Commit Graph

279457 Commits

Author SHA1 Message Date
Martin Weinelt
1b44e72fec
Merge pull request #117788 from risicle/ris-lxml-4.6.3
pythonPackages.lxml: 4.6.2 -> 4.6.3, addressing CVE-2021-28957
2021-03-27 23:31:02 +01:00
github-actions[bot]
bef3b9438a
Merge staging-next into staging 2021-03-27 18:14:11 +00:00
github-actions[bot]
95c24d591a
Merge master into staging-next 2021-03-27 18:14:08 +00:00
Sandro
9cc8c600c6
Merge pull request #115288 from symphorien/llvm-recurse 2021-03-27 18:54:56 +01:00
Fabian Affolter
1433dad051
Merge pull request #117797 from r-ryantm/auto-update/lazydocker
lazydocker: 0.10 -> 0.12
2021-03-27 18:36:04 +01:00
Fabian Affolter
f615c23325
bashate: init at 2.0.0 (#117469) 2021-03-27 17:40:29 +01:00
Fabian Affolter
1cee9c24aa
Merge pull request #116663 from r-ryantm/auto-update/wasabiwallet
wasabiwallet: 1.1.12.4 -> 1.1.12.5
2021-03-27 17:36:14 +01:00
Fabian Affolter
56976f31e3
Merge pull request #117431 from r-ryantm/auto-update/emplace
emplace: 1.4.0 -> 1.4.1
2021-03-27 17:28:09 +01:00
sternenseemann
ef6450411f ocamlPackages_4_{11,12}: merlin: 3.4.2 -> 4.1
Add nix expression for the OCaml-version specific versions of merlin
4.1 and conditionally call it in ocaml-packages.nix.
2021-03-27 17:26:12 +01:00
sternenseemann
29d77c57ed dot-merlin-reader: 3.4.2 -> 4.1
4.1 uncoupled the versions between merlin and dot-merlin-reader which
means we can and must update them independently of each other since
merlin 4.1 is only available in specific versions for OCaml 4.11 and
4.12 respectively.

Therefore merlin now fetches its own source instead of inheriting it
from dot-merlin-reader.
2021-03-27 17:26:12 +01:00
Elis Hirwing
2ed44fa49c
Merge pull request #114173 from eyJhb/php-clisupport-false
php: fixed building with cliSupport = false
2021-03-27 17:08:43 +01:00
Michele Guerini Rocco
b01e00ba8f
Merge pull request #114688 from rnhmjoj/tcsd-no-udev-settle
nixos/tcsd: several improvements and fixes
2021-03-27 16:31:17 +01:00
Fabian Affolter
60b85e6b95
python3Packages.tldextract: enable tests (#117787) 2021-03-27 16:24:16 +01:00
Fabian Affolter
d404ecd995
Merge pull request #117776 from oxzi/python-pynmea2-1.17.0
pythonPackages.pynmea2: 1.16.0 -> 1.17.0
2021-03-27 16:04:51 +01:00
R. RyanTM
f12df7e100 lazydocker: 0.10 -> 0.12 2021-03-27 15:04:19 +00:00
Robert Scott
c1360ac05f pythonPackages.lxml: 4.6.2 -> 4.6.3
addressing CVE-2021-28957
2021-03-27 14:41:58 +00:00
Martin Weinelt
9c76cd2045
Merge pull request #117785 from mweinelt/webkitgtk
webkitgtk: 2.30.5 -> 2.30.6
2021-03-27 15:08:35 +01:00
Fabian Affolter
ad6907ca59
Merge pull request #117779 from r-ryantm/auto-update/grype
grype: 0.8.0 -> 0.9.0
2021-03-27 15:02:25 +01:00
Fabian Affolter
18ce06d315
Merge pull request #117709 from r-ryantm/auto-update/python3.8-managesieve
python38Packages.managesieve: 0.7 -> 0.7.1
2021-03-27 14:46:03 +01:00
Vladimír Čunát
dabcb87cd8
Merge #117127: don't rely on patch timestamps in build
...into staging
2021-03-27 14:37:02 +01:00
sternenseemann
b2eb2c8b4f Revert "ocamlPackages.tcpip: 6.0.0 -> 6.1.0"
This reverts commit 988f5a5910.

The release process for many OCaml packages and in extension mirage
related packages usually entails creating a release in the respective
own repository so a release tarball becomes available and then opening a
PR against ocaml/opam-repository to finalize the release. During this
new issues can be discovered which push the release back.

This happened for mirage-tcpip 6.1.0 several times:
https://github.com/ocaml/opam-repository/pull/18357
Prompting in total 3 different 6.1.0 releases with different hashes
respectively (the hash for ocamlPackages.tcpip.src shouldn't be
reproducible anymore, but we probably have cached the tarball already).
Ultimately the PR to opam-repository was closed to investigate some
failures on opam-repository's CI and the release postponed:
https://github.com/ocaml/opam-repository/pull/18357#issuecomment-808434285

I jumped the gun with the release and updated tcpip in nixpkgs before
tcpip was “properly” released in opam. I usually watch the github
repository of package I maintain for releases and can react pretty
quickly to a release as a result. Most of the time I also check
opam-repository's PRs nowadays for extra context or information, but
when everything seems fine and tests succeed I deem the update alright
to PR to nixpkgs. Being faster than opam was achievable in these cases
and actually seems kind of tantalizing.

In the light of this experience however, we should wait for the opam
PR getting merged at least for some packages that exhibit this behavior
of rereleasing the same version number multiple times to get the release
just right (afaik the 6.1.0 tag pointed to three different revisions for
tcpip). To me this is questionable upstream behavior we just have to deal
with in some way.
2021-03-27 14:33:49 +01:00
Martin Weinelt
75f531b3fc
webkitgtk: 2.30.5 -> 2.30.6
https://webkitgtk.org/security/WSA-2021-0002.html
2021-03-27 14:22:41 +01:00
Benjamin Hipple
477812e18e
Merge pull request #117744 from r-ryantm/auto-update/python3.8-bitarray
python38Packages.bitarray: 1.8.0 -> 1.8.1
2021-03-27 08:45:30 -04:00
Michael Weiss
1372aa414c
git: 2.31.0 -> 2.31.1 2021-03-27 13:44:34 +01:00
Robert Scott
31e9d07ed1
Merge pull request #116250 from Pamplemousse/patch_ipmitool
ipmitool: fix security vulnerability
2021-03-27 12:22:44 +00:00
Robert Scott
b4b85dc2e7
Merge pull request #117460 from suhr/sfizz
sfizz: 0.4.0 -> 0.5.1
2021-03-27 12:19:38 +00:00
github-actions[bot]
15f796ceaf
Merge staging-next into staging 2021-03-27 12:06:16 +00:00
github-actions[bot]
5021a8bc13
Merge master into staging-next 2021-03-27 12:06:13 +00:00
R. RyanTM
87e44b865f grype: 0.8.0 -> 0.9.0 2021-03-27 12:04:29 +00:00
rnhmjoj
d3ebe83408 qutebrowser: add pynacl for qute-keepassxc
Requested by @wedens.
2021-03-27 12:35:06 +01:00
rnhmjoj
b710cdf80a qutebrowser: 2.0.2 -> 2.1.0 2021-03-27 12:35:06 +01:00
rnhmjoj
c7e4fdef18 pythonPackages.pyqtwebengine: 5.15.2 -> 5.15.4 2021-03-27 12:35:06 +01:00
rnhmjoj
3aba63ab29 qt5.qtwebengine: 5.15.2 -> 5.15.3-a059e740
This updates the base chromium branch from 83 to 87, which fixes
approximately a few hundreds CVEs.
2021-03-27 12:35:06 +01:00
Fabian Affolter
0f24db0be9
Merge pull request #117772 from r-ryantm/auto-update/gdu
gdu: 4.8.1 -> 4.9.0
2021-03-27 12:20:00 +01:00
Alvar Penning
ce6eb61758 pythonPackages.pynmea2: 1.16.0 -> 1.17.0 2021-03-27 12:18:14 +01:00
Maximilian Bosch
eff1869ba6
Merge pull request #117761 from r-ryantm/auto-update/cargo-udeps
cargo-udeps: 0.1.19 -> 0.1.20
2021-03-27 12:14:09 +01:00
Doron Behar
20826f0710
Merge pull request #117685 from dotlambda/arpack-3.8.0
arpack: 3.7.0 -> 3.8.0
2021-03-27 11:09:44 +00:00
Maximilian Bosch
591e97bbd4
Merge pull request #117601 from LeSuisse/vault-1.7.0
vault: 1.6.3 -> 1.7.0
2021-03-27 12:03:57 +01:00
R. RyanTM
38b9434ce9 gdu: 4.8.1 -> 4.9.0 2021-03-27 10:56:15 +00:00
Maximilian Bosch
0001e5c8dd
Merge pull request #117549 from marsam/update-xonsh
xonsh: 0.9.24 -> 0.9.27
2021-03-27 11:48:50 +01:00
Robert T. McGibbon
5ebacbf474
python39Packages.ldap: unbreak (#117614) 2021-03-27 10:59:08 +01:00
Robert Schütz
9e4b635dee arpack: 3.7.0 -> 3.8.0 2021-03-27 10:54:26 +01:00
Fabian Affolter
943347687f
Merge pull request #117723 from fabaff/bump-xknx
python3Packages.xknx: 0.17.2 -> 0.17.4
2021-03-27 09:56:50 +01:00
Anderson Torres
acda0e451c
Merge pull request #117764 from AndersonTorres/new-emacs-modes
Update emacs modes
2021-03-27 05:29:58 -03:00
AndersonTorres
7da3df8e9a Update Emacs MELPA expressions 2021-03-27 05:03:48 -03:00
R. RyanTM
471216639a cargo-udeps: 0.1.19 -> 0.1.20 2021-03-27 07:32:22 +00:00
AndersonTorres
fba4e73b00 Manual fix: remove duplicated shell-command-plus expression 2021-03-27 04:17:50 -03:00
AndersonTorres
4a488a0bf6 Update ELPA packages 2021-03-27 04:14:06 -03:00
AndersonTorres
d63909f045 Update Org Mode Emacs packages 2021-03-27 04:14:06 -03:00
github-actions[bot]
e01a16d07b
Merge staging-next into staging 2021-03-27 06:05:44 +00:00