};
nginx = {
enable = lib.mkOption {
type = lib.types.bool;
default = true;
example = false;
description = ''
Whether to set up an nginx virtual host.
'';
};
domain = lib.mkOption {
type = lib.types.str;
example = "dtrack.example.com";
description = ''
The domain name under which to set up the virtual host.
'';
};
};
settings = lib.mkOption {
type = lib.types.submodule {
freeformType = settingsFormat.type;
options = {
"alpine.data.directory" = lib.mkOption {
type = lib.types.path;
default = "/var/lib/dependency-track";
description = ''
Defines the path to the data directory. This directory will hold logs, keys,
and any database or index files along with application-specific files or
directories.
'';
};
"alpine.database.mode" = lib.mkOption {
type = lib.types.enum [
"server"
"embedded"
"external"
];
default =
if cfg.database.type == "h2" then
"embedded"
else if cfg.database.type == "postgresql" then
"external"
else
null;
defaultText = lib.literalExpression ''
if config.services.dependency-track.database.type == "h2" then "embedded"
else if config.services.dependency-track.database.type == "postgresql" then "external"
else null
'';
description = ''
Defines the database mode of operation. Valid choices are:
'server', 'embedded', and 'external'.
In server mode, the database will listen for connections from remote hosts.
In embedded mode, the system will be more secure and slightly faster.
External mode should be used when utilizing an external database server
(i.e. mysql, postgresql, etc).
'';
};
"alpine.database.url" = lib.mkOption {
type = lib.types.str;
default =
if cfg.database.type == "h2" then
"jdbc:h2:/var/lib/dependency-track/db"
else if cfg.database.type == "postgresql" then
"jdbc:postgresql:${cfg.database.databaseName}?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg=/run/postgresql/.s.PGSQL.5432"
else
null;
defaultText = lib.literalExpression ''
if config.services.dependency-track.database.type == "h2" then "jdbc:h2:/var/lib/dependency-track/db"
else if config.services.dependency-track.database.type == "postgresql" then "jdbc:postgresql:''${config.services.dependency-track.database.name}?socketFactory=org.newsclub.net.unix.AFUNIXSocketFactory$FactoryArg&socketFactoryArg=/run/postgresql/.s.PGSQL.5432"
else null
'';
description = "Specifies the JDBC URL to use when connecting to the database.";
};
"alpine.database.driver" = lib.mkOption {
type = lib.types.enum [
"org.h2.Driver"
"org.postgresql.Driver"
"com.microsoft.sqlserver.jdbc.SQLServerDriver"
"com.mysql.cj.jdbc.Driver"
];
default =
if cfg.database.type == "h2" then
"org.h2.Driver"
else if cfg.database.type == "postgresql" then
"org.postgresql.Driver"
else
null;
defaultText = lib.literalExpression ''
if config.services.dependency-track.database.type == "h2" then "org.h2.Driver"
else if config.services.dependency-track.database.type == "postgresql" then "org.postgresql.Driver"
else null;
'';
description = "Specifies the JDBC driver class to use.";
};
"alpine.database.username" = lib.mkOption {
type = lib.types.str;
default = if cfg.database.createLocally then "dependency-track" else cfg.database.username;
defaultText = lib.literalExpression ''
if config.services.dependency-track.database.createLocally then "dependency-track"
else config.services.dependency-track.database.username
'';
description = "Specifies the username to use when authenticating to the database.";
};
"alpine.ldap.enabled" = lib.mkOption {
type = lib.types.bool;
default = false;
description = ''
Defines if LDAP will be used for user authentication. If enabled,
alpine.ldap.* properties should be set accordingly.
'';
};
"alpine.oidc.enabled" = lib.mkOption {
type = lib.types.bool;
default = cfg.oidc.enable;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.enable";
description = ''
Defines if OpenID Connect will be used for user authentication.
If enabled, alpine.oidc.* properties should be set accordingly.
'';
};
"alpine.oidc.client.id" = lib.mkOption {
type = lib.types.str;
default = cfg.oidc.clientId;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.clientId";
description = ''
Defines the client ID to be used for OpenID Connect.
The client ID should be the same as the one configured for the frontend,
and will only be used to validate ID tokens.
'';
};
"alpine.oidc.issuer" = lib.mkOption {
type = lib.types.str;
default = cfg.oidc.issuer;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.issuer";
description = ''
Defines the issuer URL to be used for OpenID Connect.
This issuer MUST support provider configuration via the /.well-known/openid-configuration endpoint.
See also:
- https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata
- https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
'';
};
"alpine.oidc.username.claim" = lib.mkOption {
type = lib.types.str;
default = cfg.oidc.usernameClaim;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.usernameClaim";
description = ''
Defines the name of the claim that contains the username in the provider's userinfo endpoint.
Common claims are "name", "username", "preferred_username" or "nickname".
See also: https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
'';
};
"alpine.oidc.user.provisioning" = lib.mkOption {
type = lib.types.bool;
default = cfg.oidc.userProvisioning;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.userProvisioning";
description = ''
Specifies if mapped OpenID Connect accounts are automatically created upon successful
authentication. When a user logs in with a valid access token but an account has
not been previously provisioned, an authentication failure will be returned.
This allows admins to control specifically which OpenID Connect users can access the
system and which users cannot. When this value is set to true, a local OpenID Connect
user will be created and mapped to the OpenID Connect account automatically. This
automatic provisioning only affects authentication, not authorization.
'';
};
"alpine.oidc.team.synchronization" = lib.mkOption {
type = lib.types.bool;
default = cfg.oidc.teamSynchronization;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.teamSynchronization";
description = ''
This option will ensure that team memberships for OpenID Connect users are dynamic and
synchronized with membership of OpenID Connect groups or assigned roles. When a team is
mapped to an OpenID Connect group, all local OpenID Connect users will automatically be
assigned to the team if they are a member of the group the team is mapped to. If the user
is later removed from the OpenID Connect group, they will also be removed from the team. This
option provides the ability to dynamically control user permissions via the identity provider.
Note that team synchronization is only performed during user provisioning and after successful
authentication.
'';
};
"alpine.oidc.teams.claim" = lib.mkOption {
type = lib.types.str;
default = cfg.oidc.teams.claim;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.teams.claim";
description = ''
Defines the name of the claim that contains group memberships or role assignments in the provider's userinfo endpoint.
The claim must be an array of strings. Most public identity providers do not support group or role management.
When using a customizable / on-demand hosted identity provider, name, content, and inclusion in the userinfo endpoint
will most likely need to be configured.
'';
};
"alpine.oidc.teams.default" = lib.mkOption {
type = lib.types.nullOr lib.types.commas;
default = cfg.oidc.teams.default;
defaultText = lib.literalExpression "config.services.dependency-track.oidc.teams.default";
description = ''
Defines one or more team names that auto-provisioned OIDC users shall be added to.
Multiple team names may be provided as comma-separated list.
Has no effect when {option}`services.dependency-track.oidc.userProvisioning`=false,
or {option}`services.dependency-track.oidc.teamSynchronization`=true.
'';
};
};
};
default = { };
description = "See https://docs.dependencytrack.org/getting-started/configuration/#default-configuration for possible options";
};
};
config = lib.mkIf cfg.enable {
services.nginx = lib.mkIf cfg.nginx.enable {
enable = true;
recommendedGzipSettings = lib.mkDefault true;
recommendedOptimisation = lib.mkDefault true;
recommendedProxySettings = lib.mkDefault true;
recommendedTlsSettings = lib.mkDefault true;
upstreams.dependency-track.servers."localhost:${toString cfg.port}" = { };
virtualHosts.${cfg.nginx.domain} = {
locations = {
"/".proxyPass = "http://dependency-track";
"= /static/config.json".alias = frontendConfigFile;
};
};
};
systemd.services.dependency-track-postgresql-init = lib.mkIf cfg.database.createLocally {
after = [ "postgresql.service" ];
before = [ "dependency-track.service" ];
bindsTo = [ "postgresql.service" ];
path = [ config.services.postgresql.package ];
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "postgres";
Group = "postgres";
LoadCredential = [ "db_password:${cfg.database.passwordFile}" ];
PrivateTmp = true;
};
script = ''
set -eou pipefail
shopt -s inherit_errexit
# Read the password from the credentials directory and
# escape any single quotes by adding additional single
# quotes after them, following the rules laid out here:
# https://www.postgresql.org/docs/current/sql-syntax-lexical.html#SQL-SYNTAX-CONSTANTS
db_password="$(<"$CREDENTIALS_DIRECTORY/db_password")"
db_password="''${db_password//\'/\'\'}"
echo "CREATE ROLE \"dependency-track\" WITH LOGIN PASSWORD '$db_password' CREATEDB" > /tmp/create_role.sql
psql -tAc "SELECT 1 FROM pg_roles WHERE rolname='dependency-track'" | grep -q 1 || psql -tA --file="/tmp/create_role.sql"
psql -tAc "SELECT 1 FROM pg_database WHERE datname = 'dependency-track'" | grep -q 1 || psql -tAc 'CREATE DATABASE "dependency-track" OWNER "dependency-track"'
'';
};
services.postgresql.enable = lib.mkIf cfg.database.createLocally (lib.mkDefault true);
systemd.services."dependency-track" =
let
databaseServices =
if cfg.database.createLocally then
[
"dependency-track-postgresql-init.service"
"postgresql.service"
]
else
[ ];
in
{
description = "Dependency Track";
wantedBy = [ "multi-user.target" ];
requires = databaseServices;
after = databaseServices;
# provide settings via env vars to allow overriding default settings.
environment = {
HOME = "%S/dependency-track";
} // renderSettings cfg.settings;
serviceConfig = {
User = "dependency-track";
Group = "dependency-track";
DynamicUser = true;
StateDirectory = "dependency-track";
LoadCredential =
[ "db_password:${cfg.database.passwordFile}" ]
++ lib.optional cfg.settings."alpine.ldap.enabled"
"ldap_bind_password:${cfg.ldap.bindPasswordFile}";
};
script = ''
set -eou pipefail
shopt -s inherit_errexit
export ALPINE_DATABASE_PASSWORD_FILE="$CREDENTIALS_DIRECTORY/db_password"
${lib.optionalString cfg.settings."alpine.ldap.enabled" ''
export ALPINE_LDAP_BIND_PASSWORD="$(<"$CREDENTIALS_DIRECTORY/ldap_bind_password")"
''}
exec ${lib.getExe pkgs.jre_headless} ${
lib.escapeShellArgs (
cfg.javaArgs
++ [
"-DdependencyTrack.logging.level=${cfg.logLevel}"
"-jar"
"${cfg.package}/share/dependency-track/dependency-track.jar"
"-port"
"${toString cfg.port}"
]
)
}
'';
};
};
meta = {
maintainers = lib.teams.cyberus.members;
};
}

12
nixos/modules/services/web-servers/darkhttpd.nix
View File

@ -1,11 +1,11 @@
{ config, lib, pkgs, ... }:
with lib;
let
inherit (lib) mkIf mkOption optional;
inherit (lib.types) path bool listOf str port;
cfg = config.services.darkhttpd;
args = concatStringsSep " " ([
args = lib.concatStringsSep " " ([
cfg.rootDir
"--port ${toString cfg.port}"
"--addr ${cfg.address}"
@ -14,12 +14,12 @@ let
++ optional config.networking.enableIPv6 "--ipv6");
in {
options.services.darkhttpd = with types; {
enable = mkEnableOption "DarkHTTPd web server";
options.services.darkhttpd = {
enable = lib.mkEnableOption "DarkHTTPd web server";
port = mkOption {
default = 80;
type = types.port;
type = port;
description = ''
Port to listen on.
Pass 0 to let the system choose any free port for you.

1
nixos/tests/all-tests.nix
View File

@ -255,6 +255,7 @@ in {
deepin = handleTest ./deepin.nix {};
deluge = handleTest ./deluge.nix {};
dendrite = handleTest ./matrix/dendrite.nix {};
dependency-track = handleTest ./dependency-track.nix {};
devpi-server = handleTest ./devpi-server.nix {};
dex-oidc = handleTest ./dex-oidc.nix {};
dhparams = handleTest ./dhparams.nix {};

65
nixos/tests/dependency-track.nix Normal file
View File

@ -0,0 +1,65 @@
import ./make-test-python.nix (
{ pkgs, ... }:
let
dependencyTrackPort = 8081;
in
{
name = "dependency-track";
meta = {
maintainers = pkgs.lib.teams.cyberus.members;
};
nodes = {
server =
{ pkgs, ... }:
{
virtualisation = {
cores = 2;
diskSize = 4096;
};
environment.systemPackages = with pkgs; [ curl ];
systemd.services.dependency-track = {
# source: https://github.com/DependencyTrack/dependency-track/blob/37e0ba59e8057c18a87a7a76e247a8f75677a56c/dev/scripts/data-nist-generate-dummy.sh
preStart = ''
set -euo pipefail
NIST_DIR="$HOME/.dependency-track/nist"
rm -rf "$NIST_DIR"
mkdir -p "$NIST_DIR"
for feed in $(seq "2024" "2002"); do
touch "$NIST_DIR/nvdcve-1.1-$feed.json.gz"
echo "9999999999999" > "$NIST_DIR/nvdcve-1.1-$feed.json.gz.ts"
done
'';
};
services.dependency-track = {
enable = true;
port = dependencyTrackPort;
nginx.domain = "localhost";
database.passwordFile = "${pkgs.writeText "dbPassword" ''hunter2'THE'''H''''E''}";
};
};
};
testScript = ''
import json
start_all()
server.wait_for_unit("dependency-track.service")
server.wait_until_succeeds(
"journalctl -o cat -u dependency-track.service | grep 'Dependency-Track is ready'"
)
server.wait_for_open_port(${toString dependencyTrackPort})
with subtest("version api returns correct version"):
version = json.loads(
server.succeed("curl http://localhost/api/version")
)
assert version["version"] == "${pkgs.dependency-track.version}"
'';
}
)

1
nixos/tests/kernel-generic.nix
View File

@ -25,7 +25,6 @@ let
}) args);
kernels = pkgs.linuxKernel.vanillaPackages // {
inherit (pkgs.linuxKernel.packages)
linux_4_19_hardened
linux_5_4_hardened
linux_5_10_hardened
linux_5_15_hardened

4
pkgs/applications/audio/carla/default.nix
View File

@ -26,13 +26,13 @@ assert withQt -> wrapQtAppsHook != null;
stdenv.mkDerivation (finalAttrs: {
pname = "carla";
version = "2.5.8";
version = "2.5.9";
src = fetchFromGitHub {
owner = "falkTX";
repo = "carla";
rev = "v${finalAttrs.version}";
hash = "sha256-H15T/z/IRfgWdqToTzq2eJ7q3n9Kj44IZXsd4uaipuU=";
hash = "sha256-FM/6TtNhDml1V9C5VisjLcZ3CzXsuwCZrsoz4yP3kI8=";
};
nativeBuildInputs = [

10
pkgs/applications/editors/neovim/build-neovim-plugin.nix
View File

@ -11,13 +11,15 @@ in
# function to create vim plugin from lua packages that are already packaged in
# luaPackages
{
# the lua attribute name that matches this vim plugin. Both should be equal
# in the majority of cases but we make it possible to have different attribute names
luaAttr ? (normalizeName attrs.pname)
# the lua derivation to convert into a neovim plugin
luaAttr ? (lua.pkgs.${normalizeName attrs.pname})
, ...
}@attrs:
let
originalLuaDrv = lua.pkgs.${luaAttr};
originalLuaDrv = if (lib.typeOf luaAttr == "string") then
lib.warn "luaAttr as string is deprecated since September 2024. Pass a lua derivation directly ( e.g., `buildNeovimPlugin { luaAttr = lua.pkgs.plenary-nvim; }`)" lua.pkgs.${normalizeName luaAttr}
else luaAttr;
luaDrv = originalLuaDrv.overrideAttrs (oa: {
version = attrs.version or oa.version;

4
pkgs/applications/editors/vim/plugins/default.nix
View File

@ -1,7 +1,7 @@
# TODO check that no license information gets lost
{ callPackage, config, lib, vimUtils, vim, darwin, llvmPackages
, neovim-unwrapped
, neovimUtils
, luaPackages
}:
let
@ -27,7 +27,7 @@ let
overrides = callPackage ./overrides.nix {
inherit (darwin.apple_sdk.frameworks) Cocoa CoreFoundation CoreServices;
inherit buildVimPlugin;
inherit llvmPackages luaPackages;
inherit llvmPackages;
};
aliases = if config.allowAliases then (import ./aliases.nix lib) else final: prev: {};

33
pkgs/applications/editors/vim/plugins/overrides.nix
View File

@ -36,6 +36,7 @@
, languagetool
, llvmPackages
, meson
, neovim-unwrapped
, nim1
, nodePackages
, openscad
@ -129,10 +130,12 @@
, # hurl dependencies
hurl
, # must be lua51Packages
luaPackages
, luajitPackages
luajitPackages
,
}: self: super:
let
luaPackages = neovim-unwrapped.lua.pkgs;
in
{
alpha-nvim = super.alpha-nvim.overrideAttrs {
dependencies = [
@ -452,12 +455,12 @@
codesnap-nvim =
let
version = "1.6.0";
version = "1.6.1";
src = fetchFromGitHub {
owner = "mistricky";
repo = "codesnap.nvim";
rev = "refs/tags/v${version}";
hash = "sha256-3z0poNmS6LOS7/qGTBhvz1Q9WpYC7Wu4rNvHsUXB5ZY=";
hash = "sha256-OmSgrTYDtNb2plMyzjVvxGrfXB/lGKDpUQhpRqKfAMA=";
};
codesnap-lib = rustPlatform.buildRustPackage {
pname = "codesnap-lib";
@ -465,7 +468,7 @@
sourceRoot = "${src.name}/generator";
cargoHash = "sha256-u0NvChN50LIxUhmsT4mvWs5xB/TwJkMabggFePA/b1E=";
cargoHash = "sha256-6n37n8oHIHrz3S1+40nuD0Ud3l0iNgXig1ZwrgsnYTI=";
nativeBuildInputs = [
pkg-config
@ -915,7 +918,7 @@
dependencies = with self; [ nvim-treesitter ];
};
haskell-tools-nvim = neovimUtils.buildNeovimPlugin { luaAttr = "haskell-tools-nvim"; };
haskell-tools-nvim = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.haskell-tools-nvim; };
hex-nvim = super.hex-nvim.overrideAttrs {
postPatch = ''
@ -1058,7 +1061,7 @@
};
lsp-progress-nvim = neovimUtils.buildNeovimPlugin {
luaAttr = "lsp-progress-nvim";
luaAttr = luaPackages.lsp-progress-nvim;
nvimRequireCheck = "lsp-progress";
};
@ -1066,11 +1069,11 @@
dependencies = with self; [ luaPackages.jsregexp ];
};
lz-n = neovimUtils.buildNeovimPlugin { luaAttr = "lz-n"; };
lz-n = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.lz-n; };
lze = neovimUtils.buildNeovimPlugin { luaAttr = "lze"; };
lze = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.lze; };
lzn-auto-require = neovimUtils.buildNeovimPlugin { luaAttr = "lzn-auto-require"; };
lzn-auto-require = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.lzn-auto-require; };
magma-nvim-goose = buildVimPlugin {
pname = "magma-nvim-goose";
@ -1146,7 +1149,7 @@
};
middleclass = neovimUtils.buildNeovimPlugin {
luaAttr = "middleclass";
luaAttr = luaPackages.middleclass;
nvimRequireCheck = "middleclass";
};
@ -1506,17 +1509,17 @@
];
};
rocks-nvim = neovimUtils.buildNeovimPlugin { luaAttr = "rocks-nvim"; };
rocks-nvim = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.rocks-nvim; };
rocks-config-nvim = neovimUtils.buildNeovimPlugin { luaAttr = "rocks-config-nvim"; };
rocks-config-nvim = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.rocks-config-nvim; };
roslyn-nvim = super.roslyn-nvim.overrideAttrs {
dependencies = with self; [ nvim-lspconfig ];
};
rtp-nvim = neovimUtils.buildNeovimPlugin { luaAttr = "rtp-nvim"; };
rtp-nvim = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.rtp-nvim; };
rustaceanvim = neovimUtils.buildNeovimPlugin { luaAttr = "rustaceanvim"; };
rustaceanvim = neovimUtils.buildNeovimPlugin { luaAttr = luaPackages.rustaceanvim; };
sg-nvim = super.sg-nvim.overrideAttrs (old:
let

4
pkgs/applications/editors/vim/plugins/updater.nix
View File

@ -33,12 +33,12 @@ buildPythonApplication {
# wrap python scripts
makeWrapperArgs+=( --prefix PATH : "${lib.makeBinPath [
nix nix-prefetch-git neovim-unwrapped nurl ]}" --prefix PYTHONPATH : "${./.}:${../../../../../maintainers/scripts}" )
nix nix-prefetch-git neovim-unwrapped nurl ]}" --prefix PYTHONPATH : "${./.}:${../../../../../maintainers/scripts/pluginupdate-py}" )
wrapPythonPrograms
'';
shellHook = ''
export PYTHONPATH=pkgs/applications/editors/vim/plugins:maintainers/scripts:$PYTHONPATH
export PYTHONPATH=pkgs/applications/editors/vim/plugins:maintainers/scripts/pluginupdate-py:$PYTHONPATH
'';
meta.mainProgram = "vim-plugins-updater";

4
pkgs/applications/emulators/vbam/default.nix
View File

@ -19,12 +19,12 @@
stdenv.mkDerivation rec {
pname = "visualboyadvance-m";
version = "2.1.10";
version = "2.1.11";
src = fetchFromGitHub {
owner = "visualboyadvance-m";
repo = "visualboyadvance-m";
rev = "v${version}";
sha256 = "sha256-ca+BKedHuOwHOCXgjLkkpR6Pd+59X2R66dbPWEg2O5A=";
sha256 = "sha256-OtJ632H449kPRY1i4Ydlcc1tgG00Mv622KrCyJ80OF4=";
};
nativeBuildInputs = [ cmake pkg-config wrapGAppsHook3 ];

4
pkgs/applications/graphics/geeqie/default.nix
View File

@ -9,13 +9,13 @@
stdenv.mkDerivation rec {
pname = "geeqie";
version = "2.4";
version = "2.5";
src = fetchFromGitHub {
owner = "BestImageViewer";
repo = "geeqie";
rev = "v${version}";
hash = "sha256-MVBKaiKcKknU0rChUYJ+N4oX4tVm145s+NqGQuDHY2g=";
hash = "sha256-k2FXj2ZKZzB5XpCcWzEv7Q1ozATfU3221XKcOFdWOGU=";
};
patches = [

4
pkgs/applications/misc/lunatask/default.nix
View File

@ -1,12 +1,12 @@
{ lib, appimageTools, fetchurl }:
let
version = "2.0.4";
version = "2.0.9";
pname = "lunatask";
src = fetchurl {
url = "https://lunatask.app/download/Lunatask-${version}.AppImage";
sha256 = "sha256-U+yelFSulAhgsn5xt45mxC7qGpQwmb3m3lt9nEW6MHU=";
sha256 = "sha256-tV3giMBF3DN8Aop1B1D7pGp3HYPMQlcZ52JrOhxFrEE=";
};
appimageContents = appimageTools.extractType2 {

6
pkgs/applications/networking/cluster/kubelogin-oidc/default.nix
View File

@ -2,18 +2,18 @@
buildGoModule rec {
pname = "kubelogin";
version = "1.29.0";
version = "1.30.0";
src = fetchFromGitHub {
owner = "int128";
repo = pname;
rev = "v${version}";
sha256 = "sha256-fGCllV07YustUIX1XiSvsC42obDOgl2yV5ruQMT2R0c=";
sha256 = "sha256-DHg46t0gMypK6Nj428gpOMtPuA+XcW4IJU39CHTVGPw=";
};
subPackages = ["."];
vendorHash = "sha256-wtxSoRSpmRwuIOdKGmCRR+QLwOvONiiltg6KL6t2cf8=";
vendorHash = "sha256-gr+SsC7MiLj/MZ8kca5Hcfge+7Pm4y963TfwyKHEhBY=";
# Rename the binary instead of symlinking to avoid conflict with the
# Azure version of kubelogin

6
pkgs/applications/networking/cluster/nixops/default.nix
View File

@ -19,13 +19,13 @@ let
};
plugins = ps: _super: with ps; rec {
nixops-aws = callPackage ./plugins/nixops-aws.nix { };
nixops-digitalocean = callPackage ./plugins/nixops-digitalocean.nix { };
nixops-encrypted-links = callPackage ./plugins/nixops-encrypted-links.nix { };
nixops-hercules-ci = callPackage ./plugins/nixops-hercules-ci.nix { };
nixops-vbox = callPackage ./plugins/nixops-vbox.nix { };
nixos-modules-contrib = callPackage ./plugins/nixos-modules-contrib.nix { };
nixops-aws = throw "nixops-aws was broken and was removed from nixpkgs";
nixops-gce = throw "nixops-gce was broken and was removed from nixpkgs";
nixops-libvirtd = throw "nixops-libvirtd was broken and was removed from nixpkgs";
nixops-hetzner = throw "nixops-hetzner was broken and was removed from nixpkgs";
@ -42,7 +42,7 @@ let
selectedPlugins = [];
# selector is a function mapping pythonPackages to a list of plugins
# e.g. nixops_unstable.withPlugins (ps: with ps; [ nixops-aws ])
# e.g. nixops_unstable.withPlugins (ps: with ps; [ nixops-digitalocean ])
withPlugins = selector:
this.extend (this: _old: {
selectedPlugins = selector this.availablePlugins;
@ -109,8 +109,6 @@ in
# Not recommended; too fragile.
nixops_unstable_full = minimal.withPlugins (ps: [
# currently broken
# ps.nixops-aws
ps.nixops-digitalocean
ps.nixops-encrypted-links
ps.nixops-hercules-ci

59
pkgs/applications/networking/cluster/nixops/plugins/nixops-aws.nix
View File

@ -1,59 +0,0 @@
{ lib
, buildPythonPackage
, fetchFromGitHub
, unstableGitUpdater
, poetry-core
, boto
, boto3
, nixops
, nixos-modules-contrib
, typing-extensions
}:
buildPythonPackage {
pname = "nixops-aws";
version = "1.0.0-unstable-2024-02-29";
pyproject = true;
src = fetchFromGitHub {
owner = "NixOS";
repo = "nixops-aws";
rev = "d173b2f14ec767d782ceab45fb22b32fe3b5a1f7";
hash = "sha256-ocTtc7POt1bugb9Bki2ew2Eh5uc933GftNw1twoOJsc=";
};
postPatch = ''
substituteInPlace pyproject.toml \
--replace poetry.masonry.api poetry.core.masonry.api \
--replace "poetry>=" "poetry-core>="
'';
nativeBuildInputs = [
poetry-core
];
buildInputs = [
nixops
];
propagatedBuildInputs = [
boto
boto3
nixos-modules-contrib
typing-extensions
];
pythonImportsCheck = [ "nixops_aws" ];
passthru.updateScript = unstableGitUpdater {
tagPrefix = "v";
};
meta = with lib; {
description = "AWS plugin for NixOps";
homepage = "https://github.com/NixOS/nixops-aws";
license = licenses.lgpl3Only;
broken = true; # fails with `nose-1.3.7 not supported for interpreter python3.12`
maintainers = nixops.meta.maintainers;
};
}

4
pkgs/applications/networking/instant-messengers/signal-desktop/signal-desktop.nix
View File

@ -2,7 +2,7 @@
callPackage ./generic.nix { } rec {
pname = "signal-desktop";
dir = "Signal";
version = "7.24.1";
version = "7.25.0";
url = "https://updates.signal.org/desktop/apt/pool/s/signal-desktop/signal-desktop_${version}_amd64.deb";
hash = "sha256-wT8pbUcdDYVEVAOroHeORl4+rwzfWJvZNxC1pnNsnjQ=";
hash = "sha256-KcVCQkDSpI+eq2/wvPZxq6ILLQk3xe+wrKfbnJnTQTo=";
}

4
pkgs/applications/networking/protonvpn-gui/default.nix
View File

@ -16,8 +16,6 @@
proton-vpn-killswitch-network-manager,
proton-vpn-logger,
proton-vpn-network-manager,
proton-vpn-network-manager-openvpn,
proton-vpn-network-manager-wireguard,
proton-vpn-session,
pycairo,
pygobject3,
@ -67,8 +65,6 @@ buildPythonApplication rec {
proton-vpn-killswitch-network-manager
proton-vpn-logger
proton-vpn-network-manager
proton-vpn-network-manager-openvpn
proton-vpn-network-manager-wireguard
proton-vpn-session
pycairo
pygobject3

4
pkgs/applications/science/electronics/nvc/default.nix
View File

@ -15,13 +15,13 @@
stdenv.mkDerivation rec {
pname = "nvc";
version = "1.13.3";
version = "1.14.0";
src = fetchFromGitHub {
owner = "nickg";
repo = "nvc";
rev = "r${version}";
hash = "sha256-u+EmZ+h+TVBHEmrELgU4s1C+Z8Cfp3gN9BnQruwCsYU=";
hash = "sha256-xaJt3zMAv+Op7cQAaKJOyI28oEssMw/7zvEnfReS4aw=";
};
nativeBuildInputs = [

90
pkgs/applications/science/misc/toil/default.nix
View File

@ -1,90 +0,0 @@
{ lib
, fetchFromGitHub
, python3
, rsync
}:
python3.pkgs.buildPythonApplication rec {
pname = "toil";
version = "5.12.0";
format = "setuptools";
src = fetchFromGitHub {
owner = "DataBiosphere";
repo = pname;
rev = "refs/tags/releases/${version}";
hash = "sha256-cTpbQo9tPZifUO59vbnIa3XUinFJ2/5Slfe4yszglFM=";
};
propagatedBuildInputs = with python3.pkgs; [
addict
dill
docker
enlighten
psutil
py-tes
pypubsub
python-dateutil
pytz
pyyaml
requests
typing-extensions
];
nativeCheckInputs = [
rsync
] ++ (with python3.pkgs; [
boto
botocore
flask
pytestCheckHook
stubserver
]);
pytestFlagsArray = [
"src/toil/test"
];
pythonImportsCheck = [
"toil"
];
disabledTestPaths = [
# Tests are reaching their timeout
"src/toil/test/docs/scriptsTest.py"
"src/toil/test/jobStores/jobStoreTest.py"
"src/toil/test/provisioners/aws/awsProvisionerTest.py"
"src/toil/test/src"
"src/toil/test/wdl"
"src/toil/test/utils/utilsTest.py"
"src/toil/test/cwl/cwlTest.py"
"src/toil/test/lib/test_ec2.py"
"src/toil/test/lib/aws/test_iam.py"
"src/toil/test/lib/aws/test_s3.py"
];
disabledTests = [
# Tests fail starting with 5.7.1
"testServices"
"testConcurrencyWithDisk"
"testJobConcurrency"
"testNestedResourcesDoNotBlock"
"test_omp_threads"
"testFileSingle"
"testFileSingle10000"
"testFileSingleCheckpoints"
"testFileSingleNonCaching"
"testFetchJobStoreFiles"
"testFetchJobStoreFilesWSymlinks"
"testJobStoreContents"
"test_cwl_on_arm"
"test_cwl_toil_kill"
];
meta = with lib; {
description = "Workflow engine written in pure Python";
homepage = "https://toil.ucsc-cgl.org/";
license = with licenses; [ asl20 ];
maintainers = with maintainers; [ veprbl ];
};
}

6
pkgs/applications/version-management/git-cliff/default.nix
View File

@ -8,16 +8,16 @@
rustPlatform.buildRustPackage rec {
pname = "git-cliff";
version = "2.5.0";
version = "2.6.0";
src = fetchFromGitHub {
owner = "orhun";
repo = "git-cliff";
rev = "v${version}";
hash = "sha256-d6IawXBumA5ZJiigMTx4IZgOFrH5bNrbRsNHfT4Ik3w=";
hash = "sha256-GRvZ9jdooduFylTGgUQNjdnD2Aa+jT5faV0/c3GBpqw=";
};
cargoHash = "sha256-zXcVOE+yTD4SsVNTYhXnKy6et5en9jzYXPKPVnCOixI=";
cargoHash = "sha256-vgVTHTEKfjWJzxDQ5w0dwp9qxyN5sgbBseXHN25bx9o=";
# attempts to run the program on .git in src which is not deterministic
doCheck = false;

50
pkgs/applications/window-managers/hyprwm/xdg-desktop-portal-hyprland/default.nix
View File

@ -2,15 +2,16 @@
lib,
stdenv,
fetchFromGitHub,
fetchpatch,
cmake,
pkg-config,
wayland-scanner,
makeWrapper,
pkg-config,
wrapQtAppsHook,
nix-update-script,
hyprland,
hyprland-protocols,
hyprlang,
hyprutils,
hyprwayland-scanner,
libdrm,
mesa,
pipewire,
@ -18,58 +19,39 @@
qttools,
qtwayland,
sdbus-cpp,
slurp,
systemd,
wayland,
wayland-protocols,
hyprland,
hyprpicker,
slurp,
wayland-scanner,
}:
stdenv.mkDerivation (finalAttrs: {
pname = "xdg-desktop-portal-hyprland";
version = "1.3.3";
version = "1.3.5";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "xdg-desktop-portal-hyprland";
rev = "v${finalAttrs.version}";
hash = "sha256-cyyxu/oj4QEFp3CVx2WeXa9T4OAUyynuBJHGkBZSxJI=";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-xTqnMoJsEojuvqJLuM+U7EZ7q71efaj3pbvjutq4TXc=";
};
patches = [
# CMake formatting, required for the next two commits to cleanly apply
(fetchpatch {
url = "https://github.com/hyprwm/xdg-desktop-portal-hyprland/commit/5555f467f68ce7cdf1060991c24263073b95e9da.patch";
hash = "sha256-yNkg7GCXDPJdsE7M6J98YylnRxQWpcM5N3olix7Oc1A=";
})
# removes wayland-scanner from deps, as it includes a pkg-config that
# defines that it has a non-existent include directory which trips up CMake
(fetchpatch {
url = "https://github.com/hyprwm/xdg-desktop-portal-hyprland/commit/0dd9af698b9386bcf25d3ea9f5017eca721831c1.patch";
hash = "sha256-Y6eWASHoMXVN2rYJ1rs0jy2qP81/qbHsZU+6b7XNBBg=";
})
# handle finding wayland-scanner more nicely
(fetchpatch {
url = "https://github.com/hyprwm/xdg-desktop-portal-hyprland/commit/2425e8f541525fa7409d9f26a8ffaf92a3767251.patch";
hash = "sha256-6dCg/U/SIjtvo07Z3tn0Hn8Xwx72nwVz6Q2cFnObonU=";
})
];
depsBuildBuild = [
pkg-config
];
nativeBuildInputs = [
cmake
pkg-config
wayland-scanner
makeWrapper
pkg-config
wrapQtAppsHook
hyprwayland-scanner
];
buildInputs = [
hyprland-protocols
hyprlang
hyprutils
libdrm
mesa
pipewire
@ -80,6 +62,7 @@ stdenv.mkDerivation (finalAttrs: {
systemd
wayland
wayland-protocols
wayland-scanner
];
dontWrapQtApps = true;
@ -95,12 +78,7 @@ stdenv.mkDerivation (finalAttrs: {
}
wrapProgramShell $out/libexec/xdg-desktop-portal-hyprland \
--prefix PATH ":" ${
lib.makeBinPath [
(placeholder "out")
hyprpicker
]
}
--prefix PATH ":" ${lib.makeBinPath [ (placeholder "out") ]}
'';
passthru = {

6
pkgs/build-support/php/builders/v2/hooks/composer-vendor-hook.sh
View File

@ -60,8 +60,10 @@ composerVendorBuildHook() {
echo "Executing composerVendorBuildHook"
composer \
--apcu-autoloader \
--apcu-autoloader-prefix="$(jq -r -c 'try ."content-hash"' < composer.lock)" \
# The acpu-autoloader is not reproducible and has to be disabled.
# Upstream PR: https://github.com/composer/composer/pull/12090
# --apcu-autoloader \
# --apcu-autoloader-prefix="$(jq -r -c 'try ."content-hash"' < composer.lock)" \
--no-interaction \
--no-progress \
--optimize-autoloader \

49
pkgs/development/tools/analysis/actionlint/default.nix → pkgs/by-name/ac/actionlint/package.nix
View File

@ -1,16 +1,20 @@
{ lib
, buildGoModule
, fetchFromGitHub
, installShellFiles
, makeWrapper
, python3Packages
, ronn
, shellcheck
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
makeWrapper,
python3Packages,
ronn,
shellcheck,
}:
buildGoModule rec {
pname = "actionlint";
let
version = "1.7.1";
in
buildGoModule {
pname = "actionlint";
inherit version;
subPackages = [ "cmd/actionlint" ];
@ -23,23 +27,36 @@ buildGoModule rec {
vendorHash = "sha256-ZREtrdHUD1B1Mogidp1y/kFTK+KR4qYJj1c/M+0utPM=";
nativeBuildInputs = [ makeWrapper ronn installShellFiles ];
nativeBuildInputs = [
makeWrapper
ronn
installShellFiles
];
postInstall = ''
ronn --roff man/actionlint.1.ronn
installManPage man/actionlint.1
wrapProgram "$out/bin/actionlint" \
--prefix PATH : ${lib.makeBinPath [ python3Packages.pyflakes shellcheck ]}
--prefix PATH : ${
lib.makeBinPath [
python3Packages.pyflakes
shellcheck
]
}
'';
ldflags = [ "-s" "-w" "-X github.com/rhysd/actionlint.version=${version}" ];
ldflags = [
"-s"
"-w"
"-X github.com/rhysd/actionlint.version=${version}"
];
meta = with lib; {
meta = {
homepage = "https://rhysd.github.io/actionlint/";
description = "Static checker for GitHub Actions workflow files";
changelog = "https://github.com/rhysd/actionlint/raw/v${version}/CHANGELOG.md";
license = licenses.mit;
maintainers = [ ];
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ momeemt ];
mainProgram = "actionlint";
};
}

5
pkgs/by-name/ai/aider-chat/package.nix
View File

@ -12,7 +12,7 @@ let
self = python3;
packageOverrides = _: super: { tree-sitter = super.tree-sitter_0_21; };
};
version = "0.56.0";
version = "0.57.0";
in
python3.pkgs.buildPythonApplication {
pname = "aider-chat";
@ -23,7 +23,7 @@ python3.pkgs.buildPythonApplication {
owner = "paul-gauthier";
repo = "aider";
rev = "refs/tags/v${version}";
hash = "sha256-e0Fqj67vYt41Zbr1FN2fuLp6cHRius8RtacBHLgB9dM=";
hash = "sha256-ErDepSju8B4GochHKxL03aUfOLAiNfTaXBAllAZ144M=";
};
pythonRelaxDeps = true;
@ -60,6 +60,7 @@ python3.pkgs.buildPythonApplication {
pypandoc
pyperclip
pyyaml
psutil
rich
scipy
sounddevice

27
pkgs/development/tools/algolia-cli/default.nix → pkgs/by-name/al/algolia-cli/package.nix
View File

@ -1,8 +1,15 @@
{ lib, buildGoModule, fetchFromGitHub, installShellFiles }:
buildGoModule rec {
pname = "algolia-cli";
{
lib,
buildGoModule,
fetchFromGitHub,
installShellFiles,
}:
let
version = "1.6.11";
in
buildGoModule {
pname = "algolia-cli";
inherit version;
src = fetchFromGitHub {
owner = "algolia";
@ -17,7 +24,11 @@ buildGoModule rec {
subPackages = [ "cmd/algolia" ];
ldflags = [ "-s" "-w" "-X github.com/algolia/cli/pkg/version.Version=${version}" ];
ldflags = [
"-s"
"-w"
"-X github.com/algolia/cli/pkg/version.Version=${version}"
];
postInstall = ''
installShellCompletion --cmd algolia \
@ -26,11 +37,11 @@ buildGoModule rec {
--zsh <($out/bin/algolia completion zsh)
'';
meta = with lib; {
meta = {
description = "Algolias official CLI devtool";
mainProgram = "algolia";
homepage = "https://algolia.com/doc/tools/cli/";
license = licenses.mit;
maintainers = [ ];
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ momeemt ];
};
}

44
pkgs/by-name/cb/cbeams/package.nix Normal file
View File

@ -0,0 +1,44 @@
{
lib,
python3Packages,
fetchPypi,
}:
python3Packages.buildPythonApplication rec {
pname = "cbeams";
version = "1.0.3";
pyproject = true;
disabled = !python3Packages.isPy3k;
src = fetchPypi {
inherit pname version;
hash = "sha256-8Q2sWsAc39Mu34K1wWOKOJERKzBStE4GmtuzOs2T7Kk=";
};
build-system = [ python3Packages.setuptools ];
postPatch = ''
substituteInPlace cbeams/terminal.py \
--replace-fail "blessings" "blessed"
'';
pythonRemoveDeps = [ "blessings" ];
dependencies = with python3Packages; [
blessed
docopt
];
doCheck = false; # no tests
meta = {
homepage = "https://github.com/tartley/cbeams";
description = "Command-line program to draw animated colored circles in the terminal";
license = lib.licenses.bsd3;
maintainers = with lib.maintainers; [
oxzi
sigmanificient
];
};
}

6
pkgs/by-name/cr/crossplane-cli/package.nix
View File

@ -8,16 +8,16 @@
buildGoModule rec {
pname = "crossplane-cli";
version = "1.16.1";
version = "1.17.1";
src = fetchFromGitHub {
owner = "crossplane";
repo = "crossplane";
rev = "v${version}";
hash = "sha256-wRbQKpWEzos5fzzf1tUF2xQAlk8KIrhXJ/QZ9JKCa2M=";
hash = "sha256-zcORVw+6QUucxJkHx/QWOHn50fd4+Jp+ZtiGuwfEQ6I=";
};
vendorHash = "sha256-XzIDLtEP4wrz23Cewz1QFuS62F/XQr7JNoaPAQfanEs=";
vendorHash = "sha256-de9xt3aFmGDddwMO2GgKKKmSfvsfnpit3wUrBme//fI=";
ldflags = [
"-s"

44
pkgs/by-name/de/dependency-track/0000-remove-frontend-download.patch Normal file
View File

@ -0,0 +1,44 @@
diff --git a/pom.xml b/pom.xml
index 9988e765..906917c0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -660,38 +660,13 @@
<artifactId>maven-antrun-plugin</artifactId>
<version>3.1.0</version>
<executions>
- <execution>
- <id>frontend-download</id>
- <phase>prepare-package</phase>
- <configuration>
- <target>
- <get src="https://github.com/DependencyTrack/frontend/releases/download/${frontend.version}/frontend-dist.zip" dest="${project.build.directory}" verbose="true"/>
- </target>
- </configuration>
- <goals>
- <goal>run</goal>
- </goals>
- </execution>
- <execution>
- <id>frontend-extract</id>
- <phase>prepare-package</phase>
- <configuration>
- <target>
- <unzip src="${project.build.directory}/frontend-dist.zip" dest="${project.build.directory}/frontend">
- </unzip>
- </target>
- </configuration>
- <goals>
- <goal>run</goal>
- </goals>
- </execution>
<execution>
<id>frontend-resource-deploy</id>
<phase>prepare-package</phase>
<configuration>
<target>
<copy todir="${project.build.directory}/${project.artifactId}">
- <fileset dir="${project.build.directory}/frontend/dist">
+ <fileset dir="${project.basedir}/frontend/dist">
<include name="**/*"/>
</fileset>
</copy>

17
pkgs/by-name/de/dependency-track/0001-add-junixsocket.patch Normal file
View File

@ -0,0 +1,17 @@
diff --git a/pom.xml b/pom.xml
index 9988e765..f69576b4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -457,6 +457,12 @@
<version>${lib.testcontainers.version}</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>com.kohlschutter.junixsocket</groupId>
+ <artifactId>junixsocket-core</artifactId>
+ <version>2.10.0</version>
+ <type>pom</type>
+ </dependency>
</dependencies>
<build>

113
pkgs/by-name/de/dependency-track/package.nix Normal file
View File

@ -0,0 +1,113 @@
{
lib,
buildNpmPackage,
fetchFromGitHub,
jre_headless,
cyclonedx-cli,
makeWrapper,
maven,
nix-update-script,
nixosTests,
}:
let
version = "4.11.7";
frontend = buildNpmPackage {
pname = "dependency-track-frontend";
inherit version;
src = fetchFromGitHub {
owner = "DependencyTrack";
repo = "frontend";
rev = version;
hash = "sha256-hgBDzzG90gunnlZeektzdBIdatNjbkDVmNLbxjyxAXE=";
};
npmDepsHash = "sha256-veyt7fn4g/eh/+2CapQxlEssZP8cQXONpI6sSW299tk=";
forceGitDeps = true;
makeCacheWritable = true;
# The prepack script runs the build script, which we'd rather do in the build phase.
npmPackFlags = [ "--ignore-scripts" ];
};
in
maven.buildMavenPackage rec {
inherit version;
pname = "dependency-track";
src = fetchFromGitHub {
owner = "DependencyTrack";
repo = "dependency-track";
rev = version;
hash = "sha256-BMkn9WnUGs4RxH5I1QQ2UDrlo32JcbfjfFcOG5YogLI=";
};
patches = [
./0000-remove-frontend-download.patch
./0001-add-junixsocket.patch
];
mvnJdk = jre_headless;
mvnHash = "sha256-c/JwBiKsXuWbCm1dTCrVc+V/1G7Eii1mUW8xDyewyLs=";
manualMvnArtifacts = [ "com.coderplus.maven.plugins:copy-rename-maven-plugin:1.0.1" ];
buildOffline = true;
mvnDepsParameters = lib.escapeShellArgs [
"-Dmaven.test.skip=true"
"-P enhance"
"-P embedded-jetty"
];
mvnParameters = lib.escapeShellArgs [
"-Dmaven.test.skip=true"
"-P enhance"
"-P embedded-jetty"
"-P bundle-ui"
"-Dservices.bom.merge.skip=false"
"-Dlogback.configuration.file=${src}/src/main/docker/logback.xml"
"-Dcyclonedx-cli.path=${lib.getExe cyclonedx-cli}"
];
preBuild = ''
mkdir -p frontend
cp -r ${frontend}/lib/node_modules/@dependencytrack/frontend/dist frontend/
'';
afterDepsSetup = ''
mvn cyclonedx:makeBom -Dmaven.repo.local=$mvnDeps/.m2 \
org.codehaus.mojo:exec-maven-plugin:exec@merge-services-bom
'';
doCheck = false;
nativeBuildInputs = [ makeWrapper ];
installPhase = ''
runHook preInstall
install -Dm644 target/dependency-track-*.jar $out/share/dependency-track/dependency-track.jar
makeWrapper ${jre_headless}/bin/java $out/bin/dependency-track \
--add-flags "-jar $out/share/dependency-track/dependency-track.jar"
runHook postInstall
'';
passthru = {
# passthru for nix-update
inherit (frontend) npmDeps;
tests = {
inherit (nixosTests) dependency-track;
};
updateScript = nix-update-script { };
};
meta = {
description = "Intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain";
homepage = "https://github.com/DependencyTrack/dependency-track";
license = lib.licenses.asl20;
maintainers = lib.teams.cyberus.members;
mainProgram = "dependency-track";
inherit (jre_headless.meta) platforms;
};
}

4
pkgs/by-name/do/doublecmd/package.nix
View File

@ -13,13 +13,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "doublecmd";
version = "1.1.17";
version = "1.1.18";
src = fetchFromGitHub {
owner = "doublecmd";
repo = "doublecmd";
rev = "v${finalAttrs.version}";
hash = "sha256-TKlhPvfnq62XWTo2twKO8hEjBZW0mWkKruXWhwirtR4=";
hash = "sha256-1lmDmtvkLMLxvF6ZTOShr5fsYN++Jm6+ngzgFyNjFn4=";
};
nativeBuildInputs = [

37
pkgs/applications/emulators/dynamips/default.nix → pkgs/by-name/dy/dynamips/package.nix
View File

@ -1,10 +1,11 @@
{ lib
, stdenv
, fetchFromGitHub
, cmake
, libelf
, libpcap
, nix-update-script
{
lib,
stdenv,
cmake,
fetchFromGitHub,
libelf,
libpcap,
nix-update-script,
}:
stdenv.mkDerivation rec {
@ -13,30 +14,40 @@ stdenv.mkDerivation rec {
src = fetchFromGitHub {
owner = "GNS3";
repo = pname;
rev = "v${version}";
repo = "dynamips";
rev = "refs/tags/v${version}";
hash = "sha256-+h+WsZ/QrDd+dNrR6CJb2uMG+vbUvK8GTxFJZOxknL0=";
};
nativeBuildInputs = [ cmake ];
buildInputs = [ libelf libpcap ];
cmakeFlags = [ "-DDYNAMIPS_CODE=stable" ];
buildInputs = [
libelf
libpcap
];
cmakeFlags = [
(lib.cmakeFeature "DYNAMIPS_CODE" "stable")
];
passthru = {
updateScript = nix-update-script { };
};
meta = with lib; {
inherit (src.meta) homepage;
description = "Cisco router emulator";
longDescription = ''
Dynamips is an emulator computer program that was written to emulate Cisco
routers.
'';
homepage = "https://github.com/GNS3/dynamips";
changelog = "https://github.com/GNS3/dynamips/releases/tag/v${version}";
license = licenses.gpl2Plus;
mainProgram = "dynamips";
maintainers = with maintainers; [ primeos ];
maintainers = with maintainers; [
primeos
anthonyroussel
];
platforms = platforms.linux ++ platforms.darwin;
};
}

4
pkgs/by-name/fa/fastfetch/package.nix
View File

@ -47,13 +47,13 @@ let
in
stdenv'.mkDerivation (finalAttrs: {
pname = "fastfetch";
version = "2.24.0";
version = "2.25.0";
src = fetchFromGitHub {
owner = "fastfetch-cli";
repo = "fastfetch";
rev = finalAttrs.version;
hash = "sha256-MnN+XZTiIjXGVM6rF5J7sDTndLijGCdgsBF8oYzRHqY=";
hash = "sha256-I8In6JK9XWM29QdAj3wU2WHn/RsrDJo7s5S7R79HV8g=";
};
outputs = [

12
pkgs/by-name/fi/fittrackee/package.nix
View File

@ -2,6 +2,7 @@
fetchFromGitHub,
fetchPypi,
lib,
stdenv,
postgresql,
postgresqlTestHook,
python3,
@ -27,14 +28,14 @@ let
in
python.pkgs.buildPythonApplication rec {
pname = "fittrackee";
version = "0.8.8";
version = "0.8.9";
pyproject = true;
src = fetchFromGitHub {
owner = "SamR1";
repo = "FitTrackee";
rev = "refs/tags/v${version}";
hash = "sha256-IO6M+HXAR3Gn0/71KwkaQr6sB0eCQzmnqHYgO+mzIZM=";
hash = "sha256-raN6Ef/Z/JbdJDMKBIaBL8nmvFwvuZFX4rfC0ZgWgKI=";
};
build-system = [
@ -47,6 +48,8 @@ python.pkgs.buildPythonApplication rec {
"gunicorn"
"pyjwt"
"pyopenssl"
"pytz"
"sqlalchemy"
];
dependencies =
@ -95,8 +98,10 @@ python.pkgs.buildPythonApplication rec {
export DATABASE_TEST_URL=postgresql://$PGUSER/$PGDATABASE?host=$PGHOST
'';
doCheck = !stdenv.isDarwin; # tests are a bit flaky on darwin
preCheck = ''
export TMP=$(mktemp -d)
export TMP=$TMPDIR
'';
meta = {
@ -104,7 +109,6 @@ python.pkgs.buildPythonApplication rec {
homepage = "https://github.com/SamR1/FitTrackee";
changelog = "https://github.com/SamR1/FitTrackee/blob/${src.rev}/CHANGELOG.md";
license = lib.licenses.agpl3Only;
platforms = lib.platforms.linux;
maintainers = with lib.maintainers; [ traxys ];
};
}

4
pkgs/by-name/ha/halo/package.nix
View File

@ -7,10 +7,10 @@
}:
stdenv.mkDerivation rec {
pname = "halo";
version = "2.19.2";
version = "2.19.3";
src = fetchurl {
url = "https://github.com/halo-dev/halo/releases/download/v${version}/halo-${version}.jar";
hash = "sha256-+mp195Yyj4O5k/WxnAllVHbeTt/ZzR7olPG27xfUrlQ=";
hash = "sha256-Re0L+2P/Sxzj+fnuZi5uK2Hk72d8EvQGdjhglVbt41M=";
};
nativeBuildInputs = [

6
pkgs/by-name/he/hello/package.nix
View File

@ -31,12 +31,6 @@ stdenv.mkDerivation (finalAttrs: {
passthru.tests = {
version = testers.testVersion { package = hello; };
invariant-under-noXlibs =
testers.testEqualDerivation
"hello must not be rebuilt when environment.noXlibs is set."
hello
(nixos { environment.noXlibs = true; }).pkgs.hello;
};
passthru.tests.run = callPackage ./test.nix { hello = finalAttrs.finalPackage; };

4
pkgs/by-name/hy/hyprutils/package.nix
View File

@ -10,13 +10,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "hyprutils";
version = "0.2.1";
version = "0.2.2";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "hyprutils";
rev = "refs/tags/v${finalAttrs.version}";
hash = "sha256-D3wIZlBNh7LuZ0NaoCpY/Pvu+xHxIVtSN+KkWZYvvVs=";
hash = "sha256-PNnIpwGqpTvMU3N2r0wMQwK1E+t4Bb5fbJwblQvr+80=";
};
nativeBuildInputs = [

4
pkgs/by-name/hy/hyprwayland-scanner/package.nix
View File

@ -9,13 +9,13 @@
}:
stdenv.mkDerivation (finalAttrs: {
pname = "hyprwayland-scanner";
version = "0.4.0";
version = "0.4.2";
src = fetchFromGitHub {
owner = "hyprwm";
repo = "hyprwayland-scanner";
rev = "v${finalAttrs.version}";
hash = "sha256-JPdL+Qul+jEueAn8CARfcWP83eJgwkhMejQYfDvrgvU=";
hash = "sha256-HIPEXyRRVZoqD6U+lFS1B0tsIU7p83FaB9m7KT/x6mQ=";
};
nativeBuildInputs = [

4
pkgs/by-name/ja/jan/package.nix
View File

@ -5,10 +5,10 @@
let
pname = "jan";
version = "0.5.3";
version = "0.5.4";
src = fetchurl {
url = "https://github.com/janhq/jan/releases/download/v${version}/jan-linux-x86_64-${version}.AppImage";
hash = "sha256-lfN5ant3oS7uschxyCxmiKNLJUJiqWVZLaJ8djqNKzQ=";
hash = "sha256-BrNfpf9v8yAs4y3vaPlqtOI9SE7IFfZm/CYegcuZT3c=";
};
appimageContents = appimageTools.extractType2 { inherit pname version src; };

60
pkgs/by-name/lu/luarocks-packages-updater/package.nix
View File

@ -4,10 +4,6 @@
, lib
, nix-prefetch-scripts
, luarocks-nix
, lua5_1
, lua5_2
, lua5_3
, lua5_4
, pluginupdate
}:
let
@ -16,52 +12,44 @@ let
nix nix-prefetch-scripts luarocks-nix
];
luaversions = [
lua5_1
lua5_2
lua5_3
lua5_4
];
attrs = builtins.fromTOML (builtins.readFile ./pyproject.toml);
pname = attrs.project.name;
inherit (attrs.project) version;
in
python3Packages.buildPythonApplication {
pname = "luarocks-packages-updater";
version = "0.1";
inherit pname version;
pyproject = true;
format = "other";
src = lib.cleanSource ./.;
nativeBuildInputs = [
makeWrapper
python3Packages.wrapPython
build-system = [
python3Packages.setuptools
];
propagatedBuildInputs = [
dependencies = [
python3Packages.gitpython
];
dontUnpack = true;
installPhase =
''
mkdir -p $out/bin $out/lib
cp ${./updater.py} $out/bin/luarocks-packages-updater
cp ${pluginupdate} $out/lib/pluginupdate.py
# wrap python scripts
makeWrapperArgs+=( --prefix PATH : "${path}" --prefix PYTHONPATH : "$out/lib" \
--set LUA_51 ${lua5_1} \
--set LUA_52 ${lua5_2} \
--set LUA_53 ${lua5_3} \
--set LUA_54 ${lua5_4}
)
wrapPythonProgramsIn "$out"
postFixup = ''
echo "pluginupdate folder ${pluginupdate}"
wrapProgram $out/bin/luarocks-packages-updater \
--prefix PYTHONPATH : "${pluginupdate}" \
--prefix PATH : "${path}"
'';
shellHook = ''
export PYTHONPATH="maintainers/scripts:$PYTHONPATH"
export PYTHONPATH="maintainers/scripts/pluginupdate-py:$PYTHONPATH"
export PATH="${path}:$PATH"
'';
meta.mainProgram = "luarocks-packages-updater";
meta = {
inherit (attrs.project) description;
license = lib.licenses.gpl3Only;
homepage = attrs.project.urls.Homepage;
mainProgram = "luarocks-packages-updater";
maintainers = with lib.maintainers; [ teto ];
};
}

19
pkgs/by-name/lu/luarocks-packages-updater/pyproject.toml Normal file
View File

@ -0,0 +1,19 @@
[build-system]
build-backend = "setuptools.build_meta"
requires = [ "setuptools" ]
[project]
name = "luarocks-packages-updater"
version = "0.0.1"
description = """
Module to update luarocks-packages"""
[project.urls]
Homepage = "https://github.com/NixOS/nixpkgs/tree/master/pkgs/by-name/lu/luarocks-packages-updater"
[project.scripts]
luarocks-packages-updater = "updater:main"
[tool.ruff]
line-length = 120
indent-width = 4

4
pkgs/by-name/lu/luarocks-packages-updater/updater.py
View File

@ -50,7 +50,7 @@ class LuaPlugin:
name: str
"""Name of the plugin, as seen on luarocks.org"""
rockspec: str
"""Full path towards the rockspec"""
"""Full URI towards the rockspec"""
ref: Optional[str]
"""git reference (branch name/tag)"""
version: Optional[str]
@ -60,7 +60,7 @@ class LuaPlugin:
Its value can be 'http://luarocks.org/dev'
"""
luaversion: Optional[str]
"""Attribue of the lua interpreter if a package is available only for a specific lua version"""
"""lua version if a package is available only for a specific lua version"""
maintainers: Optional[str]
""" Optional string listing maintainers separated by spaces"""

7
pkgs/by-name/ma/manifold/package.nix
View File

@ -11,13 +11,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "manifold";
version = "2.5.1-unstable-2024-09-06";
version = "2.5.1-unstable-2024-09-15";
src = fetchFromGitHub {
owner = "elalish";
repo = "manifold";
rev = "6f009ca13fab71e53f118179742cc2bb40455721";
hash = "sha256-McP/Rdxss93YHZcPSSWaRjyGgUiQJ3mZXgzcHWldORU=";
rev = "22c66051dfdbcefa2012e30dd12c9b5a20f89a01";
hash = "sha256-Fbev5dTgXjXdC7fzWfHnypTBel++DiMns8OzN1bH1OA=";
};
nativeBuildInputs = [ cmake ];
@ -49,5 +49,6 @@ stdenv.mkDerivation (finalAttrs: {
hzeller
pca006132
];
platforms = lib.platforms.linux; # currently issues with Darwin
};
})

1
pkgs/by-name/ma/maven/build-maven-package.nix
View File

@ -93,6 +93,7 @@ stdenv.mkDerivation (builtins.removeAttrs args [ "mvnFetchExtraArgs" ] // {
runHook preBuild
mvnDeps=$(cp -dpR ${fetchedMavenDeps}/.m2 ./ && chmod +w -R .m2 && pwd)
runHook afterDepsSetup
mvn package -o -nsu "-Dmaven.repo.local=$mvnDeps/.m2" ${mvnSkipTests} ${mvnParameters}
runHook postBuild

6
pkgs/by-name/nw/nwg-drawer/package.nix
View File

@ -12,16 +12,16 @@
let
pname = "nwg-drawer";
version = "0.4.9";
version = "0.5.0";
src = fetchFromGitHub {
owner = "nwg-piotr";
repo = "nwg-drawer";
rev = "v${version}";
hash = "sha256-KhgALKJNS7Y+u5pAfpvTup0W1+Vi6r1uaVFQZRiv4Dk=";
hash = "sha256-0ksvat0NDC2P+T0TyDAKh7YNLYhH+znxqLCqQ/5GDj8=";
};
vendorHash = "sha256-J7r3YyfV5lRZbjKo7ZNHQrOqR1GNbUB7GxRMlXuuw/c=";
vendorHash = "sha256-KULOXphc6GWIGP79C9sgfAIRMoqwcjaVp4jVyF6of/E=";
in
buildGoModule {
inherit pname version src vendorHash;

4
pkgs/by-name/op/openmsx/package.nix
View File

@ -20,13 +20,13 @@
stdenv.mkDerivation (finalAttrs: {
pname = "openmsx";
version = "19.1";
version = "20_0";
src = fetchFromGitHub {
owner = "openMSX";
repo = "openMSX";
rev = "RELEASE_${builtins.replaceStrings ["."] ["_"] finalAttrs.version}";
hash = "sha256-5ULljLmEDGFp32rnrXKLfL6P3ad2STJUNngBuWlRCbc=";
hash = "sha256-iY+oZ7fHZnnEGunM4kOxOGH2Biqj2PfdLhbT8J4mYrA=";
fetchSubmodules = true;
};

65
pkgs/by-name/op/openscad-unstable/package.nix
View File

@ -28,6 +28,7 @@
, libsForQt5
, libspnav
, libzip
, manifold
, mesa
, mpfr
, python3
@ -36,61 +37,23 @@
, wayland-protocols
, wrapGAppsHook3
, xorg
, mimalloc
, opencsg
}:
let
# get cccl from source to avoid license issues
nvidia-cccl = clangStdenv.mkDerivation {
pname = "nvidia-cccl";
# note, after v2.2.0, manifold dependency fails with some swap() ambiguities
version = "2.2.0";
src = fetchFromGitHub {
owner = "NVIDIA";
repo = "cccl";
fetchSubmodules = true;
rev = "v2.2.0";
hash = "sha256-azHDAuK0rAHrH+XkN3gHDrbwZOclP3zbEMe8VRpMjDQ=";
};
patches = [ ./thrust-cmake.patch ];
nativeBuildInputs = [ cmake pkg-config ];
buildInputs = [ tbb_2021_11 ];
cmakeFlags = [
# only enable what we need
"-DCCCL_ENABLE_CUB=OFF"
"-DCCCL_ENABLE_LIBCUDACXX=ON"
"-DCCCL_ENABLE_THRUST=ON"
"-DCCCL_ENABLE_TESTING=OFF"
"-DCCCL_ENABLE_EXAMPLES=OFF"
"-DTHRUST_DEVICE_SYSTEM=TBB"
"-DTHRUST_HOST_SYSTEM=CPP"
"-DTHRUST_ENABLE_HEADER_TESTING=OFF"
"-DTHRUST_ENABLE_TESTING=OFF"
"-DTHRUST_ENABLE_EXAMPLES=OFF"
"-DLIBCUDACXX_ENABLE_CUDA=OFF"
"-DLIBCUDACXX_ENABLE_STATIC_LIBRARY=OFF"
"-DLIBCUDACXX_ENABLE_LIBCUDACXX_TESTS=OFF"
];
meta = with lib; {
description = "CUDA C++ Core Libraries";
homepage = "https://github.com/NVIDIA/cccl";
license = licenses.asl20;
platforms = platforms.unix;
};
};
in
# clang consume much less RAM than GCC
clangStdenv.mkDerivation rec {
pname = "openscad-unstable";
version = "2024-08-17";
version = "2024-09-22";
src = fetchFromGitHub {
owner = "openscad";
repo = "openscad";
rev = "a16ca2a670840cfecb76254967380385d4d573cb";
hash = "sha256-YadbrYaxxdVNejasFW0MbcYwjwTHHQbVjqen9PKEsYQ=";
fetchSubmodules = true;
rev = "1cf4e97ed488d606c823f107dcc361f218aa84ca";
hash = "sha256-5WzLAQnjH+4JjJhh9pCgY3j8+lyNPrtY9a104tzkglo=";
fetchSubmodules = true; # Only really need sanitizers-cmake and MCAD
};
patches = [ ./test.diff ];
nativeBuildInputs = [
(python3.withPackages (ps: with ps; [ numpy pillow ]))
bison
@ -103,12 +66,10 @@ clangStdenv.mkDerivation rec {
pkg-config
];
buildInputs = with libsForQt5; with qt5; [
# manifold dependencies
clipper2
glm
tbb_2021_11
nvidia-cccl
mimalloc
boost
cairo
cgal_5
@ -119,11 +80,13 @@ clangStdenv.mkDerivation rec {
ghostscript
glib
gmp
opencsg
harfbuzz
hidapi
lib3mf
libspnav
libzip
manifold
mpfr
qscintilla
qtbase
@ -143,7 +106,8 @@ clangStdenv.mkDerivation rec {
cmakeFlags = [
"-DEXPERIMENTAL=ON" # enable experimental options
"-DSNAPSHOT=ON" # nightly icons
"-DUSE_BUILTIN_OPENCSG=ON" # bundled latest opencsg
"-DUSE_BUILTIN_OPENCSG=OFF"
"-DUSE_BUILTIN_MANIFOLD=OFF"
"-DOPENSCAD_VERSION=\"${builtins.replaceStrings ["-"] ["."] version}\""
"-DCMAKE_UNITY_BUILD=ON" # faster build
# IPO
@ -180,6 +144,5 @@ clangStdenv.mkDerivation rec {
platforms = lib.platforms.unix;
maintainers = with lib.maintainers; [ pca006132 raskin ];
mainProgram = "openscad";
broken = true; # https://github.com/NixOS/nixpkgs/issues/341043
};
}

36
pkgs/by-name/pi/pipet/package.nix Normal file
View File

@ -0,0 +1,36 @@
{
lib,
fetchFromGitHub,
buildGoModule,
}:
buildGoModule rec {
pname = "pipet";
version = "0.2.1";
src = fetchFromGitHub {
owner = "bjesus";
repo = "pipet";
rev = version;
hash = "sha256-PqOx/aFI5gHt78th1nkSKlTGw/r1eU7Ggz5kvtjMCmI=";
};
vendorHash = "sha256-jNIjF5jxcpNLAjuWo7OG/Ac4l6NpQNCKzYUgdAoL+C4=";
ldflags = [
"-s"
"-w"
"-X main.version=${version}"
"-X main.currentSha=${src.rev}"
];
doCheck = false; # Requires network
meta = {
homepage = "https://github.com/bjesus/pipet";
description = "Scraping and extracting data from online assets";
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ bjesus ];
mainProgram = "pipet";
};
}

57
pkgs/tools/misc/plantuml/plantuml-c4.nix → pkgs/by-name/pl/plantuml-c4/package.nix
View File

@ -1,4 +1,13 @@
{ lib, stdenv, makeWrapper, fetchzip, runCommand, plantuml, plantuml-c4, jre }:
{
lib,
stdenv,
fetchzip,
jre,
makeWrapper,
plantuml-c4,
plantuml,
runCommand,
}:
# The C4-PlantUML docs say that it suffices to run plantuml with the
# -DRELATIVE_INCLUDE="..." arg to make plantuml find the C4 templates
@ -12,13 +21,13 @@
let
c4-lib = fetchzip {
url = "https://github.com/plantuml-stdlib/C4-PlantUML/archive/refs/tags/v2.8.0.zip";
hash = "sha256-pGtTFg7HcAFYPrjd+CAaxS4C6Cqaj94aq45v3NpiAxM=";
url = "https://github.com/plantuml-stdlib/C4-PlantUML/archive/refs/tags/v2.10.0.zip";
hash = "sha256-p9Njb7VauXVf6yOBDQrO9mS+za9NntFUCK5tig0mH3U=";
};
sprites = fetchzip {
url = "https://github.com/tupadr3/plantuml-icon-font-sprites/archive/fa3f885dbd45c9cd0cdf6c0e5e4fb51ec8b76582.zip";
hash = "sha256-lt9+NNMIaZSkKNsGyHoqXUCTlKmZFGfNYYGjer6X0Xc=";
url = "https://github.com/tupadr3/plantuml-icon-font-sprites/archive/refs/tags/v3.0.0.zip";
hash = "sha256-I/cR1VPR7aKyTZF9X/4GkgcxV9+sLgNpTZugvCy0Dvs=";
};
# In order to pre-fix the plantuml.jar parameter with the argument
@ -26,22 +35,24 @@ let
# This way the plantuml derivation can remain unchanged.
plantumlWithExtraPath =
let
plantumlIncludePath = lib.concatStringsSep ":" [ c4-lib sprites ];
plantumlIncludePath = lib.concatStringsSep ":" [
c4-lib
sprites
];
includeFlag = "-Dplantuml.include.path=${lib.escapeShellArg plantumlIncludePath}";
postFixedJre =
runCommand "jre-postfixed" { nativeBuildInputs = [ makeWrapper ]; } ''
mkdir -p $out/bin
postFixedJre = runCommand "jre-postfixed" { nativeBuildInputs = [ makeWrapper ]; } ''
mkdir -p $out/bin
makeWrapper ${jre}/bin/java $out/bin/java \
--add-flags ${lib.escapeShellArg includeFlag}
'';
makeWrapper ${jre}/bin/java $out/bin/java \
--add-flags ${lib.escapeShellArg includeFlag}
'';
in
plantuml.override { jre = postFixedJre; };
in
stdenv.mkDerivation rec {
stdenv.mkDerivation {
pname = "plantuml-c4";
version = "2.8.0";
version = "2.10.0";
nativeBuildInputs = [ makeWrapper ];
@ -55,20 +66,24 @@ stdenv.mkDerivation rec {
'';
passthru.tests.example-c4-diagram =
runCommand "c4-plantuml-sample.png" { nativeBuildInputs = [ plantuml-c4 ]; } ''
sed 's/https:.*\///' "${c4-lib}/samples/C4_Context Diagram Sample - enterprise.puml" > sample.puml
plantuml sample.puml -o $out
runCommand "c4-plantuml-sample.png" { nativeBuildInputs = [ plantuml-c4 ]; }
''
sed 's/https:.*\///' "${c4-lib}/samples/C4_Context Diagram Sample - enterprise.puml" > sample.puml
plantuml sample.puml -o $out
sed 's/!include ..\//!include /' ${sprites}/examples/complex-example.puml > sprites.puml
plantuml sprites.puml -o $out
'';
sed 's/!include ..\//!include /' ${sprites}/examples/complex-example.puml > sprites.puml
plantuml sprites.puml -o $out
'';
meta = with lib; {
description = "PlantUML bundled with C4-Plantuml and plantuml sprites library";
mainProgram = "plantuml";
homepage = "https://github.com/plantuml-stdlib/C4-PlantUML";
license = licenses.mit;
maintainers = with maintainers; [ tfc ];
maintainers = with maintainers; [
tfc
anthonyroussel
];
platforms = platforms.unix;
};
}

23
pkgs/tools/misc/plantuml-server/default.nix → pkgs/by-name/pl/plantuml-server/package.nix
View File

@ -1,18 +1,22 @@
{ lib, stdenv, fetchurl, nixosTests }:
{
lib,
stdenv,
fetchurl,
nixosTests,
}:
let
version = "1.2024.7";
in
stdenv.mkDerivation rec {
pname = "plantuml-server";
inherit version;
version = "1.2024.7";
src = fetchurl {
url = "https://github.com/plantuml/plantuml-server/releases/download/v${version}/plantuml-v${version}.war";
sha256 = "sha256-9YTclV+FoiNbcpeNtlbbozqjB1BN9EJn03CzyHDbC+8=";
hash = "sha256-9YTclV+FoiNbcpeNtlbbozqjB1BN9EJn03CzyHDbC+8=";
};
dontUnpack = true;
installPhase = ''
postInstall = ''
mkdir -p "$out/webapps"
cp "$src" "$out/webapps/plantuml.war"
'';
@ -27,6 +31,9 @@ stdenv.mkDerivation rec {
sourceProvenance = with sourceTypes; [ binaryBytecode ];
license = licenses.gpl3Plus;
platforms = platforms.all;
maintainers = with maintainers; [ truh ];
maintainers = with maintainers; [
truh
anthonyroussel
];
};
}

30
pkgs/tools/misc/plantuml/default.nix → pkgs/by-name/pl/plantuml/package.nix
View File

@ -1,18 +1,20 @@
{ lib
, stdenvNoCC
, fetchurl
, makeBinaryWrapper
, jre
, graphviz
{
lib,
stdenvNoCC,
fetchurl,
graphviz,
jre,
makeBinaryWrapper,
testers,
}:
stdenvNoCC.mkDerivation (finalAttrs: {
pname = "plantuml";
version = "1.2024.5";
version = "1.2024.7";
src = fetchurl {
url = "https://github.com/plantuml/plantuml/releases/download/v${finalAttrs.version}/plantuml-pdf-${finalAttrs.version}.jar";
hash = "sha256-YayIedHIIpecVF7BZSvBTp66Eb7He+l+1RCir5KuL28=";
hash = "sha256-8BlAPc2BeojyTcZVboUA6+sOA5AO5eG871mSIWinm5E=";
};
nativeBuildInputs = [
@ -30,18 +32,28 @@ stdenvNoCC.mkDerivation (finalAttrs: {
'';
doInstallCheck = true;
postCheckInstall = ''
$out/bin/plantuml -help
$out/bin/plantuml -testdot
'';
passthru.tests.version = testers.testVersion {
package = finalAttrs.finalPackage;
command = "plantuml --version";
};
meta = {
description = "Draw UML diagrams using a simple and human readable text description";
homepage = "https://plantuml.com/";
# "plantuml -license" says GPLv3 or later
license = lib.licenses.gpl3Plus;
mainProgram = "plantuml";
maintainers = with lib.maintainers; [ bjornfor Mogria ];
maintainers = with lib.maintainers; [
bjornfor
Mogria
anthonyroussel
];
platforms = lib.platforms.unix;
sourceProvenance = with lib.sourceTypes; [ binaryBytecode ];
};

6
pkgs/by-name/pm/pmtiles/package.nix
View File

@ -1,16 +1,16 @@
{ lib, buildGoModule, fetchFromGitHub }:
buildGoModule rec {
pname = "pmtiles";
version = "1.21.0";
version = "1.22.0";
src = fetchFromGitHub {
owner = "protomaps";
repo = "go-pmtiles";
rev = "v${version}";
hash = "sha256-scicNAl1Lu8oD/g/63CXLeys+yorpH6Unhk5p4V78eY=";
hash = "sha256-r3gp0f771Cfy4JNekilnct+FKu4nOb+8y+B1A+anJ5Y=";
};
vendorHash = "sha256-8HShM4YznUAc6rJyDbdL5vv0dOk+d4IRKQpmEhWiNjo=";
vendorHash = "sha256-5oKcq1eTrcjQKWySDOsEFFbKkld9g494D5Tg9Bej8JQ=";
ldflags = [ "-s" "-w" "-X main.version=${version}" "-X main.commit=v${version}" ];

26
pkgs/by-name/ru/ruff/Cargo.lock generated
View File

@ -2083,9 +2083,7 @@ dependencies = [
"countme",
"hashbrown",
"insta",
"once_cell",
"ordermap",
"path-slash",
"ruff_db",
"ruff_index",
"ruff_python_ast",
@ -2094,6 +2092,7 @@ dependencies = [
"ruff_python_stdlib",
"ruff_source_file",
"ruff_text_size",
"ruff_vendored",
"rustc-hash 2.0.0",
"salsa",
"smallvec",
@ -2102,8 +2101,6 @@ dependencies = [
"test-case",
"thiserror",
"tracing",
"walkdir",
"zip",
]
[[package]]
@ -2159,6 +2156,7 @@ dependencies = [
"ruff_db",
"ruff_python_ast",
"ruff_text_size",
"ruff_vendored",
"rustc-hash 2.0.0",
"salsa",
"tempfile",
@ -2255,7 +2253,7 @@ dependencies = [
[[package]]
name = "ruff"
version = "0.6.6"
version = "0.6.7"
dependencies = [
"anyhow",
"argfile",
@ -2450,15 +2448,18 @@ version = "0.1.0"
dependencies = [
"anyhow",
"clap",
"once_cell",
"red_knot_python_semantic",
"ruff_cache",
"ruff_db",
"ruff_linter",
"ruff_macros",
"ruff_python_ast",
"ruff_python_parser",
"salsa",
"schemars",
"serde",
"zip",
]
[[package]]
@ -2471,7 +2472,7 @@ dependencies = [
[[package]]
name = "ruff_linter"
version = "0.6.6"
version = "0.6.7"
dependencies = [
"aho-corasick",
"annotate-snippets 0.9.2",
@ -2789,9 +2790,20 @@ dependencies = [
"static_assertions",
]
[[package]]
name = "ruff_vendored"
version = "0.0.0"
dependencies = [
"once_cell",
"path-slash",
"ruff_db",
"walkdir",
"zip",
]
[[package]]
name = "ruff_wasm"
version = "0.6.6"
version = "0.6.7"
dependencies = [
"console_error_panic_hook",
"console_log",

4
pkgs/by-name/ru/ruff/package.nix
View File

@ -14,13 +14,13 @@
rustPlatform.buildRustPackage rec {
pname = "ruff";
version = "0.6.6";
version = "0.6.7";
src = fetchFromGitHub {
owner = "astral-sh";
repo = "ruff";
rev = "refs/tags/${version}";
hash = "sha256-8EKOBlF6bgjgB5t3KP4AcWU7YkLaiFoAj+wuJWEOAic=";
hash = "sha256-1udxvl98RveGJmnG8kwlecWD9V+BPadA/YE8jbt9jNo=";
};
cargoLock = {

50
pkgs/by-name/sm/smatch/package.nix Normal file
View File

@ -0,0 +1,50 @@
{
lib,
stdenv,
fetchFromGitHub,
pkg-config,
sqlite,
openssl,
buildllvmsparse ? false,
buildc2xml ? false,
libllvm,
libxml2,
}:
let
version = "1.73";
in
stdenv.mkDerivation {
pname = "smatch";
inherit version;
src = fetchFromGitHub {
owner = "error27";
repo = "smatch";
rev = version;
sha256 = "sha256-Pv3bd2cjnQKnhH7TrkYWfDEeaq6u/q/iK1ZErzn6bME=";
};
NIX_CFLAGS_COMPILE = lib.optionals stdenv.cc.isClang [
"-Wno-incompatible-function-pointer-types"
];
nativeBuildInputs = [ pkg-config ];
buildInputs = [
sqlite
openssl
] ++ lib.optionals buildllvmsparse [ libllvm ] ++ lib.optionals buildc2xml [ libxml2.dev ];
makeFlags = [
"PREFIX=${placeholder "out"}"
"CXX=${stdenv.cc.targetPrefix}c++"
];
meta = {
description = "Semantic analysis tool for C";
homepage = "https://sparse.docs.kernel.org/";
maintainers = with lib.maintainers; [ momeemt ];
license = lib.licenses.gpl2Plus;
platforms = lib.platforms.all;
};
}

30
pkgs/development/tools/analysis/snyk/default.nix → pkgs/by-name/sn/snyk/package.nix
View File

@ -1,14 +1,18 @@
{ lib
, buildNpmPackage
, fetchFromGitHub
, stdenv
, testers
, snyk
{
lib,
buildNpmPackage,
fetchFromGitHub,
stdenv,
testers,
snyk,
}:
buildNpmPackage rec {
pname = "snyk";
let
version = "1.1293.1";
in
buildNpmPackage {
pname = "snyk";
inherit version;
src = fetchFromGitHub {
owner = "snyk";
@ -26,7 +30,9 @@ buildNpmPackage rec {
env.NIX_CFLAGS_COMPILE =
# Fix error: no member named 'aligned_alloc' in the global namespace
lib.optionalString (stdenv.isDarwin && stdenv.isx86_64) "-D_LIBCPP_HAS_NO_LIBRARY_ALIGNED_ALLOCATION=1";
lib.optionalString (
stdenv.isDarwin && stdenv.isx86_64
) "-D_LIBCPP_HAS_NO_LIBRARY_ALIGNED_ALLOCATION=1";
npmBuildScript = "build:prod";
@ -34,12 +40,12 @@ buildNpmPackage rec {
package = snyk;
};
meta = with lib; {
meta = {
description = "Scans and monitors projects for security vulnerabilities";
homepage = "https://snyk.io";
changelog = "https://github.com/snyk/cli/releases/tag/v${version}";
license = licenses.asl20;
maintainers = [ ];
license = lib.licenses.asl20;
maintainers = with lib.maintainers; [ momeemt ];
mainProgram = "snyk";
};
}

10
pkgs/by-name/st/stalwart-mail/package.nix
View File

@ -26,7 +26,7 @@ let
# See upstream issue for rocksdb 9.X support
# https://github.com/stalwartlabs/mail-server/issues/407
rocksdb = rocksdb_8_11;
version = "0.9.4";
version = "0.10.0";
in
rustPlatform.buildRustPackage {
pname = "stalwart-mail";
@ -36,11 +36,11 @@ rustPlatform.buildRustPackage {
owner = "stalwartlabs";
repo = "mail-server";
rev = "refs/tags/v${version}";
hash = "sha256-GDi7kRwI0GujQBJXItQpYZT1I1Hz3DUMyTixJ/lQySY=";
hash = "sha256-9qk7+LJntEmCIuxp0707OOHBVkywlAJA1QmWllR9ZHg=";
fetchSubmodules = true;
};
cargoHash = "sha256-7gJi6sykmKRuZZ8svXWlktHnwr78zaE2jxVIt+sZPHg=";
cargoHash = "sha256-O1LuEHH5VD/6875Psfp5N/oWYlo1cuTlHzwcgG9RrpI=";
patches = [
# Remove "PermissionsStartOnly" from systemd service files,
@ -140,6 +140,10 @@ rustPlatform.buildRustPackage {
# thread 'smtp::queue::concurrent::concurrent_queue' panicked at tests/src/smtp/inbound/mod.rs:65:9:
# assertion `left == right` failed
"--skip=smtp::queue::concurrent::concurrent_queue"
# Failed to read system DNS config: io error: No such file or directory (os error 2)
"--skip=smtp::inbound::auth::auth"
# Failed to read system DNS config: io error: No such file or directory (os error 2)
"--skip=smtp::inbound::vrfy::vrfy_expn"
];
doCheck = !(stdenv.isLinux && stdenv.isAarch64);

19
pkgs/development/tools/analysis/stylelint/default.nix → pkgs/by-name/st/stylelint/package.nix
View File

@ -1,8 +1,15 @@
{ buildNpmPackage, fetchFromGitHub, lib }:
{
buildNpmPackage,
fetchFromGitHub,
lib,
}:
buildNpmPackage rec {
pname = "stylelint";
let
version = "16.9.0";
in
buildNpmPackage {
pname = "stylelint";
inherit version;
src = fetchFromGitHub {
owner = "stylelint";
@ -15,11 +22,11 @@ buildNpmPackage rec {
dontNpmBuild = true;
meta = with lib; {
meta = {
description = "Mighty CSS linter that helps you avoid errors and enforce conventions";
mainProgram = "stylelint";
homepage = "https://stylelint.io";
license = licenses.mit;
maintainers = [ ];
license = lib.licenses.mit;
maintainers = with lib.maintainers; [ momeemt ];
};
}

81
pkgs/by-name/wi/wireguard-ui/package.nix Normal file
View File

@ -0,0 +1,81 @@
{
buildGoModule,
lib,
fetchFromGitHub,
fetchYarnDeps,
yarn,
fixup-yarn-lock,
nodejs,
fetchpatch2,
}:
buildGoModule rec {
pname = "wireguard-ui";
version = "0.6.2";
src = fetchFromGitHub {
owner = "ngoduykhanh";
repo = "wireguard-ui";
rev = "refs/tags/v${version}";
hash = "sha256-fK7l9I2s0zSxG1g1oQ1KjJZUcypwS9DxnNN7lhVI+1s=";
};
patches = [
(fetchpatch2 {
url = "https://github.com/ngoduykhanh/wireguard-ui/commit/2fdafd34ca6c8f7f1415a3a1d89498bb575a7171.patch?full_index=1";
hash = "sha256-nq/TX+TKDB29NcPQ3pLWD0jcXubULuwqisn9IcEW8B8=";
})
];
offlineCache = fetchYarnDeps {
yarnLock = "${src}/yarn.lock";
hash = "sha256-ps/GtdtDKA3y5o1GZpRG+z08lSzk8d9zgxb95kjr/gc=";
};
vendorHash = "sha256-FTjZ6wf0ym6kFJ58Z3E3shmbq9SaMwlXWeueHQXwkX4=";
nativeBuildInputs = [
yarn
fixup-yarn-lock
nodejs
];
ldflags = [
"-X main.appVersion=v${version}"
];
preConfigure = ''
# This is what prepare_assets.sh do.
export HOME=$(mktemp -d)
yarn config --offline set yarn-offline-mirror "$offlineCache"
fixup-yarn-lock yarn.lock
yarn --offline install
mkdir -p "./assets/dist/js" "./assets/dist/css" && \
cp -r "./node_modules/admin-lte/dist/js/adminlte.min.js" "./assets/dist/js/adminlte.min.js" && \
cp -r "./node_modules/admin-lte/dist/css/adminlte.min.css" "./assets/dist/css/adminlte.min.css"
cp -r "./custom" "./assets"
mkdir -p "./assets/plugins" && \
cp -r "./node_modules/admin-lte/plugins/jquery" \
"./node_modules/admin-lte/plugins/fontawesome-free" \
"./node_modules/admin-lte/plugins/bootstrap" \
"./node_modules/admin-lte/plugins/icheck-bootstrap" \
"./node_modules/admin-lte/plugins/toastr" \
"./node_modules/admin-lte/plugins/jquery-validation" \
"./node_modules/admin-lte/plugins/select2" \
"./node_modules/jquery-tags-input" \
"./assets/plugins/"
'';
meta = {
description = "Web user interface to manage your WireGuard setup";
changelog = "https://github.com/ngoduykhanh/wireguard-ui/releases/tag/v${version}";
homepage = "https://github.com/ngoduykhanh/wireguard-ui";
license = lib.licenses.mit;
platforms = lib.platforms.unix;
maintainers = with lib.maintainers; [ bot-wxt1221 ];
mainProgram = "wireguard-ui";
};
}

5
pkgs/by-name/ws/wstunnel/package.nix
View File

@ -2,9 +2,11 @@
lib,
fetchFromGitHub,
rustPlatform,
stdenv,
nixosTests,
nix-update-script,
versionCheckHook,
darwin,
}:
let
@ -25,6 +27,9 @@ rustPlatform.buildRustPackage {
cargoHash = "sha256-3b+pX/qQuhOY1OYr+CfT5wtiJcEJ8CJJsQZ4QOcYv74=";
nativeBuildInputs = [ versionCheckHook ];
buildInputs = lib.optionals stdenv.hostPlatform.isDarwin [
darwin.apple_sdk.frameworks.CoreServices
];
doInstallCheck = true;

6
pkgs/by-name/xt/xtf/package.nix
View File

@ -10,7 +10,7 @@
stdenv.mkDerivation {
pname = "xtf";
version = "0-unstable-2024-08-30";
version = "0-unstable-2024-09-13";
outputs = [
"out" # xtf-runner and test suite.
@ -20,8 +20,8 @@ stdenv.mkDerivation {
src = fetchgit {
url = "https://xenbits.xenproject.org/git-http/xtf.git";
rev = "f503efe8e5cf8858ec0704f1aaa82d0bf50891a5";
hash = "sha256-ccI9FcrK7T4Zrv3przZ7qZhJ/ZsPPi+1KOIVCdFKKdc=";
rev = "c9a5e404e70c21c7621db4b8cabdf68261db7e1c";
hash = "sha256-FMFbAdgH5KCpocAzUXb7nM3wpn4xs/gk/0M8AUVxXv0=";
};
nativeBuildInputs =

4
pkgs/by-name/yu/yubico-piv-tool/package.nix
View File

@ -18,7 +18,7 @@
stdenv.mkDerivation (finalAttrs: {
pname = "yubico-piv-tool";
version = "2.6.0";
version = "2.6.1";
outputs = [
"out"
@ -30,7 +30,7 @@ stdenv.mkDerivation (finalAttrs: {
owner = "Yubico";
repo = "yubico-piv-tool";
rev = "refs/tags/yubico-piv-tool-${finalAttrs.version}";
hash = "sha256-53cgwXMzVKnouwHhbt6pODhjF2MH0sK5CPWpbZe71jE=";
hash = "sha256-RYT/kBlUfVkJG8RNELVQ5gyC+HDteD5xqaI479nsvKw=";
};
postPatch = ''

4
pkgs/data/themes/adw-gtk3/default.nix
View File

@ -9,13 +9,13 @@
stdenvNoCC.mkDerivation rec {
pname = "adw-gtk3";
version = "5.3";
version = "5.4";
src = fetchFromGitHub {
owner = "lassekongo83";
repo = pname;
rev = "v${version}";
sha256 = "sha256-DpJLX9PJX1Q8dDOx7YOXQzgNECsKp5uGiCVTX6iSlbI=";
sha256 = "sha256-FwODgA3BK5O1WoNNbn27H18Epuqwcsnoc3hZUB59+Wg=";
};
nativeBuildInputs = [

6
pkgs/development/compilers/cairo/default.nix
View File

@ -7,16 +7,16 @@
rustPlatform.buildRustPackage rec {
pname = "cairo";
version = "2.8.0";
version = "2.8.2";
src = fetchFromGitHub {
owner = "starkware-libs";
repo = "cairo";
rev = "v${version}";
hash = "sha256-zQ+kc4c8YI9vURUEQNqX55mTJBcc2NLp4K8kab3ZjEs=";
hash = "sha256-vBdIGkdQa/csqsu4DbgIYitVbDLDUAFmIUytZ7IcxNk=";
};
cargoHash = "sha256-3ah6cHyCppkLJ2e73aGhVemyMRBl9R5a6ufWHmrJHSk=";
cargoHash = "sha256-w3kzEM34HYQ6KgILaDpmZbCgAh8Ql24DRe12woUAhVI=";
# openssl crate requires perl during build process
nativeBuildInputs = [

12
pkgs/development/compilers/dart/sources.nix
View File

@ -1,24 +1,24 @@
let version = "3.5.2"; in
let version = "3.5.3"; in
{ fetchurl }: {
versionUsed = version;
"${version}-x86_64-darwin" = fetchurl {
url = "https://storage.googleapis.com/dart-archive/channels/stable/release/${version}/sdk/dartsdk-macos-x64-release.zip";
sha256 = "0k1h7kbcagm7s0n8696lzws814rabz3491khd7z78mb3ivahxw35";
sha256 = "1z6hl6pqsg2l7pfchzr5dk90b2dchidhwnnnc4q5dzz0xjikqrvx";
};
"${version}-aarch64-darwin" = fetchurl {
url = "https://storage.googleapis.com/dart-archive/channels/stable/release/${version}/sdk/dartsdk-macos-arm64-release.zip";
sha256 = "036jw4qq3wicyfpamy7v6qsbrj0m7dyny45yzdgil4snvfagvfsv";
sha256 = "12rzl1nm1y0q5ff9p8gslki4cz37y3bdn8p2s3x2nc81bdda4gn7";
};
"${version}-aarch64-linux" = fetchurl {
url = "https://storage.googleapis.com/dart-archive/channels/stable/release/${version}/sdk/dartsdk-linux-arm64-release.zip";
sha256 = "1wm1157hbsms872pp1fkn0i3khz3h4r909bdvpk2rhag2l928f0a";
sha256 = "1rp54g8di8j715n955wdr6i0pcrx2dn73qmvmrisyahi0qjrk0py";
};
"${version}-x86_64-linux" = fetchurl {
url = "https://storage.googleapis.com/dart-archive/channels/stable/release/${version}/sdk/dartsdk-linux-x64-release.zip";
sha256 = "160dk1dpdzdh0pphmvdw7agavpyxniw8zf5w30yamkdi7r9g0l0b";
sha256 = "001mpb3fniamlmnqmhxdpbvp8crdvnf6sam13vvfmnr6na1fpxil";
};
"${version}-i686-linux" = fetchurl {
url = "https://storage.googleapis.com/dart-archive/channels/stable/release/${version}/sdk/dartsdk-linux-ia32-release.zip";
sha256 = "0nrgjdzc2skqc2b52pzw78056jqrqmiwzwwd9wh699dwwfnrjcf4";
sha256 = "0z9qjx2b2rmiqyqww0a5slj0pi1k8sn4fjihkn53im65rhhqra2y";
};
}

10
pkgs/development/compilers/jetbrains-jdk/default.nix
View File

@ -38,26 +38,26 @@ let
in
jdk.overrideAttrs (oldAttrs: rec {
pname = "jetbrains-jdk" + lib.optionalString withJcef "-jcef";
javaVersion = "21.0.3";
build = "509.11";
javaVersion = "21.0.4";
build = "598.4";
# To get the new tag:
# git clone https://github.com/jetbrains/jetbrainsruntime
# cd jetbrainsruntime
# git checkout jbr-release-${javaVersion}b${build}
# git log --simplify-by-decoration --decorate=short --pretty=short | grep "jbr-" --color=never | cut -d "(" -f2 | cut -d ")" -f1 | awk '{print $2}' | sort -t "-" -k 2 -g | tail -n 1 | tr -d ","
openjdkTag = "jbr-21.0.2+13";
openjdkTag = "jbr-21.0.4+8";
version = "${javaVersion}-b${build}";
src = fetchFromGitHub {
owner = "JetBrains";
repo = "JetBrainsRuntime";
rev = "jb${version}";
hash = "sha256-zTstmrH4KteR40BVDRfxOrl8aUQ26acE+ywscBd8sw8=";
hash = "sha256-YF5Z1A4qmD9Z4TE6f2i8wv9ZD+NqHGY5Q0oIVQiC3Bg=";
};
BOOT_JDK = jdk.home;
# run `git log -1 --pretty=%ct` in jdk repo for new value on update
SOURCE_DATE_EPOCH = 1723453663;
SOURCE_DATE_EPOCH = 1726275531;
patches = [ ];

9
pkgs/development/compilers/llvm/common/bolt/default.nix
View File

@ -12,6 +12,7 @@
python3,
buildLlvmTools,
patches ? [ ],
devExtraCmakeFlags ? [ ],
}:
stdenv.mkDerivation (finalAttrs: {
@ -43,9 +44,11 @@ stdenv.mkDerivation (finalAttrs: {
libxml2
];
cmakeFlags = lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [
(lib.cmakeFeature "LLVM_TABLEGEN_EXE" "${buildLlvmTools.llvm}/bin/llvm-tblgen")
];
cmakeFlags =
lib.optionals (!stdenv.buildPlatform.canExecute stdenv.hostPlatform) [
(lib.cmakeFeature "LLVM_TABLEGEN_EXE" "${buildLlvmTools.llvm}/bin/llvm-tblgen")
]
++ devExtraCmakeFlags;
postUnpack = ''
chmod -R u+w -- $sourceRoot/..

5
pkgs/development/compilers/llvm/common/clang/default.nix
View File

@ -17,6 +17,7 @@
, fixDarwinDylibNames
, enableManpages ? false
, clang-tools-extra_src ? null
, devExtraCmakeFlags ? []
}:
let
@ -69,7 +70,9 @@ let
# `clang-pseudo-gen`: https://github.com/llvm/llvm-project/commit/cd2292ef824591cc34cc299910a3098545c840c7
"-DCLANG_TIDY_CONFUSABLE_CHARS_GEN=${buildLlvmTools.libclang.dev}/bin/clang-tidy-confusable-chars-gen"
"-DCLANG_PSEUDO_GEN=${buildLlvmTools.libclang.dev}/bin/clang-pseudo-gen"
]) ++ lib.optional (stdenv.targetPlatform.useLLVM or false) "-DCLANG_DEFAULT_CXX_STDLIB=ON";
]) ++ lib.optionals (stdenv.targetPlatform.useLLVM or false) [
"-DCLANG_DEFAULT_CXX_STDLIB=ON"
] ++ devExtraCmakeFlags;
postPatch = ''
# Make sure clang passes the correct location of libLTO to ld64

5
pkgs/development/compilers/llvm/common/compiler-rt/default.nix
View File

@ -28,6 +28,7 @@
# `libcompiler_rt` library, at least under certain configurations. Some
# platforms stil expect this, however, so we symlink one into place.
, forceLinkCompilerRt ? stdenv.hostPlatform.isOpenBSD
, devExtraCmakeFlags ? []
}:
let
@ -134,9 +135,9 @@ stdenv.mkDerivation ({
"-DCOMPILER_RT_ENABLE_IOS=OFF"
]) ++ lib.optionals (lib.versionAtLeast version "19" && stdenv.isDarwin && lib.versionOlder stdenv.hostPlatform.darwinMinVersion "10.13") [
"-DSANITIZER_MIN_OSX_VERSION=10.10"
] ++ lib.optionals (noSanitizers && lib.versionAtLeast release_version "19") [
] ++ lib.optionals (noSanitizers && lib.versionAtLeast release_version "19") [
"-DCOMPILER_RT_BUILD_CTX_PROFILE=OFF"
];
] ++ devExtraCmakeFlags;
outputs = [ "out" "dev" ];

3
pkgs/development/compilers/llvm/common/default.nix
View File

@ -27,6 +27,9 @@
officialRelease ? null,
monorepoSrc ? null,
version ? null,
# Allows passthrough to packages via newScope. This makes it possible to
# do `(llvmPackages.override { <someLlvmDependency> = bar; }).clang` and get
# an llvmPackages whose packages are overridden in an internally consistent way.
...
}@args:

4
pkgs/development/compilers/llvm/common/libcxx/default.nix
View File

@ -16,6 +16,7 @@
, cxxabi ? if stdenv.hostPlatform.isFreeBSD then freebsd.libcxxrt else null
, libunwind
, enableShared ? !stdenv.hostPlatform.isStatic
, devExtraCmakeFlags ? []
}:
# external cxxabi is not supported on Darwin as the build will not link libcxx
@ -103,7 +104,8 @@ let
"-DCMAKE_CXX_COMPILER_WORKS=ON"
"-DUNIX=ON" # Required otherwise libc++ fails to detect the correct linker
] ++ cxxCMakeFlags
++ lib.optionals (cxxabi == null) cxxabiCMakeFlags;
++ lib.optionals (cxxabi == null) cxxabiCMakeFlags
++ devExtraCmakeFlags;
in

4
pkgs/development/compilers/llvm/common/libunwind/default.nix
View File

@ -12,6 +12,7 @@
, python3
, libcxx
, enableShared ? !stdenv.hostPlatform.isStatic
, devExtraCmakeFlags ? []
}:
let
pname = "libunwind";
@ -68,7 +69,8 @@ stdenv.mkDerivation (rec {
];
cmakeFlags = lib.optional (lib.versionAtLeast release_version "15") "-DLLVM_ENABLE_RUNTIMES=libunwind"
++ lib.optional (!enableShared) "-DLIBUNWIND_ENABLE_SHARED=OFF";
++ lib.optional (!enableShared) "-DLIBUNWIND_ENABLE_SHARED=OFF"
++ devExtraCmakeFlags;
meta = llvm_meta // {
# Details: https://github.com/llvm/llvm-project/blob/main/libunwind/docs/index.rst

3
pkgs/development/compilers/llvm/common/lld/default.nix
View File

@ -13,6 +13,7 @@
, libxml2
, libllvm
, version
, devExtraCmakeFlags ? []
}:
let
pname = "lld";
@ -55,7 +56,7 @@ stdenv.mkDerivation (rec {
"-DLLD_INSTALL_PACKAGE_DIR=${placeholder "dev"}/lib/cmake/lld"
] ++ lib.optionals (stdenv.hostPlatform != stdenv.buildPlatform) [
"-DLLVM_TABLEGEN_EXE=${buildLlvmTools.llvm}/bin/llvm-tblgen"
];
] ++ devExtraCmakeFlags;
# Musl's default stack size is too small for lld to be able to link Firefox.
LDFLAGS = lib.optionalString stdenv.hostPlatform.isMusl "-Wl,-z,stack-size=2097152";

3
pkgs/development/compilers/llvm/common/lldb.nix
View File

@ -23,6 +23,7 @@
, monorepoSrc ? null
, patches ? [ ]
, enableManpages ? false
, devExtraCmakeFlags ? [ ]
, ...
}:
@ -142,7 +143,7 @@ stdenv.mkDerivation (rec {
]) ++ lib.optionals doCheck [
"-DLLDB_TEST_C_COMPILER=${stdenv.cc}/bin/${stdenv.cc.targetPrefix}cc"
"-DLLDB_TEST_CXX_COMPILER=${stdenv.cc}/bin/${stdenv.cc.targetPrefix}c++"
];
] ++ devExtraCmakeFlags;
doCheck = false;
doInstallCheck = lib.versionOlder release_version "15";

3
pkgs/development/compilers/llvm/common/llvm/default.nix
View File

@ -40,6 +40,7 @@
&& !stdenv.hostPlatform.isAarch
, enablePolly ? lib.versionAtLeast release_version "14"
, enableTerminfo ? true
, devExtraCmakeFlags ? []
}:
let
@ -399,7 +400,7 @@ stdenv.mkDerivation (rec {
nativeInstallFlags
])
)
];
] ++ devExtraCmakeFlags;
postInstall = ''
mkdir -p $python/share

3
pkgs/development/compilers/llvm/common/mlir/default.nix
View File

@ -10,6 +10,7 @@
, libllvm
, version
, doCheck ? (!stdenv.isx86_32 /* TODO: why */) && (!stdenv.hostPlatform.isMusl)
, devExtraCmakeFlags ? []
}:
stdenv.mkDerivation rec {
@ -63,7 +64,7 @@ stdenv.mkDerivation rec {
] ++ lib.optionals ((stdenv.hostPlatform != stdenv.buildPlatform) && !(stdenv.buildPlatform.canExecute stdenv.hostPlatform)) [
"-DLLVM_TABLEGEN_EXE=${buildLlvmTools.llvm}/bin/llvm-tblgen"
"-DMLIR_TABLEGEN_EXE=${buildLlvmTools.mlir}/bin/mlir-tblgen"
];
] ++ devExtraCmakeFlags;
outputs = [ "out" "dev" ];

3
pkgs/development/compilers/llvm/common/openmp/default.nix
View File

@ -15,6 +15,7 @@
, perl
, pkg-config
, version
, devExtraCmakeFlags ? []
}:
let
pname = "openmp";
@ -60,7 +61,7 @@ stdenv.mkDerivation (rec {
"-DCLANG_TOOL=${clang-unwrapped}/bin/clang"
"-DOPT_TOOL=${llvm}/bin/opt"
"-DLINK_TOOL=${llvm}/bin/llvm-link"
];
] ++ devExtraCmakeFlags;
meta = llvm_meta // {
homepage = "https://openmp.llvm.org/";

49
pkgs/development/compilers/llvm/default.nix
View File

@ -14,7 +14,12 @@
bootBintoolsNoLibc ? if stdenv.targetPlatform.linker == "lld" then null else pkgs.bintoolsNoLibc,
bootBintools ? if stdenv.targetPlatform.linker == "lld" then null else pkgs.bintools,
llvmVersions ? { },
}:
# Allows passthrough to packages via newScope in ./common/default.nix.
# This makes it possible to do
# `(llvmPackages.override { <someLlvmDependency> = bar; }).clang` and get
# an llvmPackages whose packages are overridden in an internally consistent way.
...
}@packageSetArgs:
let
versions = {
"13.0.1".officialRelease.sha256 = "06dv6h5dmvzdxbif2s8njki6h32796v368dyb5945x8gjj72xh7k";
@ -53,25 +58,29 @@ let
in
lib.nameValuePair attrName (
recurseIntoAttrs (
callPackage ./common {
inherit (stdenvAdapters) overrideCC;
buildLlvmTools = buildPackages."llvmPackages_${attrName}".tools;
targetLlvmLibraries =
targetPackages."llvmPackages_${attrName}".libraries or llvmPackages."${attrName}".libraries;
targetLlvm = targetPackages."llvmPackages_${attrName}".llvm or llvmPackages."${attrName}".llvm;
stdenv =
if (lib.versions.major release_version == "13" && stdenv.cc.cc.isGNU or false) then
gcc12Stdenv
else
stdenv; # does not build with gcc13
inherit bootBintoolsNoLibc bootBintools;
inherit
officialRelease
gitRelease
monorepoSrc
version
;
}
callPackage ./common (
{
inherit (stdenvAdapters) overrideCC;
buildLlvmTools = buildPackages."llvmPackages_${attrName}".tools;
targetLlvmLibraries =
targetPackages."llvmPackages_${attrName}".libraries or llvmPackages."${attrName}".libraries;
targetLlvm = targetPackages."llvmPackages_${attrName}".llvm or llvmPackages."${attrName}".llvm;
inherit
officialRelease
gitRelease
monorepoSrc
version
;
}
// packageSetArgs # Allow overrides.
// {
stdenv =
if (lib.versions.major release_version == "13" && stdenv.cc.cc.isGNU or false) then
gcc12Stdenv
else
stdenv; # does not build with gcc13
}
)
)
);

4
pkgs/development/libraries/mongoc/default.nix
View File

@ -14,13 +14,13 @@
stdenv.mkDerivation rec {
pname = "mongoc";
version = "1.27.6";
version = "1.28.0";
src = fetchFromGitHub {
owner = "mongodb";
repo = "mongo-c-driver";
rev = "refs/tags/${version}";
hash = "sha256-771DZ+8cr0iHHcs4TZVEkTP6qWK1bMzOxlG4OS14t28=";
hash = "sha256-cfet+A2i33iHbVRouPS4Ul8TmHolrcIMTRba6Olqfeg=";
};
nativeBuildInputs = [

4
pkgs/development/python-modules/ansible-compat/default.nix
View File

@ -16,7 +16,7 @@
buildPythonPackage rec {
pname = "ansible-compat";
version = "24.9.0";
version = "24.9.1";
pyproject = true;
disabled = pythonOlder "3.10";
@ -24,7 +24,7 @@ buildPythonPackage rec {
src = fetchPypi {
pname = "ansible_compat";
inherit version;
hash = "sha256-xaQqVt0hJiXPyx0x5RpuD1JZNpG94f5KeIgeixt4prg=";
hash = "sha256-n/ICReG9nemyOjZ5AlJKsOEfvPt0GDGZbaXaW2Crld8=";
};
nativeBuildInputs = [

35
pkgs/development/python-modules/blessings/default.nix
View File

@ -1,35 +0,0 @@
{
lib,
buildPythonPackage,
fetchPypi,
six,
nose,
}:
buildPythonPackage rec {
pname = "blessings";
version = "1.7";
format = "setuptools";
src = fetchPypi {
inherit pname version;
sha256 = "98e5854d805f50a5b58ac2333411b0482516a8210f23f43308baeb58d77c157d";
};
# 4 failing tests, 2to3
doCheck = false;
propagatedBuildInputs = [ six ];
nativeCheckInputs = [ nose ];
checkPhase = ''
nosetests
'';
meta = with lib; {
homepage = "https://github.com/erikrose/blessings";
description = "Thin, practical wrapper around terminal coloring, styling, and positioning";
license = licenses.mit;
maintainers = with maintainers; [ domenkozar ];
};
}

21
pkgs/development/python-modules/boto/0005-Don-t-mock-list-subclass.patch
View File

@ -1,21 +0,0 @@
From: Jochen Sprickerhof <jspricke@debian.org>
Date: Thu, 15 Dec 2022 07:44:54 +0100
Subject: Don't mock list subclass
---
tests/unit/ec2/test_volume.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tests/unit/ec2/test_volume.py b/tests/unit/ec2/test_volume.py
index 81d7f55..d4d8e4f 100644
--- a/tests/unit/ec2/test_volume.py
+++ b/tests/unit/ec2/test_volume.py
@@ -55,7 +55,7 @@ class VolumeTests(unittest.TestCase):
@mock.patch("boto.resultset.ResultSet")
def test_startElement_with_name_tagSet_calls_ResultSet(self, ResultSet, startElement):
startElement.return_value = None
- result_set = mock.Mock(ResultSet([("item", Tag)]))
+ result_set = ResultSet([("item", Tag)])
volume = Volume()
volume.tags = result_set
retval = volume.startElement("tagSet", None, None)

53
pkgs/development/python-modules/boto/bug-953970_python3.8-compat.patch
View File

@ -1,53 +0,0 @@
Index: python-boto/tests/unit/utils/test_utils.py
===================================================================
--- python-boto.orig/tests/unit/utils/test_utils.py
+++ python-boto/tests/unit/utils/test_utils.py
@@ -85,7 +85,7 @@ class TestPassword(unittest.TestCase):
def hmac_hashfunc(cls, msg):
if not isinstance(msg, bytes):
msg = msg.encode('utf-8')
- return hmac.new(b'mysecretkey', msg)
+ return hmac.new(b'mysecretkey', msg, digestmod='sha256')
class HMACPassword(Password):
hashfunc = hmac_hashfunc
@@ -95,15 +95,15 @@ class TestPassword(unittest.TestCase):
password.set('foo')
self.assertEquals(str(password),
- hmac.new(b'mysecretkey', b'foo').hexdigest())
+ hmac.new(b'mysecretkey', b'foo', digestmod='sha256').hexdigest())
def test_constructor(self):
- hmac_hashfunc = lambda msg: hmac.new(b'mysecretkey', msg)
+ hmac_hashfunc = lambda msg: hmac.new(b'mysecretkey', msg, digestmod='sha256')
password = Password(hashfunc=hmac_hashfunc)
password.set('foo')
self.assertEquals(password.str,
- hmac.new(b'mysecretkey', b'foo').hexdigest())
+ hmac.new(b'mysecretkey', b'foo', digestmod='sha256').hexdigest())
class TestPythonizeName(unittest.TestCase):
Index: python-boto/boto/ecs/item.py
===================================================================
--- python-boto.orig/boto/ecs/item.py
+++ python-boto/boto/ecs/item.py
@@ -22,6 +22,7 @@
import xml.sax
import cgi
+from html import escape
from boto.compat import six, StringIO
class ResponseGroup(xml.sax.ContentHandler):
@@ -67,7 +68,7 @@ class ResponseGroup(xml.sax.ContentHandl
return None
def endElement(self, name, value, connection):
- self._xml.write("%s</%s>" % (cgi.escape(value).replace("&amp;amp;", "&amp;"), name))
+ self._xml.write("%s</%s>" % (escape(value).replace("&amp;amp;", "&amp;"), name))
if len(self._nodepath) == 0:
return
obj = None

66
pkgs/development/python-modules/boto/default.nix
View File

@ -1,66 +0,0 @@
{
lib,
buildPythonPackage,
fetchPypi,
python,
nose,
mock,
requests,
httpretty,
}:
buildPythonPackage rec {
pname = "boto";
version = "2.49.0";
format = "setuptools";
src = fetchPypi {
inherit pname version;
sha256 = "ea0d3b40a2d852767be77ca343b58a9e3a4b00d9db440efb8da74b4e58025e5a";
};
patches = [
# fixes hmac tests
# https://sources.debian.org/src/python-boto/2.49.0-4/debian/patches/bug-953970_python3.8-compat.patch/
./bug-953970_python3.8-compat.patch
# fixes test_startElement_with_name_tagSet_calls_ResultSet
# https://sources.debian.org/src/python-boto/2.49.0-4.1/debian/patches/0005-Don-t-mock-list-subclass.patch/
./0005-Don-t-mock-list-subclass.patch
];
# boto is deprecated by upstream as of 2021-05-27 (https://github.com/boto/boto/commit/4980ac58764c3d401cb0b9552101f9c61c18f445)
# this patch is a bit simpler than https://github.com/boto/boto/pull/3898
# as we don't have to take care of pythonOlder "3.3".
postPatch = ''
substituteInPlace boto/dynamodb/types.py --replace 'from collections import Mapping' 'from collections.abc import Mapping'
substituteInPlace boto/mws/connection.py --replace 'import collections' 'import collections.abc as collections'
'';
checkPhase = ''
${python.interpreter} tests/test.py default
'';
nativeCheckInputs = [
nose
mock
];
propagatedBuildInputs = [
requests
httpretty
];
meta = with lib; {
homepage = "https://github.com/boto/boto";
license = licenses.mit;
description = "Python interface to Amazon Web Services";
longDescription = ''
The boto module is an integrated interface to current and
future infrastructural services offered by Amazon Web
Services. This includes S3, SQS, EC2, among others.
'';
maintainers = [ ];
# Unmaintained since 2020, archived in the beginning of May 2024 and broken
# https://github.com/boto/boto/issues/3951
broken = true;
};
}

11
pkgs/development/python-modules/cirq-rigetti/default.nix
View File

@ -1,6 +1,7 @@
{
buildPythonPackage,
cirq-core,
fetchpatch2,
lib,
pytestCheckHook,
attrs,
@ -31,6 +32,16 @@ buildPythonPackage rec {
disabled = pythonOlder "3.7";
patches = [
# https://github.com/quantumlib/Cirq/pull/6734
(fetchpatch2 {
name = "fix-rigetti-check-for-aspen-family-device-kind.patch";
url = "https://github.com/quantumlib/Cirq/commit/dd395fb71fb7f92cfd34f008bf2a98fc70b57fae.patch";
stripLen = 1;
hash = "sha256-EWB2CfMS2+M3zNFX5PwFNtEBdgJkNVUVNd+I/E6n9kI=";
})
];
sourceRoot = "${src.name}/${pname}";
pythonRelaxDeps = [

4
pkgs/development/python-modules/clarifai-grpc/default.nix
View File

@ -12,7 +12,7 @@
buildPythonPackage rec {
pname = "clarifai-grpc";
version = "10.8.4";
version = "10.8.6";
pyproject = true;
disabled = pythonOlder "3.8";
@ -21,7 +21,7 @@ buildPythonPackage rec {
owner = "Clarifai";
repo = "clarifai-python-grpc";
rev = "refs/tags/${version}";
hash = "sha256-5HDPEFn43JQyNTp9nJapBpoigoFtgyPZ5HXulMsjc8s=";
hash = "sha256-lCFjZcPp4ih2fKaRXQxyxBkgRRPSaTOawiMqeXg25cg=";
};
build-system = [ setuptools ];

69
pkgs/development/python-modules/clustershell/default.nix
View File

@ -3,9 +3,11 @@
lib,
buildPythonPackage,
fetchPypi,
setuptools,
distutils,
pyyaml,
openssh,
nose,
unittestCheckHook,
bc,
hostname,
bash,
@ -14,6 +16,7 @@
buildPythonPackage rec {
pname = "clustershell";
version = "1.9.2";
pyproject = true;
src = fetchPypi {
pname = "ClusterShell";
@ -21,30 +24,29 @@ buildPythonPackage rec {
hash = "sha256-rsF/HG4GNBC+N49b+sDO2AyUI1G44wJNBUwQNPzShD0=";
};
build-system = [
setuptools
distutils
];
postPatch = ''
substituteInPlace lib/ClusterShell/Worker/Ssh.py \
--replace '"ssh"' '"${openssh}/bin/ssh"' \
--replace '"scp"' '"${openssh}/bin/scp"'
--replace-fail '"ssh"' '"${openssh}/bin/ssh"' \
--replace-fail '"scp"' '"${openssh}/bin/scp"'
substituteInPlace lib/ClusterShell/Worker/fastsubprocess.py \
--replace '"/bin/sh"' '"${bash}/bin/sh"'
--replace-fail '"/bin/sh"' '"${bash}/bin/sh"'
for f in tests/*; do
substituteInPlace $f \
--replace '/bin/hostname' '${hostname}/bin/hostname' \
--replace '/bin/sleep' 'sleep' \
--replace '/bin/echo' 'echo' \
--replace '/bin/uname' 'uname' \
--replace '/bin/false' 'false' \
--replace '/bin/true' 'true' \
--replace '/usr/bin/printf' 'printf'
--replace-quiet '/bin/hostname' '${hostname}/bin/hostname' \
--replace-quiet '/bin/sleep' 'sleep' \
--replace-quiet '/bin/echo' 'echo' \
--replace-quiet '/bin/uname' 'uname' \
--replace-quiet '/bin/false' 'false' \
--replace-quiet '/bin/true' 'true' \
--replace-quiet '/usr/bin/printf' 'printf'
done
# Fix warnings
substituteInPlace lib/ClusterShell/Task.py \
--replace "notifyAll" "notify_all"
substituteInPlace tests/TaskPortTest.py lib/ClusterShell/Task.py \
--replace "currentThread" "current_thread"
'';
propagatedBuildInputs = [ pyyaml ];
@ -52,18 +54,22 @@ buildPythonPackage rec {
nativeCheckInputs = [
bc
hostname
nose
unittestCheckHook
];
pythonImportsCheck = [ "ClusterShell" ];
doCheck = false; # tests often get stuck
unittestFlagsArray = [
"tests"
"-p"
"'*Test.py'"
];
# Many tests want to open network connections
# https://github.com/cea-hpc/clustershell#test-suite
#
# Several tests fail on Darwin
checkPhase = ''
preCheck = ''
rm tests/CLIClushTest.py
rm tests/TreeWorkerTest.py
rm tests/TaskDistantMixin.py
@ -72,29 +78,6 @@ buildPythonPackage rec {
rm tests/TaskDistantPdshTest.py
rm tests/TaskRLimitsTest.py
rm tests/TreeGatewayTest.py
nosetests -v \
-e test_fromall_grouplist \
-e test_rank_placeholder \
-e test_engine_on_the_fly_launch \
-e test_ev_pickup_fanout \
-e test_ev_pickup_fanout_legacy \
-e test_timeout \
-e test_008_broken_pipe_on_write \
-e testLocalBufferRCGathering \
-e testLocalBuffers \
-e testLocalErrorBuffers \
-e testLocalFanout \
-e testLocalRetcodes \
-e testLocalRCBufferGathering \
-e testLocalSingleLineBuffers \
-e testLocalWorkerFanout \
-e testSimpleMultipleCommands \
-e testClushConfigSetRlimit \
-e testTimerInvalidateInHandler \
-e testTimerSetNextFireInHandler \
-e test_node_placeholder \
tests/*.py
'';
meta = with lib; {

4
pkgs/development/python-modules/datadog/default.nix
View File

@ -16,14 +16,14 @@
buildPythonPackage rec {
pname = "datadog";
version = "0.50.0";
version = "0.50.1";
pyproject = true;
disabled = pythonOlder "3.7";
src = fetchPypi {
inherit pname version;
hash = "sha256-OljoX42kfEpHiTtCx1lXC6AoDNISQT2bckbLj8uG9YY=";
hash = "sha256-V51NtUvW75GMUlAhftsVuAt7EVgrjiT85DcCdow/Li0=";
};
nativeBuildInputs = [ hatchling ];

2
pkgs/development/python-modules/flask-admin/default.nix
View File

@ -1,7 +1,6 @@
{
lib,
azure-storage-blob,
boto,
buildPythonPackage,
fetchpatch,
fetchFromGitHub,
@ -53,7 +52,6 @@ buildPythonPackage rec {
];
optional-dependencies = {
aws = [ boto ];
azure = [ azure-storage-blob ];
};

Some files were not shown because too many files have changed in this diff Show More