Fedora and RHEL use a different location for the trust store, compared
to other distros. Without this, validation of the CA root certificates
fails in all nss applications.
continuation of #109595
pkgconfig was aliased in 2018, however, it remained in
all-packages.nix due to its wide usage. This cleans
up the remaining references to pkgs.pkgsconfig and
moves the entry to aliases.nix.
python3Packages.pkgconfig remained unchanged because
it's the canonical name of the upstream package
on pypi.
I made a mistake merge. Reverting it in c778945806 undid the state
on master, but now I realize it crippled the git merge mechanism.
As the merge contained a mix of commits from `master..staging-next`
and other commits from `staging-next..staging`, it got the
`staging-next` branch into a state that was difficult to recover.
I reconstructed the "desired" state of staging-next tree by:
- checking out the last commit of the problematic range: 4effe769e2
- `git rebase -i --preserve-merges a8a018ddc0` - dropping the mistaken
merge commit and its revert from that range (while keeping
reapplication from 4effe769e2)
- merging the last unaffected staging-next commit (803ca85c20)
- fortunately no other commits have been pushed to staging-next yet
- applying a diff on staging-next to get it into that state
For cross platform builds, p11-kit, libtasn1 in nativeBuildInputs
provides the asn1Parser binary on the hostPlatform needed for building.
At the same time, libtasn1 in buildInputs provides the libasn1 library
to link against for the target platform.
Hence, libtasn1 is required in both native and build inputs.
* p11-kit: 0.23.14 -> 0.23.15
Semi-automatic update generated by
https://github.com/ryantm/nixpkgs-update tools. This update was made
based on information from
https://repology.org/metapackage/p11-kit/versions
* p11-kit: refactor 0.23.14 -> 0.23.15
+ add upstream patch to avoid breaking Chromium
+ add upstream patch to fix JKS tests
+ refresh meta (homepage, descriptions, license)
He prefers to contribute to his own nixpkgs fork triton.
Since he is still marked as maintainer in many packages
this leaves the wrong impression he still maintains those.
Semi-automatic update. These checks were done:
- built on NixOS
- Warning: no binary found that responded to help or version flags. (This warning appears even if the package isn't expected to have binaries.)
- found 0.23.10 with grep in /nix/store/ghdcsrmkzpszvhi5dvfcwmm8ysjhsmrq-p11-kit-0.23.10
- found 0.23.10 in filename of file in /nix/store/ghdcsrmkzpszvhi5dvfcwmm8ysjhsmrq-p11-kit-0.23.10
This depends ultimately on texlive which is a big build and depends on
lots of libraries which often get security updates. This triggers
mass rebuilds because systemd depends on gnutls which depends on
p11_kit.
This was introduced with 93d80f1951.
... after auto-removing some kinds of files by default.
In some cases I let them be removed and in others I let them be put into
$docdev. That was more due to general indecisiveness on this question
than any reasons in the particular cases.