nixpkgs

mirror of https://github.com/NixOS/nixpkgs.git synced 2024-11-27 09:23:01 +00:00

Author	SHA1	Message	Date
Ivan Mincik	f35a9d2707	gdal: bump java source option Bump java source option to fix build with JDK 21. Closes #294940	2024-03-11 18:38:21 +01:00
Rick van Schijndel	63dc52bdbf	Merge pull request #294981 from wegank/nomacs-refactor nomacs: refactor	2024-03-11 18:35:03 +01:00
R. Ryantm	598f085755	disko: 1.4.0 -> 1.4.1	2024-03-11 17:32:12 +00:00
Jon Seager	5813108ee2	lxd-ui: 0.6 -> 0.7	2024-03-11 17:31:34 +00:00
Yaya	57df47d918	snipe-it: 6.3.1 -> 6.3.3 https://github.com/snipe/snipe-it/releases/tag/v6.3.3	2024-03-11 18:16:36 +01:00
Yaya	c1fd254beb	snipe-it: Move to pkgs/by-name/	2024-03-11 18:16:36 +01:00
Yaya	eb12b77ff0	snipe-it: 6.2.2 -> 6.3.1 https://github.com/snipe/snipe-it/releases/tag/v6.3.0 https://github.com/snipe/snipe-it/releases/tag/v6.3.1	2024-03-11 18:16:36 +01:00
Pol Dellaiera	8deb162d09	Merge pull request #293722 from savedra1/clipse-init/0.0.6 clipse: init at 0.0.6	2024-03-11 18:05:22 +01:00
Pol Dellaiera	cb4d58b28d	phpExtensions.dom: update bounds for PHP82 and PHP81	2024-03-11 17:49:29 +01:00
Nick Cao	dc4a6bcdca	Merge pull request #294592 from sinavir/aiohttp_better_packaging python311Packages.aiohttp-client-cache: Use standard packaging	2024-03-11 12:44:26 -04:00
David McFarland	c2eb1270d7	Merge pull request #294576 from corngood/dotnet-vmr-size dotnet: strip native symbols from runtime	2024-03-11 13:43:34 -03:00
Robert Schütz	3239a64d95	python311Packages.approvaltests: 11.1.0 -> 11.1.1 Diff: https://github.com/approvals/ApprovalTests.Python/compare/refs/tags/v11.1.0...v11.1.1 Changelog: https://github.com/approvals/ApprovalTests.Python/releases/tag/v11.1.1	2024-03-11 09:42:15 -07:00
emilylange	08c37ba899	nixos/lldap: set service `UMask=0027` and `StateDirectoryMode=0750` While `/var/lib/lldap` isn't technically accessible by unprivileged users thanks to `DynamicUser=true`, a user might prefer and change it to `DynamicUser=false`. There is currently also a PR open that intends to make `DynamicUser` configurable via module option. As such, `jwt_secret_file`, if bootstrapped by the service start procedure, might be rendered world-readable due to its permissions (`0644/-rw-r--r--`) defaulting to the service's umask (`022`) and `/var/lib/lldap` to `0755/drwxr-xr-x` due to `StateDirectoryMode=0755`. This would usually be fixed by using `(umask 027; openssl ...)` instead of just `openssl ...`. However, it was found that another file (`users.db`), this time bootstrapped by `lldap` itself, also had insufficient permissions (`0644/-rw-r--r--`) inherited by the global umask and would be left world-readable as well. Due to this, we instead change the service's to `027`. And to lower the impact for already bootstrapped files on existing instances like `users.db`, set `StateDirectoryMode=0750`.	2024-03-11 17:34:29 +01:00
emilylange	7501889950	lldap: remove emilylange from maintainers I find lldap's defaults security-wise and its security-posture in a broader sense deeply unsettling for something as security-critical an authentication server.	2024-03-11 17:34:29 +01:00
emilylange	61a651e362	nixos/lldap: bootstrap `jwt_secret` if not provided If not provided, lldap defaults to `secretjwtsecret` as value which is hardcoded in the code base. See https://github.com/lldap/lldap/blob/v0.5.0/server/src/infra/configuration.rs#L76-L77 This is really bad, because it is trivially easy to generate an admin access token/cookie as attacker, if a `jwt_secret` is known.	2024-03-11 17:34:29 +01:00
R. Ryantm	94cf5993a1	baresip: 3.9.0 -> 3.10.0	2024-03-11 16:31:40 +00:00
TheMaxMur	cc223b7de6	vscode-extensions.vscjava.vscode-java-pack: init 0.25.2023121402	2024-03-11 19:28:25 +03:00
TheMaxMur	fe8fbcaf24	vscode-extensions.visualstudioexptteam.vscodeintellicode: init 1.2.30	2024-03-11 19:28:25 +03:00
TheMaxMur	d57dbbe368	vscode-extensions.visualstudioexptteam.intellicode-api-usage-examples: init 0.2.8	2024-03-11 19:28:24 +03:00
TheMaxMur	71fce2227a	vscode-extensions.ms-vscode.cpptools-extension-pack: init 1.3.0	2024-03-11 19:28:16 +03:00
nixpkgs-merge-bot[bot]	bc3604ee35	Merge pull request #294989 from r-ryantm/auto-update/ast-grep ast-grep: 0.19.3 -> 0.19.4	2024-03-11 16:26:14 +00:00
Paul Meyer	08a5ab8937	Merge pull request #287262 from katexochen/dnf4/4-19-0 dnf4: 4.18.2 -> 4.19.0	2024-03-11 17:20:10 +01:00
Pol Dellaiera	54c52cb276	Merge pull request #294334 from ShamrockLee/sourceroot-fix treewide: fix hard-coded `sourceRoot` prefix for `fetchgit`-based `src`	2024-03-11 16:50:57 +01:00
TheMaxMur	f9fc4dd23b	vscode-extensions.stylelint.vscode-stylelint: init 1.3.0	2024-03-11 18:50:14 +03:00
TheMaxMur	ff8886fa0d	vscode-extensions.reloadedextensions.reloaded-cpp: init 0.1.9	2024-03-11 18:50:13 +03:00
TheMaxMur	0d5e9ddae9	vscode-extensions.mathiasfrohlich.kotlin: init 1.7.1	2024-03-11 18:50:13 +03:00
TheMaxMur	00fd0f311b	vscode-extensions.hediet.vscode-drawio: init 1.6.6	2024-03-11 18:50:02 +03:00
sinavir	06354636e7	python311Packages.aiohttp-client-cache: Use standard packaging	2024-03-11 16:40:42 +01:00
Philip Taron	20abffc0dd	Avoid top-level `with ...;` in lib/tests/modules/extendModules-168767-imports.nix	2024-03-11 08:38:37 -07:00
Philip Taron	0426125c53	Avoid top-level `with ...;` in lib/tests/modules/alias-with-priority.nix	2024-03-11 08:38:14 -07:00
Pol Dellaiera	9336998b51	Merge pull request #295011 from drupol/php/extensions/dom/fix-lower-bound phpExtensions.dom: fix lowest extensions	2024-03-11 16:37:58 +01:00
Philip Taron	dd46445adc	Avoid top-level `with ...;` in lib/tests/modules/alias-with-priority-can-override.nix	2024-03-11 08:37:31 -07:00
Nick Cao	1e88f68d65	Merge pull request #294987 from GaetanLepage/rye rye: 0.28.0 -> 0.29.0	2024-03-11 11:37:20 -04:00
Adam C. Stephens	9bc6d4892b	Merge pull request #294976 from r-ryantm/auto-update/sabnzbd sabnzbd: 4.2.2 -> 4.2.3	2024-03-11 11:34:32 -04:00
Nick Cao	c3e5053776	Merge pull request #294776 from r-ryantm/auto-update/python311Packages.persim python311Packages.persim: 0.3.2 -> 0.3.5	2024-03-11 11:31:59 -04:00
Nick Cao	65a57ea8f1	Merge pull request #294480 from r-ryantm/auto-update/frugal frugal: 3.17.8 -> 3.17.9	2024-03-11 11:29:29 -04:00
Nick Cao	fa5174047b	Merge pull request #294525 from r-ryantm/auto-update/python311Packages.google-cloud-asset python311Packages.google-cloud-asset: 3.24.3 -> 3.25.0	2024-03-11 11:28:17 -04:00
Pol Dellaiera	47195dc3d9	phpExtensions.dom: fix lowest extensions	2024-03-11 16:28:15 +01:00
Nick Cao	ace81d4760	Merge pull request #294534 from r-ryantm/auto-update/python311Packages.google-cloud-websecurityscanner python311Packages.google-cloud-websecurityscanner: 1.14.2 -> 1.14.3	2024-03-11 11:27:36 -04:00
Nick Cao	787d63155b	Merge pull request #294276 from r-ryantm/auto-update/conftest conftest: 0.49.1 -> 0.50.0	2024-03-11 11:25:16 -04:00
Vincent Laporte	b577c470f9	ocamlPackages.ocsigen-start: 6.1.2 → 6.2.0	2024-03-11 15:24:30 +00:00
Nick Cao	983419d857	Merge pull request #294283 from r-ryantm/auto-update/discordo discordo: unstable-2024-03-03 -> unstable-2024-03-07	2024-03-11 11:24:27 -04:00
Nick Cao	996086f259	Merge pull request #294291 from r-ryantm/auto-update/dolt dolt: 1.35.0 -> 1.35.1	2024-03-11 11:24:04 -04:00
Nick Cao	6b775f7508	Merge pull request #294293 from r-ryantm/auto-update/rootlesskit rootlesskit: 2.0.1 -> 2.0.2	2024-03-11 11:23:36 -04:00
Nick Cao	1df6e81d4f	Merge pull request #294402 from r-ryantm/auto-update/zotero zotero: 6.0.30 -> 6.0.35	2024-03-11 11:21:00 -04:00
Nick Cao	15d798ec85	Merge pull request #294422 from r-ryantm/auto-update/schismtracker schismtracker: 20240129 -> 20240308	2024-03-11 11:19:50 -04:00
Nick Cao	e4cbd578c0	Merge pull request #294423 from r-ryantm/auto-update/sesh sesh: 0.12.0 -> 0.15.0	2024-03-11 11:18:57 -04:00
Nick Cao	06b8766d1c	Merge pull request #294424 from r-ryantm/auto-update/pocketbase pocketbase: 0.22.2 -> 0.22.3	2024-03-11 11:18:28 -04:00
Nick Cao	cbfa2e96b2	Merge pull request #293915 from r-ryantm/auto-update/flannel flannel: 0.24.2 -> 0.24.3	2024-03-11 11:16:49 -04:00
Weijia Wang	a3a96a941d	llvmPackages_git: 18.1.0-rc3 -> 18.1.0-rc4	2024-03-11 16:15:49 +01:00

... 2 3 4 5 6 ...

595882 Commits