Naive concatenation of $LD_LIBRARY_PATH can result in an empty
colon-delimited segment; this tells glibc to load libraries from the
current directory, which is definitely wrong, and may be a security
vulnerability if the current directory is untrusted. (See #67234, for
example.) Fix this throughout the tree.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
recently this stopped building on nixos-unstable
a git bisect of nixpkgs revealed;
`# first bad commit: [8f729c0070] gcc: switch default to gcc9`
this switches the build to use gcc8Stdenv
This enables building of Blender.app. The standard build process assumes
that the dependencies are installed in subdirectoris inside $LIBDIR with
libraries built as static. In current implementation we are not looking
to achieve portability, so cmake files are patched to link dynamically
with the libraries in the nix store. Linking to the transitive
dependencies is not needed in the shared case. There are also some minor
inconsistensies in the expected paths, which also need to be patched.
Alternatively, we could patch cmake files to treat darwin as "unix", but
that would require more tweaking to ensure that the frameworks are being
linked properly.
- Removed the unnecessary libmicrohttpd dependency, which doesn't
build on macOS. KeepassXC removed this dependency in 2.1.2
- Fixed a compiler error related to the Touch ID feature by adding a
dependency on the LocalAuthentication framework
* `glibcLocales` (+appropriate locale settings) are needed to fix
locale/language-related errors in the `checkPhase`.
* The `test_editor.test_popup`-testcase appears to break in
their testsuite. I confirmed manually that the functionality works, the
error looks more like a problem related to the mocking-api. Thus I
disabled the test for now.
https://hydra.nixos.org/build/109705657Closes#76989
Fixes a bug that was noticed during an automated version bump.
What was needed was to add an LD_LIBRARY_PATH entry for stdenv.cc.cc in
makeWrapper
```
--prefix LD_LIBRARY_PATH : "${stdenv.lib.makeLibraryPath [ stdenv.cc.cc ] }" \
```
The error as seen in developer tools console was:
```
/nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/electron.asar/renderer/init.js:158 Unable to load preload script: /nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/app.asar/desktop/preload.js
(anonymous) @ /nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/electron.asar/renderer/init.js:158
/nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/electron.asar/renderer/init.js:159 Error: libstdc++.so.6: cannot open shared object file: No such file or directory
at process.module.(anonymous function) [as dlopen] (ELECTRON_ASAR.js:160:31)
at Object.Module._extensions..node (internal/modules/cjs/loader.js:722)
at Object.module.(anonymous function) [as .node] (ELECTRON_ASAR.js:169:18)
at Module.load (internal/modules/cjs/loader.js:602)
at tryModuleLoad (internal/modules/cjs/loader.js:541)
at Function.Module._load (internal/modules/cjs/loader.js:533)
at Module.require (internal/modules/cjs/loader.js:640)
at require (internal/modules/cjs/helpers.js:20)
at Object.<anonymous> (/nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/app.asar/node_modules/@paulcbetts/spellchecker/lib/spellchecker.js:3)
at Object.<anonymous> (/nix/store/d4b2xcpdf4y4hspbwrmjdz540m493894-simplenote-1.12.0/opt/Simplenote/resources/app.asar/node_modules/@paulcbetts/spellchecker/lib/spellchecker.js:116)
```
To (help) anyone that may find have errors like this in the future:
makeWrapper requiring the makeLibraryPath with stdenv.cc.cc is fairly common for electron apps.
At least ones that use dpkg on prebuilt debian .deb files (my `bitwarden` derivation requires it, too) that use gappsWrapperArgs
Thanks @ryantm / r-ryantm and @worldofpeace :)
Reference: https://github.com/NixOS/nixpkgs/pull/76421#pullrequestreview-336359695
Idea shamelessly stolen from 4e60b0efae.
I realized that I don't really know anymore where I'm listed as maintainer and what
I'm actually (co)-maintaining which means that I can't proactively take
care of packages I officially maintain.
As I don't have the time, energy and motivation to take care of stuff I
was interested in 1 or 2 years ago (or packaged for someone else in the
past), I decided that I make this explicit by removing myself from several
packages and adding myself in some other stuff I'm now interested in.
I've seen it several times now that people remove themselves from a
package without removing the package if it's unmaintained after that
which is why I figured that it's fine in my case as the affected pkgs
are rather low-prio and were pretty easy to maintain.
This adds the hicolor theme to XDG_DATA_DIRS for rofi and moves all
wrapping to rofi/wrapper.nix.
The wrapper will now always be generated, even when a theme is not provided.
Before, the checkbox for OTP functionality could not be enabled on
NixOS, even when `(pass.withExtensions (exts: [ exts.pass-otp ]))`
was installed correctly.
* barrier: add openssl runtime dependency
The barrier GUI creates an SSL certificate at runtime using OpenSSL. We add
openssl to the path to enable this feature.
* barrier: fix GLib-GIO-ERROR rg.gtk.Settings.FileChooser
When you use the Barrier menu item in the GUI to save the configuration, the
program crashes. wrapGAppsHook fixes this issue.
Error was:
GLib-GIO-ERROR **: 19:03:29.155: Settings schema 'org.gtk.Settings.FileChooser' does not contain a key nixos
* barrier: move cmake buildInputs to nativeBuildInputs
Similar to keepkey, trezor and btchip, ckcc-protocol is a plugin,
allowing electrum to communicate with the https://coldcardwallet.com/
hardware wallet.
* vym: 2.6.11 -> 2.7.1
* vym: install man page
* vym: fix /usr paths and move data from $out/vym
* Change version to 2.7.0
There was some concern that the release tarball 2.7.1 actually contains an in-development snapshot rather than a full release. The consensus seems to be that 2.7.0 should be used instead.
This package actually uses the old abandoned code base.
However the code base has been revieved by new maintainers
* https://github.com/projecthamster/
if there is a request for it could be re-added to nixpkgs.
This makes patching the path for `libEGL` consistent with `libstartup-notification` and `libcanberra`.
It should also prevent silently doing nothing in case the code in kitty is changed, similar to what was described in 1842c4aaa4.
vifm includes some optional features what are currently no-op due
to missing dependencies. Once such example is `vifm-media`.
vimfm-media is a Linux script included with vifm which can be used to
mount/umount removable media from within vifm. However, vifm-media
has additional dependencies, namely Python, dbus, and a supported
back-end such as udisks2. While vimfm-media is currently installed,
it fails with the error "No supported backend found."
This change adds optional support for vifm-media via the new package
vifm-full; Opening for the opportunity to add whatever optional
dependencies I have not considered in this change in the future,
while not generously increasing the closure size of the original
vifm package.
For reference, vifm has a closure size of 41,164,432 while the new
vifm-full increases this to 382,642,536. Calculated with
`nix path-info -S`
Note: While vifm-media supports numerous back-ends, this change only
adds support for udisks2. In addition, vifm-media is not supported on
MacOS/OSX, for which upstream provides an alternative script.