Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2022-07-23 12:02:12 +00:00 committed by GitHub
commit b38a1818bc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
14 changed files with 197 additions and 32 deletions

View File

@ -4366,6 +4366,12 @@
githubId = 405105;
name = "Dustin Frisch";
};
foo-dogsquared = {
email = "foo.dogsquared@gmail.com";
github = "foo-dogsquared";
githubId = 34962634;
name = "Gabriel Arazas";
};
forkk = {
email = "forkk@forkk.net";
github = "Forkk";

View File

@ -243,6 +243,7 @@ in {
done
'' + (if cfg.accessUser != "" then reloadScript else "");
serviceConfig = {
Type = "oneshot";
User = jenkinsCfg.user;
RuntimeDirectory = "jenkins-job-builder";
};

View File

@ -81,7 +81,7 @@ import ./make-test-python.nix ({ pkgs, ...} : {
in ''
start_all()
master.wait_for_unit("jenkins")
master.wait_for_unit("default.target")
assert "Authentication required" in master.succeed("curl http://localhost:8080")
@ -96,8 +96,6 @@ import ./make-test-python.nix ({ pkgs, ...} : {
with subtest("jobs are declarative"):
# Check that jobs are created on disk.
master.wait_for_unit("jenkins-job-builder")
master.wait_until_fails("systemctl is-active jenkins-job-builder")
master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/job-1/config.xml")
master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/config.xml")
master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml")
@ -115,8 +113,6 @@ import ./make-test-python.nix ({ pkgs, ...} : {
)
# Check that jobs are removed from disk.
master.wait_for_unit("jenkins-job-builder")
master.wait_until_fails("systemctl is-active jenkins-job-builder")
master.wait_until_fails("test -f /var/lib/jenkins/jobs/job-1/config.xml")
master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/config.xml")
master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml")

View File

@ -0,0 +1,89 @@
{ stdenv
, lib
, fetchFromGitHub
, python3Packages
, wrapGAppsHook4
, gtk4
, meson
, ninja
, pkg-config
, appstream-glib
, desktop-file-utils
, glib
, gobject-introspection
, libnotify
, libadwaita
, libportal
, gettext
, librsvg
, tesseract5
, zbar
}:
python3Packages.buildPythonApplication rec {
pname = "gnome-frog";
version = "1.1.3";
src = fetchFromGitHub {
owner = "TenderOwl";
repo = "Frog";
rev = version;
sha256 = "sha256-yOjfiGJUU25zb/4WprPU59yDAMpttS3jREp1kB5mXUE=";
};
format = "other";
patches = [ ./update-compatible-with-non-flatpak-env.patch ];
postPatch = ''
chmod +x ./build-aux/meson/postinstall.py
patchShebangs ./build-aux/meson/postinstall.py
substituteInPlace ./build-aux/meson/postinstall.py \
--replace "gtk-update-icon-cache" "gtk4-update-icon-cache"
substituteInPlace ./frog/language_manager.py --subst-var out
'';
nativeBuildInputs = [
appstream-glib
desktop-file-utils
gettext
meson
ninja
pkg-config
glib
wrapGAppsHook4
];
buildInputs = [
librsvg
gobject-introspection
libnotify
libadwaita
libportal
zbar
tesseract5
];
propagatedBuildInputs = with python3Packages; [
pygobject3
pillow
pytesseract
pyzbar
];
# This is to prevent double-wrapping the package. We'll let
# Python do it by adding certain arguments inside of the
# wrapper instead.
dontWrapGApps = true;
preFixup = ''
makeWrapperArgs+=("''${gappsWrapperArgs[@]}")
'';
meta = with lib; {
homepage = "https://getfrog.app/";
description =
"Intuitive text extraction tool (OCR) for GNOME desktop";
license = licenses.mit;
maintainers = with maintainers; [ foo-dogsquared ];
platforms = platforms.linux;
};
}

View File

@ -0,0 +1,33 @@
diff --git a/frog/config.py b/frog/config.py
index 9837755..b73e4e3 100644
--- a/frog/config.py
+++ b/frog/config.py
@@ -30,10 +30,14 @@ import os
APP_ID = "com.github.tenderowl.frog"
RESOURCE_PREFIX = "/com/github/tenderowl/frog"
+# This is based from the XDG Base Directory specification.
+if not os.getenv('XDG_DATA_HOME'):
+ os.environ['XDG_DATA_HOME'] = os.path.expanduser("~/.local/share")
+
if not os.path.exists(os.path.join(os.environ['XDG_DATA_HOME'], 'tessdata')):
os.mkdir(os.path.join(os.environ['XDG_DATA_HOME'], 'tessdata'))
tessdata_url = "https://github.com/tesseract-ocr/tessdata/raw/main/"
tessdata_best_url = "https://github.com/tesseract-ocr/tessdata_best/raw/main/"
tessdata_dir = os.path.join(os.environ['XDG_DATA_HOME'], 'tessdata')
-tessdata_config = f'--tessdata-dir {tessdata_dir} psm 6'
+tessdata_config = f'-psm 6 --tessdata-dir {tessdata_dir}'
diff --git a/frog/language_manager.py b/frog/language_manager.py
index 5752be6..4f6a908 100644
--- a/frog/language_manager.py
+++ b/frog/language_manager.py
@@ -156,7 +156,7 @@ class LanguageManager(GObject.GObject):
os.mkdir(tessdata_dir)
dest_path = os.path.join(tessdata_dir, 'eng.traineddata')
- source_path = pathlib.Path('/app/share/appdata/eng.traineddata')
+ source_path = pathlib.Path('@out@/share/appdata/eng.traineddata')
if os.path.exists(dest_path):
return

View File

@ -1,5 +1,6 @@
{ stdenv, lib, rustPlatform, fetchgit
, pkg-config, wayland-scanner, libcap, minijail, wayland, wayland-protocols
, pkg-config, wayland-scanner
, libcap, libdrm, libepoxy, minijail, virglrenderer, wayland, wayland-protocols
, linux
}:
@ -30,7 +31,9 @@ in
nativeBuildInputs = [ pkg-config wayland-scanner ];
buildInputs = [ libcap minijail wayland wayland-protocols ];
buildInputs = [
libcap libdrm libepoxy minijail virglrenderer wayland wayland-protocols
];
postPatch = ''
cp ${./Cargo.lock} Cargo.lock
@ -42,6 +45,8 @@ in
export DEFAULT_SECCOMP_POLICY_DIR=$out/share/policy
'';
buildFeatures = [ "default" "virgl_renderer" "virgl_renderer_next" ];
postInstall = ''
mkdir -p $out/share/policy/
cp seccomp/${arch}/* $out/share/policy/

View File

@ -8,20 +8,16 @@ stdenv.mkDerivation rec {
sha256 = "sha256-kPjS+otVZ8aJmDDd7ywD88J5YLEayiIvoXqnrGE8KJA=";
};
# https://github.com/svaarala/duktape/issues/2464
LDFLAGS = [ "-lm" ];
nativeBuildInputs = [ validatePkgConfig ];
postPatch = ''
substituteInPlace Makefile.sharedlibrary \
--replace 'gcc' '${stdenv.cc.targetPrefix}cc' \
--replace 'g++' '${stdenv.cc.targetPrefix}c++'
substituteInPlace Makefile.cmdline \
--replace 'gcc' '${stdenv.cc.targetPrefix}cc' \
--replace 'g++' '${stdenv.cc.targetPrefix}c++'
'';
buildPhase = ''
make -f Makefile.sharedlibrary
make -f Makefile.cmdline
'';
installPhase = ''
install -d $out/bin
install -m755 duk $out/bin/
@ -30,6 +26,7 @@ stdenv.mkDerivation rec {
make -f Makefile.sharedlibrary install INSTALL_PREFIX=$out
substituteAll ${./duktape.pc.in} $out/lib/pkgconfig/duktape.pc
'';
enableParallelBuilding = true;
meta = with lib; {

View File

@ -14,13 +14,13 @@
buildDotnetModule rec {
pname = "osu-lazer";
version = "2022.719.0";
version = "2022.723.0";
src = fetchFromGitHub {
owner = "ppy";
repo = "osu";
rev = version;
sha256 = "sha256-SSKiXIj02VCTHDLgQMV0vZyKUoUv2c4KOfEJJ2NOLjY=";
sha256 = "sha256-j3NxT/WCOCSB62JUO8hYCRUoF+GL1QAdaUaynY7aGj8=";
};
projectFile = "osu.Desktop/osu.Desktop.csproj";

View File

@ -142,14 +142,14 @@
(fetchNuGet { pname = "NuGet.Protocol"; version = "5.11.0"; sha256 = "041pva6ykc5h6az7bb87mkg32c95cvxlixgspnd34zbdldr4ypdb"; })
(fetchNuGet { pname = "NuGet.Versioning"; version = "5.11.0"; sha256 = "041351n1rbyqpfxqyxbvjgfrcbbawymbq96givz5pvdbabvyf5vq"; })
(fetchNuGet { pname = "NUnit"; version = "3.13.3"; sha256 = "0wdzfkygqnr73s6lpxg5b1pwaqz9f414fxpvpdmf72bvh4jaqzv6"; })
(fetchNuGet { pname = "OpenTabletDriver"; version = "0.6.0.2"; sha256 = "0blwfs1cacxq0vs6fy7zjnsny8qdsr5jlxix3icmphyqgz0g4g39"; })
(fetchNuGet { pname = "OpenTabletDriver.Configurations"; version = "0.6.0.2"; sha256 = "18q6gjayqrwk6n1kf359z94z8zyb3yz4hr1dpgglk51sq6wi2z84"; })
(fetchNuGet { pname = "OpenTabletDriver.Native"; version = "0.6.0.2"; sha256 = "12hf4v8j8asc9wlywpykajb8yrzx10w6h11qbykckmrfxvz8pc0a"; })
(fetchNuGet { pname = "OpenTabletDriver.Plugin"; version = "0.6.0.2"; sha256 = "0z2n5jysw06zp2cxmfqddbg3g88jdm1irr2hv04q8valq0plaq5c"; })
(fetchNuGet { pname = "OpenTabletDriver"; version = "0.6.0.4"; sha256 = "1fk0029b1183pxd6qvzkmy8byx5dhjka3f8x20sd7drbzvqpn6am"; })
(fetchNuGet { pname = "OpenTabletDriver.Configurations"; version = "0.6.0.4"; sha256 = "0ahxg4mckzljav5y9g7c1795wgyx2banysg5l7ix3xrl4xmjfmp3"; })
(fetchNuGet { pname = "OpenTabletDriver.Native"; version = "0.6.0.4"; sha256 = "1zz9afqbaif6sl7gzayl0ww9jhysi4q06jicmx4g35yk82w07vzn"; })
(fetchNuGet { pname = "OpenTabletDriver.Plugin"; version = "0.6.0.4"; sha256 = "0lim2aqw42c1cc73fbbw0h41wcwaxa5d89srzalgg8dpi3bds1mp"; })
(fetchNuGet { pname = "ppy.LocalisationAnalyser"; version = "2022.607.0"; sha256 = "07rf10lpnly9d8wf7mwys3jsr4kh0rkf86rjck1hmb73b8524jq9"; })
(fetchNuGet { pname = "ppy.osu.Framework"; version = "2022.719.0"; sha256 = "1rm72pm1m1nrfla2m3943nm85aj2i32rx4ikggm97fm74018cjsx"; })
(fetchNuGet { pname = "ppy.osu.Framework"; version = "2022.722.0"; sha256 = "1ps8cfny35hyairw32bjz3cvkdhqch27yfzz83zbv6rdbk687zjq"; })
(fetchNuGet { pname = "ppy.osu.Framework.NativeLibs"; version = "2022.525.0"; sha256 = "1zsqj3xng06bb46vg79xx35n2dsh3crqg951r1ga2gxqzgzy4nk0"; })
(fetchNuGet { pname = "ppy.osu.Game.Resources"; version = "2022.716.0"; sha256 = "03g70lsxad0xrrii4d1qh8xb1q4983hn7raydwihvm15pqwv9741"; })
(fetchNuGet { pname = "ppy.osu.Game.Resources"; version = "2022.722.0"; sha256 = "0ilzm9cfvhzxwlv1irzcsbwnm3p5qjbc3hzh5ss992s0y5v6xray"; })
(fetchNuGet { pname = "ppy.osuTK.NS20"; version = "1.0.192"; sha256 = "0k6nlsxdl6qa5kbn66nbxh5x43hkgpnz8h3zjlbr5siqdjcrvcvg"; })
(fetchNuGet { pname = "ppy.SDL2-CS"; version = "1.0.563-alpha"; sha256 = "09bk81nibfwicjmy8bg4h14myp3x0a7yz4axwdfnk33pj5dsn953"; })
(fetchNuGet { pname = "Realm"; version = "10.14.0"; sha256 = "0pbnqp2z27lm6i8j8pbb2500gyyv8gb73kskv49ympvpa09mzcrv"; })

View File

@ -1,10 +1,10 @@
{ lib, stdenv, fetchurl, unzip, pkgs, dataPath ? "/var/lib/rainloop" }: let
{ lib, stdenv, fetchurl, unzip, writeText, dos2unix, dataPath ? "/var/lib/rainloop" }: let
common = { edition, sha256 }:
stdenv.mkDerivation (rec {
pname = "rainloop${lib.optionalString (edition != "") "-${edition}"}";
version = "1.16.0";
nativeBuildInputs = [ unzip ];
nativeBuildInputs = [ unzip dos2unix ];
unpackPhase = ''
mkdir rainloop
@ -16,7 +16,19 @@
sha256 = sha256;
};
includeScript = pkgs.writeText "include.php" ''
prePatch = ''
dos2unix ./rainloop/rainloop/v/1.16.0/app/libraries/MailSo/Base/HtmlUtils.php
'';
patches = [
./fix-cve-2022-29360.patch
];
postPatch = ''
unix2dos ./rainloop/rainloop/v/1.16.0/app/libraries/MailSo/Base/HtmlUtils.php
'';
includeScript = writeText "include.php" ''
<?php
/**

View File

@ -0,0 +1,23 @@
Fetched from https://blog.sonarsource.com/rainloop-emails-at-risk-due-to-code-flaw/
--- a/rainloop/rainloop/v/1.16.0/app/libraries/MailSo/Base/HtmlUtils.php
+++ b/rainloop/rainloop/v/1.16.0/app/libraries/MailSo/Base/HtmlUtils.php
@@ -239,7 +239,8 @@ class HtmlUtils
$oWrapHtml->setAttribute($sKey, $sValue);
}
- $oWrapDom = $oDom->createElement('div', '___xxx___');
+ $rand_str = base64_encode(random_bytes(32));
+ $oWrapDom = $oDom->createElement('div', $rand_str);
$oWrapDom->setAttribute('data-x-div-type', 'body');
foreach ($aBodylAttrs as $sKey => $sValue)
{
@@ -250,7 +251,7 @@ class HtmlUtils
$sWrp = $oDom->saveHTML($oWrapHtml);
- $sResult = \str_replace('___xxx___', $sResult, $sWrp);
+ $sResult = \str_replace($rand_str, $sResult, $sWrp);
}
$sResult = \str_replace(\MailSo\Base\HtmlUtils::$KOS, ':', $sResult);

View File

@ -2,13 +2,13 @@
buildGoModule rec {
pname = "godns";
version = "2.8.4";
version = "2.8.5";
src = fetchFromGitHub {
owner = "TimothyYe";
repo = "godns";
rev = "v${version}";
sha256 = "sha256-P3jmpyk53+N/7BhPfLmCiXOoGJv35eZcvrxGqejYin8=";
sha256 = "sha256-RqJ3AfnHKA6qJhio7SMvJlcKBec7/fDz5s2ucqOkQWE=";
};
vendorSha256 = "sha256-PGqknRGtN0XRGPnAsWzQrlJZG5BzQIhlSysGefkxysE=";

View File

@ -11,24 +11,24 @@ in
stdenv.mkDerivation rec {
pname = "minijail";
version = "17";
version = "18";
src = fetchFromGitiles {
url = "https://android.googlesource.com/platform/external/minijail";
rev = "linux-v${version}";
sha256 = "1j65h50wa39m6qvgnh1pf59fv9jdsdbc6a6c1na7y0rgljxhmdzv";
sha256 = "sha256-OpwzISZ5iZNQvJAX7UJJ4gELEaVfcQgY9cqMM0YvBzc=";
};
nativeBuildInputs =
lib.optional (stdenv.buildPlatform != stdenv.hostPlatform) qemu;
buildInputs = [ libcap ];
makeFlags = [ "LIBDIR=$(out)/lib" ];
makeFlags = [ "ECHO=echo" "LIBDIR=$(out)/lib" ];
dumpConstantsFlags = lib.optional (stdenv.hostPlatform.libc == "glibc")
"LDFLAGS=-L${glibc.static}/lib";
postPatch = ''
substituteInPlace common.mk --replace /bin/echo echo
substituteInPlace Makefile --replace /bin/echo echo
patchShebangs platform2_preinstall.sh
'';
@ -55,6 +55,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://android.googlesource.com/platform/external/minijail/";
description = "Sandboxing library and application using Linux namespaces and capabilities";
changelog = "https://android.googlesource.com/platform/external/minijail/+/refs/tags/linux-v${version}";
license = licenses.bsd3;
maintainers = with maintainers; [ pcarrier qyliss ];
platforms = platforms.linux;

View File

@ -6705,6 +6705,8 @@ with pkgs;
gnome-feeds = callPackage ../applications/networking/feedreaders/gnome-feeds {};
gnome-frog = callPackage ../applications/misc/gnome-frog { };
gnome-keysign = callPackage ../tools/security/gnome-keysign { };
gnome-secrets = callPackage ../applications/misc/gnome-secrets { };