Alyssa Ross
b4f74e334e
python2: fix eval
...
Fixes: ee90eca180
("cpython: Migrate sha256 occurences to hash")
2023-02-13 17:14:19 +00:00
Martin Weinelt
ee90eca180
cpython: Migrate sha256 occurences to hash
2023-02-11 17:50:53 +01:00
superherointj
a411b337d6
Merge pull request #209622 from NickCao/python311-cross
...
python311: fix cross compilation
2023-02-04 18:04:43 -03:00
Shawn8901
a59dda942c
treewide: remove global with lib; statements in pkgs/development
2023-01-26 18:31:02 +01:00
Nick Cao
6ad4d75364
Merge pull request #211079 from NickCao/py37
...
python37: remove leftovers
2023-01-23 11:22:35 +08:00
Minijackson
2b43490121
python: improve ABI name detection
2023-01-19 15:20:31 +01:00
Nick Cao
dde298c126
python37: remove leftover files
2023-01-16 19:49:16 +08:00
Thiago Kenji Okada
79194a913d
Merge pull request #210078 from thiagokokada/dont-expose-resholve
...
resholve: mark it as knownVulnerabilities, allow resholve-utils usage
2023-01-15 18:10:34 +00:00
Thiago Kenji Okada
66093a4120
python27: remove stripLibs argument
...
Since we are now guarantee that the `resholve` is not exposing `python27`,
let's remove the `stripLibs` hack that tried to reduce its size.
2023-01-15 12:29:42 +00:00
github-actions[bot]
ceb05ad4bf
Merge master into staging-next
2023-01-13 06:01:09 +00:00
Mario Rodas
e7b6fb49fd
Merge pull request #208744 from wegank/python312-darwin
...
python312: fix build on darwin
2023-01-12 22:35:07 -05:00
Nick Cao
f742c6d443
python311: fix cross compilation
2023-01-08 12:39:02 +08:00
github-actions[bot]
4bf238a8fb
Merge master into staging-next
2023-01-08 00:02:31 +00:00
Fabián Heredia Montiel
d9fbb33f92
python27: mark as vulnerable/insecure due to EOL on 2020-01-01
...
More information: https://www.activestate.com/products/python/python-2-end-of-life-security-updates/
2023-01-07 16:25:35 -06:00
Martin Weinelt
afd962b51c
Merge remote-tracking branch 'origin/master' into staging-next
2023-01-05 17:16:26 +01:00
Martin Weinelt
e75f5e8efa
python37: drop
...
The package set hasn't been working for a long time now, due to infinite
recursions, that nobody was going to fix.
The release is going to go EOL in 2023/06 and we don't want to ship it
in NixOS 23.05 anyway.
2023-01-05 13:20:49 +01:00
Thiago Kenji Okada
b0ac530007
python27: 2.7.18.5 -> 2.7.18.6
2023-01-04 21:12:03 +00:00
github-actions[bot]
789ae2c93d
Merge staging-next into staging
2023-01-04 18:01:36 +00:00
Weijia Wang
f6fd1b9a53
python312: fix build on darwin
2023-01-02 13:07:46 +01:00
Thiago Kenji Okada
47f904bad1
python27: use ffi/expat as system libraries
...
Without `--with-system-{ffi,expat}` flags, Python will use its own
embedded libraries that are out-of-date. Thanks to it, they can be a
security issue. So let's use our own libraries instead.
This is already what Python 3.x does, so should be safe.
2022-12-18 12:32:51 +00:00
github-actions[bot]
61a0176830
Merge staging-next into staging
2022-12-17 00:02:50 +00:00
github-actions[bot]
30b97b0e83
Merge master into staging-next
2022-12-17 00:02:17 +00:00
Thiago Kenji Okada
283ecac082
resholve: strip unused libraries from python27
...
Strip unused libraries from resholve's own python27 derivation, further
reducing its size and reducing its attack surface.
2022-12-15 00:07:02 +00:00
github-actions[bot]
74a066ab3f
Merge staging-next into staging
2022-12-13 18:02:08 +00:00
github-actions[bot]
d07c2d73fd
Merge master into staging-next
2022-12-13 18:01:30 +00:00
Thiago Kenji Okada
2e943fc060
resholve: use stripped-down python27
...
This PR strips down the modified `python27` derivation used by `resholve`. The
idea is to reduce the possible security issues, and also to make it easier to
bootstrap.
2022-12-13 14:37:00 +00:00
github-actions[bot]
cfbecb45cc
Merge staging-next into staging
2022-12-12 18:01:51 +00:00
Vladimír Čunát
1a5af95367
python311: revert asyncio changes done in 3.11.1
...
Almost same as in the parent commit.
2022-12-12 14:33:17 +01:00
Vladimír Čunát
9ee1d16c36
python310: revert asyncio changes done in 3.10.9
...
They brought significant regressions. Upstream is now discussing
what to do, but we still want the security fixes from 3.10.9.
2022-12-12 14:23:49 +01:00
Robert Hensing
16f5747575
Merge pull request #175649 from Artturin/opt-in-structured-attrs
...
stdenv: support opt-in __structuredAttrs
2022-12-10 21:12:43 +01:00
Vladimír Čunát
9c497bb8d6
Merge branch 'staging-next' into staging
2022-12-09 10:27:46 +01:00
Artturin
adc8900df1
treewide: fix some core package structuredAttrs
2022-12-08 21:05:28 +02:00
Martin Weinelt
6dcc133aae
cpython: Update meta and add changelog url
2022-12-07 16:31:39 +01:00
Martin Weinelt
72231c9177
cpython: Restore libxcrypt CFLAGS and LIBS in configureFlags
2022-12-02 22:50:55 +01:00
Martin Weinelt
adae7334e4
python312: init at 3.12.0a2
...
https://blog.python.org/2022/10/python-3120-alpha-1-released.html
https://blog.python.org/2022/11/python-3120-alpha-2-released.html
2022-11-29 01:55:35 +01:00
Martin Weinelt
b5a4d7760d
cpython: drop leftover 3.5/3.6 logic and patches
2022-11-29 01:34:59 +01:00
Thiago Kenji Okada
d345fb2500
python27: fix CVE-2021-3733
2022-11-28 11:45:40 +00:00
Thiago Kenji Okada
b3d02fb8b5
python27: add thiagokokada as maintainer
2022-11-28 09:41:57 +00:00
Thiago Kenji Okada
14334cb683
python27: switch to ActiveState's fork for Python 2
...
ActiveState is a company that is maintaining a fork of Python 2 to fixes
its security issues. Their support is paid, however the code is
open-source. See the details here:
https://www.activestate.com/products/python/python-2-end-of-life-security-updates/
This enable us to drop a bunch of CVE's patches for Python 2.7 and also
it should be easier to maintain, since we can just bump the version once
ActiveState tags a new version.
2022-11-28 09:41:57 +00:00
Martin Weinelt
acb119aeac
Merge pull request #203362 from thiagokokada/add-patches-to-python27-cves
2022-11-28 01:56:07 +01:00
Thiago Kenji Okada
e7d9b0b19d
python27: add patches for known security issues
...
Add patches from Arch Linux package (that itself source its patches from
Gentoo) to the following known security issues in Python 2.7:
- CVE-2020-26116
- CVE-2020-27619
- CVE-2020-8492
This should cover all security issues currently listed in
https://www.activestate.com/products/python/python-2-end-of-life-security-updates/ .
2022-11-27 22:46:20 +00:00
ajs124
2b3c729654
python3: use openssl_legacy
2022-11-21 13:46:00 +01:00
ajs124
f06f950183
Revert "Revert "python3: pin to openssl_1_1""
...
This reverts commit 017fd89527
.
2022-11-21 13:46:00 +01:00
Lassulus
15a42961b6
Merge pull request #196906 from helsinki-systems/feat/less-openssl_1_1
2022-11-11 00:21:52 +01:00
Sergei Trofimovich
845c39bab5
pythonFull: drop unused xlibsWrapper input
...
Tested as no material change in `out` output with `diffoscope`.
2022-10-30 16:47:30 +00:00
ajs124
017fd89527
Revert "python3: pin to openssl_1_1"
...
This reverts commit 8dfc998207
.
2022-10-28 14:15:18 +02:00
Artturin
7e49471316
treewide: optional -> optionals where the argument is a list
...
the argument to optional should not be list
2022-10-10 15:40:21 +03:00
Franz Pletz
194d852242
cpython: fix build with libxcrypt
2022-10-09 18:09:39 +02:00
John Ericson
0427e5eca8
Merge pull request #193528 from cidkidnix/android-cpyth
...
android: cpython: fix stdenv.cc.cc.libllvm
2022-09-29 10:42:44 -04:00
cidkidnix
94d9904072
cpython: fix stdenv.cc.cc.libllvm
2022-09-29 09:05:13 -05:00