nordic-dev.net/nixpkgs
nordic-dev.net/nixpkgs
2
0
Fork 0
mirror of https://github.com/NixOS/nixpkgs.git synced 2025-01-09 14:33:22 +00:00
Code Issues Packages Projects Releases Wiki Activity
488,497 Commits 177 Branches 125 Tags 6.8 GiB
f864e73325
Commit Graph

364 Commits

Author SHA1 Message Date
Jonas Chevalier
3d2bdd0788
python: implement PEP 668 (#229166) 
Add a marker file to the python outputs that tells pip and other tooling
following PEP 668 that they should not be installing things system-wide.

This provides better feedback to the user and also potentially avoids issues in
single-user installs where the /nix/store is owned by the user.

For more details, see <https://peps.python.org/pep-0668/>

Here is how it currently looks like:

    $ pip install requests
    error: externally-managed-environment

    × This environment is externally managed
    ╰─> This command has been disabled as it tries to modify the immutable
        `/nix/store` filesystem.

        To use Python with Nix and nixpkgs, have a look at the online documentation:
        <https://nixos.org/manual/nixpkgs/stable/#python>.
 2023-05-04 18:30:25 +02:00
jackyliu16
df2c2e63f1 cpython: add loongarch triplets 
using patch ref on: https://github.com/python/cpython/issues/90656
  to add loongarch triplets for using cpython in loongarch

  Note: This patch is being reviewed by cpython
 2023-05-01 05:16:32 +08:00
superherointj
b3b4bc0052
Merge pull request #208636 from wegank/python-framework 
python3: allow enabling framework on darwin
 2023-03-04 07:31:34 -03:00
Alyssa Ross
52c286ee5b
Merge remote-tracking branch 'origin/master' into staging-next 
Conflicts:
	pkgs/development/libraries/pmdk/default.nix
 2023-02-23 13:51:34 +00:00
Artturin
f9fdf2d402 treewide: move NIX_CFLAGS_COMPILE to the env attrset 
with structuredAttrs lists will be bash arrays which cannot be exported
which will be a issue with some patches and some wrappers like cc-wrapper

this makes it clearer that NIX_CFLAGS_COMPILE must be a string as lists
in env cause a eval failure
 2023-02-22 21:23:04 +02:00
Alyssa Ross
b4f74e334e
python2: fix eval 
Fixes: ee90eca180 ("cpython: Migrate sha256 occurences to hash")
 2023-02-13 17:14:19 +00:00
Martin Weinelt
ee90eca180
cpython: Migrate sha256 occurences to hash 2023-02-11 17:50:53 +01:00
superherointj
a411b337d6
Merge pull request #209622 from NickCao/python311-cross 
python311: fix cross compilation
 2023-02-04 18:04:43 -03:00
Shawn8901
a59dda942c treewide: remove global with lib; statements in pkgs/development 2023-01-26 18:31:02 +01:00
Nick Cao
6ad4d75364
Merge pull request #211079 from NickCao/py37 
python37: remove leftovers
 2023-01-23 11:22:35 +08:00
Minijackson
2b43490121 python: improve ABI name detection 2023-01-19 15:20:31 +01:00
Nick Cao
dde298c126
python37: remove leftover files 2023-01-16 19:49:16 +08:00
Thiago Kenji Okada
79194a913d
Merge pull request #210078 from thiagokokada/dont-expose-resholve 
resholve: mark it as knownVulnerabilities, allow resholve-utils usage
 2023-01-15 18:10:34 +00:00
Thiago Kenji Okada
66093a4120 python27: remove stripLibs argument 
Since we are now guarantee that the `resholve` is not exposing `python27`,
let's remove the `stripLibs` hack that tried to reduce its size.
 2023-01-15 12:29:42 +00:00
github-actions[bot]
ceb05ad4bf
Merge master into staging-next 2023-01-13 06:01:09 +00:00
Mario Rodas
e7b6fb49fd
Merge pull request #208744 from wegank/python312-darwin 
python312: fix build on darwin
 2023-01-12 22:35:07 -05:00
Nick Cao
f742c6d443
python311: fix cross compilation 2023-01-08 12:39:02 +08:00
github-actions[bot]
4bf238a8fb
Merge master into staging-next 2023-01-08 00:02:31 +00:00
Fabián Heredia Montiel
d9fbb33f92 python27: mark as vulnerable/insecure due to EOL on 2020-01-01 
More information: https://www.activestate.com/products/python/python-2-end-of-life-security-updates/
 2023-01-07 16:25:35 -06:00
Martin Weinelt
afd962b51c Merge remote-tracking branch 'origin/master' into staging-next 2023-01-05 17:16:26 +01:00
Martin Weinelt
e75f5e8efa python37: drop 
The package set hasn't been working for a long time now, due to infinite
recursions, that nobody was going to fix.

The release is going to go EOL in 2023/06 and we don't want to ship it
in NixOS 23.05 anyway.
 2023-01-05 13:20:49 +01:00
Thiago Kenji Okada
b0ac530007 python27: 2.7.18.5 -> 2.7.18.6 2023-01-04 21:12:03 +00:00
github-actions[bot]
789ae2c93d
Merge staging-next into staging 2023-01-04 18:01:36 +00:00
Weijia Wang
f6fd1b9a53 python312: fix build on darwin 2023-01-02 13:07:46 +01:00
Weijia Wang
a440e955e0 python3: allow enabling framework on darwin 2023-01-01 16:05:48 +01:00
Thiago Kenji Okada
47f904bad1 python27: use ffi/expat as system libraries 
Without `--with-system-{ffi,expat}` flags, Python will use its own
embedded libraries that are out-of-date. Thanks to it, they can be a
security issue. So let's use our own libraries instead.

This is already what Python 3.x does, so should be safe.
 2022-12-18 12:32:51 +00:00
github-actions[bot]
61a0176830
Merge staging-next into staging 2022-12-17 00:02:50 +00:00
github-actions[bot]
30b97b0e83
Merge master into staging-next 2022-12-17 00:02:17 +00:00
Thiago Kenji Okada
283ecac082 resholve: strip unused libraries from python27 
Strip unused libraries from resholve's own python27 derivation, further
reducing its size and reducing its attack surface.
 2022-12-15 00:07:02 +00:00
github-actions[bot]
74a066ab3f
Merge staging-next into staging 2022-12-13 18:02:08 +00:00
github-actions[bot]
d07c2d73fd
Merge master into staging-next 2022-12-13 18:01:30 +00:00
Thiago Kenji Okada
2e943fc060 resholve: use stripped-down python27 
This PR strips down the modified `python27` derivation used by `resholve`. The
idea is to reduce the possible security issues, and also to make it easier to
bootstrap.
 2022-12-13 14:37:00 +00:00
github-actions[bot]
cfbecb45cc
Merge staging-next into staging 2022-12-12 18:01:51 +00:00
Vladimír Čunát
1a5af95367
python311: revert asyncio changes done in 3.11.1 
Almost same as in the parent commit.
 2022-12-12 14:33:17 +01:00
Vladimír Čunát
9ee1d16c36
python310: revert asyncio changes done in 3.10.9 
They brought significant regressions.  Upstream is now discussing
what to do, but we still want the security fixes from 3.10.9.
 2022-12-12 14:23:49 +01:00
Robert Hensing
16f5747575
Merge pull request #175649 from Artturin/opt-in-structured-attrs 
stdenv: support opt-in __structuredAttrs
 2022-12-10 21:12:43 +01:00
Vladimír Čunát
9c497bb8d6
Merge branch 'staging-next' into staging 2022-12-09 10:27:46 +01:00
Artturin
adc8900df1 treewide: fix some core package structuredAttrs 2022-12-08 21:05:28 +02:00
Martin Weinelt
6dcc133aae
cpython: Update meta and add changelog url 2022-12-07 16:31:39 +01:00
Martin Weinelt
72231c9177 cpython: Restore libxcrypt CFLAGS and LIBS in configureFlags 2022-12-02 22:50:55 +01:00
Martin Weinelt
adae7334e4 python312: init at 3.12.0a2 
https://blog.python.org/2022/10/python-3120-alpha-1-released.html
https://blog.python.org/2022/11/python-3120-alpha-2-released.html
 2022-11-29 01:55:35 +01:00
Martin Weinelt
b5a4d7760d cpython: drop leftover 3.5/3.6 logic and patches 2022-11-29 01:34:59 +01:00
Thiago Kenji Okada
d345fb2500 python27: fix CVE-2021-3733 2022-11-28 11:45:40 +00:00
Thiago Kenji Okada
b3d02fb8b5 python27: add thiagokokada as maintainer 2022-11-28 09:41:57 +00:00
Thiago Kenji Okada
14334cb683 python27: switch to ActiveState's fork for Python 2 
ActiveState is a company that is maintaining a fork of Python 2 to fixes
its security issues. Their support is paid, however the code is
open-source. See the details here:
https://www.activestate.com/products/python/python-2-end-of-life-security-updates/

This enable us to drop a bunch of CVE's patches for Python 2.7 and also
it should be easier to maintain, since we can just bump the version once
ActiveState tags a new version.
 2022-11-28 09:41:57 +00:00
Martin Weinelt
acb119aeac
Merge pull request #203362 from thiagokokada/add-patches-to-python27-cves 2022-11-28 01:56:07 +01:00
Thiago Kenji Okada
e7d9b0b19d python27: add patches for known security issues 
Add patches from Arch Linux package (that itself source its patches from
Gentoo) to the following known security issues in Python 2.7:

- CVE-2020-26116
- CVE-2020-27619
- CVE-2020-8492

This should cover all security issues currently listed in
https://www.activestate.com/products/python/python-2-end-of-life-security-updates/.
 2022-11-27 22:46:20 +00:00
ajs124
2b3c729654 python3: use openssl_legacy 2022-11-21 13:46:00 +01:00
ajs124
f06f950183 Revert "Revert "python3: pin to openssl_1_1"" 
This reverts commit 017fd89527.
 2022-11-21 13:46:00 +01:00
Lassulus
15a42961b6
Merge pull request #196906 from helsinki-systems/feat/less-openssl_1_1 2022-11-11 00:21:52 +01:00