Commit Graph

40 Commits

Author SHA1 Message Date
Adam Stephens
238be6ca11
envoy: 1.27.2 -> 1.27.3
https://github.com/envoyproxy/envoy/releases/tag/v1.27.3

Fixes:
https://github.com/envoyproxy/envoy/security/advisories/GHSA-gq3v-vvhj-96j6
https://github.com/envoyproxy/envoy/security/advisories/GHSA-5m7c-mrwr-pm26
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6p83-mfmh-qv38
https://github.com/envoyproxy/envoy/security/advisories/GHSA-x278-4w4x-r7ch
https://github.com/envoyproxy/envoy/security/advisories/GHSA-4h5x-x9vh-m29j
2024-02-13 21:58:04 -05:00
Adam Stephens
1ee4635ed3
envoy: 1.27.1 -> 1.27.2 2024-01-15 00:25:37 -05:00
Claudio Bley
7fa6816c0c envoy: Update hash after bazel_6 upgrade 2023-10-29 08:30:50 +01:00
Luke Granger-Brown
732fd4e0dd envoy: 1.26.4 -> 1.27.1 2023-10-13 23:17:11 +00:00
Adam Stephens
05c19a34df
envoy: fix another hash invalidator in fetcher 2023-09-15 14:41:44 -04:00
Adam Stephens
6df0facb7f
envoy: update broken deps hashes 2023-09-12 12:24:54 -04:00
Robert Scott
571ed5c7a1 envoy: 1.26.3 -> 1.26.4 2023-09-04 23:36:16 +01:00
Jacob Foard
2d9342b9be
fixup bazel_6 buildBazelPackage references 2023-08-18 11:07:52 -04:00
Thomas Gerbet
60d546a96d envoy: 1.26.1 -> 1.26.3
Fixes CVE-2023-35945.

Changelog:
https://github.com/envoyproxy/envoy/releases/tag/v1.26.3
https://github.com/envoyproxy/envoy/releases/tag/v1.26.2
2023-07-29 22:12:03 +02:00
divanorama
4d494b82de
Update pkgs/servers/http/envoy/default.nix 2023-05-12 22:04:55 +02:00
Dmitry Ivankov
5a14400712 bazel_6: 6.1.2 -> 6.2.0
https://github.com/bazelbuild/bazel/releases/tag/6.2.0
2023-05-12 15:33:48 +02:00
Luke Granger-Brown
23cd27508f envoy: 1.25.1 -> 1.26.1 2023-05-12 07:54:56 +00:00
Dmitry Ivankov
e0d1e77c23 bazel_5: 5.4.0->5.4.1
Also update the updater script.

https://github.com/bazelbuild/bazel/releases/tag/5.4.1

- [X] recalculate fetchAttrs digest for packages built with bazel_5
2023-05-10 16:09:19 +02:00
Thomas Gerbet
62b0017f86 envoy: mark with knownVulnerabilities
Attempts to update `envoy` have not been successful.
Nobody with enough Bazel skills has step up to untangle
the build issues with the latest version.
2023-05-04 23:10:57 +02:00
Uri Baghin
f8ee061247 buildBazelPackage: fix difference between linux and darwin deps 2023-04-06 11:42:46 +10:00
Uri Baghin
440b4de588 buildBazelPackage: support multiple targets 2023-04-05 12:59:54 +10:00
Luke Granger-Brown
22d9547ce3 envoy: 1.23.3 -> 1.25.1 2023-02-19 18:56:55 +00:00
Andreas Stührk
304c84ff10 envoy: build with noexecstack 2023-02-09 12:07:03 +01:00
Uri Baghin
5fe2aa39de
envoy: fix deps hashes 2023-01-12 11:15:49 +11:00
Dmitry Ivankov
c8bc2f2c0d bazel_5: 5.3.2 -> 5.4.0 2023-01-10 16:04:00 +01:00
Dmitry Ivankov
9a82a9b524 bazel: 5.2.0 -> 5.3.2
https://blog.bazel.build/2022/08/23/bazel-5.3.html

to supersede https://github.com/NixOS/nixpkgs/pull/187943

re-reverts https://github.com/NixOS/nixpkgs/pull/199458 with more hash updates
2022-12-25 16:47:03 +01:00
Peter Woodman
44b25a639f envoy: 1.23.1 -> 1.23.3 2022-12-20 15:00:02 -05:00
Luke Granger-Brown
0a087095ac envoy: remove remaining nix store references from deps
To do this, this commit does several things:

* Move the set-interpreter patching to outside the fixed-output
  derivation
* Patch base_pip3/BUILD.bazel, which ends up getting Python's full path
* Drop local_jdk, which contains symlinks to our jdk input
* Drop bazel_gazelle_go_repository_tools, which contains built artifacts
  using our go

...and updates the FOD hash to match. Checked that this appears to
remove the currently obvious FOD problems by checking out an older
nixpkgs commit and applying this on top, and verifying that the FOD hash
doesn't change between that older glibc and the current tip-of-tree.

This also disables tcmalloc on ARM because I couldn't get this to build
properly otherwise.
2022-09-11 04:58:53 +01:00
Luke Granger-Brown
16215285cd envoy: 1.21.5 -> 1.23.1 2022-09-05 00:54:39 +01:00
Morgan Helton
4d7f8b50d2 envoy: 1.21.4 -> 1.21.5 2022-08-23 19:47:27 -05:00
Luke Granger-Brown
da111dc41e envoy: 1.21.1 -> 1.21.4 2022-06-19 19:18:12 +00:00
Artturin
b3caa2f1fe treewide: extraPostFetch -> postFetch 2022-05-23 17:18:50 +03:00
Luke Granger-Brown
69c4a08072 envoy: fix sha256 for aarch64-linux 2022-05-10 19:12:05 +02:00
Rick van Schijndel
9d9b4dc64b envoy: fix sha256 for x86_64-linux 2022-05-10 07:30:10 +02:00
Luke Granger-Brown
defb2298de envoy: fix builds for x86_64-linux and aarch64-linux
* Bumps brotli version to incorporate a fix for some GCC warnings which
  get promoted to errors.
* Switches from wee8 to WAMR because it's easier to make it build
  sensibly on a range of GCC versions that aren't just "whatever ships
  with Ubuntu LTS".
* Adds a patch for WAMR's build in Envoy because it won't build properly
  under Linux aarch64, since WAMR doesn't detect aarch64 unless it's on
  macOS.
2022-05-09 00:51:26 +00:00
Luke Granger-Brown
b23255a51c envoy: add fetch hash for aarch64-linux 2022-04-15 09:17:48 +00:00
Cameron Nemo
1b4b16e1bd nixos/envoy: init 2022-04-07 14:43:53 +00:00
ajs124
5b272a024e envoy: 1.19.1 -> 1.21.1 2022-02-28 18:58:35 +01:00
Luke Granger-Brown
637d735ad5 envoy: 1.17.3 -> 1.19.1
This now uses gn1924 to allow v8 to build properly.
2021-12-07 13:41:03 +00:00
Luke Granger-Brown
00e54055e1 envoy: 1.16.2 -> 1.17.3 2021-06-07 20:58:56 +00:00
Pavol Rusnak
29bb19258a
treewide: use https for github URIs 2021-04-17 17:59:08 +02:00
Luke Granger-Brown
f081b0c9bb envoy, pomerium: add Pomerium NixOS test to passthru.tests 2021-03-29 10:41:41 +00:00
Claudio Bley
6d8c431eb0 bazel: 3.7.1 -> 3.7.2
* update sha256 for gvisor, tensorflow{,WithCuda}, bazel-watcher, bazel-remote
  and envoy
2021-02-03 10:44:07 +01:00
Pavol Rusnak
90f7338112
treewide: stdenv.lib -> lib 2021-01-24 01:49:49 +01:00
Luke Granger-Brown
6e684ca91e envoy: init at 1.16.2 2021-01-14 12:26:11 +00:00