While Xen 4.16 has not yet reached EOL, it isn't convenient
for us to keep shipping it, as it'll reach EOL a couple
of days after NixOS 24.11 releases.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
The macOS deployment target has been set to 12.0, and the collection
of patches and reverts to keep older macOS versions working has been
dropped, as maintaining what is effectively a fork of QEMU solely for
the sake of versions no longer supported by Apple has become untenable.
It may or may not still work on older macOS versions, potentially with
reduced functionality. Upstream only officially supports the latest
two versions of macOS, so this is still extending support further back
than QEMU will support. To continue supporting back to macOS 10.12,
at least the following upstream commits would have to be reverted,
and possibly more:
* <2d27c91e2b>
* <e9c9d8dc3b>
* <7b60b971cc>
However, if you want to do that, you should be prepared to take up the
burden of maintaining the monotonically‐increasing set of patches
that will be required to keep this working in future.
Fixes: CVE-2024-7409
Co-authored-by: Emily <vcs@emily.moe>
This prevents users browsing the package in search.nixos.org from
messaging maintainers about an EOL Xen.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
For the update script and the one-liner in the README, use flags that do
what we want to do instead of piping the output to different commands or
using environment variables.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
The IPXE patch is the same across all versions.
Let us put generic patches in the new generic/ directory.
We also disable figs, as they were broken.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
XEN_EXTFILES_URL wasn't working back when this override did anything,
and now we bypass it entirely. The LD variable was rewritten to use
lib.meta.getExe.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
We now use easier to understand functions that are properly documented
and aren't as generic.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
From Peder Sundt:
> I read maintainers = with lib.maintainers; [ ]; as a friendly open
> invitation, while maintainers = [ ]; as a sad state of reality.
> I want people to join the project hence I very much prefer the former.
I don't plan on leaving anytime soon, but let's not make it
more difficult for new maintainers to step up.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Flask is disabled by default, but this will save someone an
overrideAttrs overlay if they're using FLASK.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
We were still building some minor parts of qemu-traditional by not
disabling it explicitly.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
From the 4.19 release notes:
When building with Systemd support (./configure --enable-systemd),
remove libsystemd as a build dependency. Systemd Notify support is
retained, now using a standalone library implementation.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
withTools and withPrefetchedSources are pretty complicated functions
meant to generalise per-version calls to build phases by each
pre-fetched source. This is step 1 in deprecating them.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
This is useful for the future when we begin building custom versions of
Xen, such as `qubes-vmm-xen`.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
There is no point in having both. The top-level package now points
directly to the latest version.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Most patches used in the Xen build are generic, so let's keep everything
that applies to all versions in one folder.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
While preparing this change, I read the git blame on all of the files I
touched. I saw a working lifetime of building this system which we use
every day and love dearly and keep maintained ourselves. I saw commits
from a 14 year range between 2003 to 2017!! I could not be more thankful
for Eelco's work on building large parts of the foundation of nixpkgs
that all of us rely on now.
However, the end date of that range of the files I looked at the blame
on was 2017. I did not see surviving code from any newer date than that.
Looking at the Git logs, Eelco has been working on other things, and
that's totally fine.
However, it means that our maintenance metadata is out of date on a lot
of packages, and *that*'s the reason I am submitting this change. There
are a lot of packages that don't have anyone with their name on them to
be pinged if they need attention, even if they have had recent activity
(although it is never clear if recent activity was just someone fixing
it because ZHF or because the package actually matters to them).
There are a lot of packages with storied history that maybe don't need
to be in the set anymore at all since they have not been touched in
years; or maybe they are simply finished.
Empty maintainer lists should be a sign that we need to figure out who
maintains it or potentially remove it if it has rotted, and allowing the
maintainer list to be empty if it is already not maintained is part of a
healthy repository ecology.
Either way, I would like to have the maintenance metadata not mislead
anyone into sending Eelco emails about packages he doesn't, in practice,
work on anymore. I have not removed his name from everything; there are
some things that he is the upstream for or has worked on more recently,
for instance, like Nix, which I have left alone.
It was running unpatched binary which was failing and thus generating
empty output. After https://github.com/NixOS/nixpkgs/pull/289517
installShellCompletion errors out because of this, which lead to broken
build.
Move installShellCompletion call to after autoPatchelfHook in
fixupPhase.
Otherwise, wayland-scanner would be picked up from the wayland in
buildInputs, which isn't cross-friendly and will stop working when we
split wayland-scanner into a separate package.
Second time's the charm! We have a transient SIGPIPE error caused by the
Figs makefile. This seems to only be reproducible in some Hydra
machines. This patch can be upstreamed into Xen if it fixes the build
failures.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
The description was mangled in search.nixos.org. It recommended using
qemu_xen with a Xen that already included QEMU, and there were edge
cases where there wouldn't be enough newlines to properly display the
full description.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
Xen not only has manual pages, but also a full documentation written
in HTML files. By adding ImageMagick, the `fig2dev` build doesn't
fail, so we can have the docs build in the $doc output.
This also fixes the Hydra build, but who cares about that? We have
good Xen docs now!
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
This focuses on Rust packages, since the most commonly used argument
parser library (clap/structopt) makes the following pattern natural and
thus common:
postInstall = ''
installShellCompletion --cmd foo \
--bash <($out/bin/foo completion bash) \
…
This commit just guards those with
lib.optionalString (stdenv.buildPlatform.canExecute stdenv.hostPlatform)
splitting the string where unrelated actions are performed.
The update script is interactive, not automated, and is meant to run
with human intervention in order to verify Xen's code signature. It
produces default.nix files for all security-supported branches.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
There are too many changes to list between these versions,
but here's what's important for Nixpkgs:
- Enabled xen.efi building, allowing the nixos/xen module to
support EFI booting.
- Renamed xen-light to xen-slim, and removed the old xen-slim
package, as qemu-traditional has been removed per an upstream
recommendation.
- xen-slim (formerly xen-light) no longer builds iPXE.
- You can now use the OVMF from Xen's repos.
- Further generalised generic.nix. Maintaining three versions
at once is finally doable.
- Removed as many recursions as possible.
- Split the package output.
Signed-off-by: Fernando Rodrigues <alpha@sigmasquadron.net>
it's been unmaintained for several years now, so there's no reason to
continue maintaining it at this point. Users should migrate to compose
v2, which is maintained in-tree as just docker-compose
