OpenJFX 11 has been EOL for over a year; upstream
uses OpenJFX 15 which is also EOL. According
to <https://github.com/bisq-network/bisq/pull/6758>, the
application does not function with later versions, and has a
limited remaining lifespan as there is a new major version that
uses more modern versions. It looks like that version officially
supports OpenJDK 22, which is also EOL, but hopefully it will
work with 21 or 23. Some work was done already to package it here:
<https://github.com/NixOS/nixpkgs/pull/318594>.
After the CoreFoundation hook was dropped, bacula requires the following
changes to build on Darwin:
* Ensure bacula links CoreFoundation. Override incorrectly failing
`configure` tests and add gettext as a build input. Even if those
tests pass, bacula only links CoreFoundation when it finds libintl.
* Add Kerberos framework. Required to build on x86_64-darwin.
This is a program written in a memory‐unsafe language that processes
potentially‐untrusted user input. We shouldn’t disable upstream’s
sandboxing mechanisms for all downstream consumers without good
reason.
Although the sandbox API is officially marked as deprecated, it is
used as the basis for the supported App Sandbox and it is extremely
unlikely to ever be removed as it is used extensively throughout
the OS for service hardening and by third parties like the Chrome
sandbox. Nix itself uses it to sandbox builds, and its lack of support
for nesting is why this caused problems in the first place. Instead,
introduce a `lowdown-unsandboxed` package that can be used in the
`nativeBuildInputs` of Nix builds, while keeping the sandboxed
version of the program for general use. The name might not be ideal,
as it remains identical to `lowdown` on non‐Darwin platforms,
but I couldn’t think of a better one.
See: #125004Closes: #346933
it's confusing to have the 'playwright' attribute refer to a python
subpackage when there is already an official playwright repo with its
binaires (referred
to as playwright-driver for now).
