While preparing this change, I read the git blame on all of the files I
touched. I saw a working lifetime of building this system which we use
every day and love dearly and keep maintained ourselves. I saw commits
from a 14 year range between 2003 to 2017!! I could not be more thankful
for Eelco's work on building large parts of the foundation of nixpkgs
that all of us rely on now.
However, the end date of that range of the files I looked at the blame
on was 2017. I did not see surviving code from any newer date than that.
Looking at the Git logs, Eelco has been working on other things, and
that's totally fine.
However, it means that our maintenance metadata is out of date on a lot
of packages, and *that*'s the reason I am submitting this change. There
are a lot of packages that don't have anyone with their name on them to
be pinged if they need attention, even if they have had recent activity
(although it is never clear if recent activity was just someone fixing
it because ZHF or because the package actually matters to them).
There are a lot of packages with storied history that maybe don't need
to be in the set anymore at all since they have not been touched in
years; or maybe they are simply finished.
Empty maintainer lists should be a sign that we need to figure out who
maintains it or potentially remove it if it has rotted, and allowing the
maintainer list to be empty if it is already not maintained is part of a
healthy repository ecology.
Either way, I would like to have the maintenance metadata not mislead
anyone into sending Eelco emails about packages he doesn't, in practice,
work on anymore. I have not removed his name from everything; there are
some things that he is the upstream for or has worked on more recently,
for instance, like Nix, which I have left alone.
With cryptography 42 we can no longer just override the `src`,
because the derivation for 42 can no longer build version 40.
So revive the old version based on:
git show d74195bc77c03b6b7aa7c3433205dd518f245ef2~:pkgs/development/python-modules/cryptography/default.nix > pkgs/development/python-modules/cryptography/40.nix
git show d74195bc77c03b6b7aa7c3433205dd518f245ef2~:pkgs/development/python-modules/cryptography/vectors.nix > pkgs/development/python-modules/cryptography/vectors-40.nix │
Also:
* Include a patch for CVE-2024-26130
* Run `nixfmt` on them.
* `Securiy` -> `Security ? null` because in the local override
it doesn't seem to pass that Darwin-specific package on Linux;
avoids error:
Function called without required argument "Security"
Otherwise references to the Python interpreter inside the set are wrong, as demonstrated by:
``` nix
with import <nixpkgs> { };
let
python' = python3.override {
packageOverrides = final: prev: { requests = prev.requests.overridePythonAttrs(old: { version = "1337"; }); };
};
in python'.pkgs.python.pkgs.requests
```
which returns the _non_ overriden requests.
And the same with `self`:
```
with import <nixpkgs> { };
let
python' = python3.override {
self = python';
packageOverrides = final: prev: { requests = prev.requests.overridePythonAttrs(old: { version = "1337"; }); };
};
in python'.pkgs.python.pkgs.requests
```
which returns the overriden requests.
This can manifest itself as file collisions when constructing environments or as subtly incorrect dependency graphs.
This adds `--disable-macos-fs-link` to configureFlags on darwin
platforms, removing /etc/fstab and `mount -t bindfs` support.
This isn't ideal, but is better than the tool not building at all.
Since theey is not active from at least six years.
All the packages on this commit became orphans.
---------------------------------------------------------------------------
There are files not covered by this commit, because they will be adopted
soon. Namely:
- pkgs/by-name/zs/zsync/package.nix
- pkgs/games/bsdgames/default.nix
- pkgs/misc/ghostscript/default.nix
- pkgs/os-specific/linux/kernel/perf/default.nix
- pkgs/tools/system/logrotate/default.nix
* nickel: switch to cargoHash
* gnvim-unwrapped: switch to cargoHash
* surrealdb-migrations: switch to cargoHash
* wluma: switch to cargoHash
* httm: switch to cargoHash
No need (observed) for these packages to have a vendor Cargo.lock. If they for some reason have to use a different Cargo.lock than upstream, they should copy that to the build directory as well, otherwise the build will fail. They don't, so I infer there's no reason to use Cargo.lock.
This makes sure the correct Python version is detected by using the local m4 files.
The distributed m4 files were added in
ff043af128
to make sure the Python version is detected correctly,
but now fail to identify versions > 3.9 correctly (https://bugs.gnu.org/44239).
fix#325079
The previous update to 0.9.9 didn't actually update the version because
it forgot to update the hash,
so the old source archive continued to be used:
https://github.com/NixOS/nixpkgs/pull/312656#discussion_r1650100776
Because now the new code is actually pulled in, it needs new
dependencies and fixes.
* `PRJ_GIT_DATE` is needed.
Remove the manual replacement of versions, and use the
approach that upstream added for nixpkgs:
https://github.com/NixOS/nixpkgs/pull/181723#discussion_r1650109217
This avoids cases like this, where new versioning fields are added;
upstream takes care of it for us now.
* Use `finalAttrs` for correct version overriding.
* Fix compile error with `gtest`, see added comments.
* Enable FLAC support
(and the tests don't pass without it on this version, see
21901d7c2d)
sandboxfs was an experiment to increase sandboxing performance in bazel,
but it never reached a stable release.
The author of sandboxfs left Google in 2020 and there have been no
updates to it since then.
bazel dropped sandboxfs in the bazel 7 release. To quote their release
notes:
The sandboxfs sandboxing strategy is removed. It hadn't been
maintained for a long time, it didn't work for most users and it was
not consistently faster while being complex to set up. sandboxfs
performance is heavily dependent on the specific setup (setup costs
are lower, but you have to pay a penalty for the use of each input)
and there are scenarios where it is faster and scenarios where it is
slower. Overall it is not worth its weight.
- 217fafe2b4
Without the change `btrfs-progs` fails to build after `6.9` update on
`staging-next` as:
> Skipping patch.
> 2 out of 2 hunks ignored -- saving rejects to file convert/source-ext2.c.rej
The patch was already included in this release. Dropping.
