From c19136b1cda1ae95430ae27fceb2223064d7cfae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Tue, 4 Sep 2018 18:06:47 +0200 Subject: [PATCH 1/2] ghostscript: 9.22 -> 9.24 (security) The $doc stuff needed changes, probably because of ghostscript newly reacting to some configure flags that stdenv passes. - share/ghostscript/9.22/doc was an ugly location for documentation, and I didn't like their new share/ghostscript/9.24 either, so that got changed to share/doc/ghostscript/9.24 - their process no longer installs examples, apparently, but I don't expect that would be any problem for us --- pkgs/misc/ghostscript/default.nix | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 5839b076c0d..42e5e5c379c 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -9,8 +9,9 @@ assert x11Support -> xlibsWrapper != null; assert cupsSupport -> cups != null; let version = "9.${ver_min}"; - ver_min = "22"; - sha256 = "1fyi4yvdj39bjgs10klr31cda1fbx1ar7a7b7yz7v68gykk65y61"; + ver_min = "24"; + # ghostscript*.tar.xz in https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9xx/SHA512SUMS + sha512 = "dcbeeb5d3dd5ccaf949dc4be68363c50b1d35e647be4790a50b1bbf5f259f1d9181f705be27bfca708c4d270f945ff4b24e3db10b57800c1ee0ea7a40931c547"; fonts = stdenv.mkDerivation { name = "ghostscript-fonts"; @@ -39,7 +40,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs9${ver_min}/${name}.tar.xz"; - inherit sha256; + inherit sha512; }; outputs = [ "out" "man" "doc" ]; @@ -89,8 +90,8 @@ stdenv.mkDerivation rec { cp -r Resource "$out/share/ghostscript/${version}" - mkdir -p "$doc/share/ghostscript/${version}" - mv "$out/share/ghostscript/${version}"/{doc,examples} "$doc/share/ghostscript/${version}/" + mkdir -p "$doc/share/doc/ghostscript" + mv "$doc/share/doc/${version}" "$doc/share/doc/ghostscript/" ln -s "${fonts}" "$out/share/ghostscript/fonts" '' + stdenv.lib.optionalString stdenv.isDarwin '' From a3f6a4b9b6c7fe800af23b2744000c7d5b3a5d02 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Tue, 4 Sep 2018 18:50:15 +0200 Subject: [PATCH 2/2] ghostscript: fix nitpicks after the update - unused lcms2 input - reference $out -> $doc --- pkgs/misc/ghostscript/default.nix | 14 ++++++++------ pkgs/misc/ghostscript/doc-no-ref.diff | 7 +++++++ 2 files changed, 15 insertions(+), 6 deletions(-) create mode 100644 pkgs/misc/ghostscript/doc-no-ref.diff diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index 42e5e5c379c..54ad3262275 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -1,5 +1,5 @@ { stdenv, lib, fetchurl, pkgconfig, zlib, expat, openssl, autoconf -, libjpeg, libpng, libtiff, freetype, fontconfig, lcms2, libpaper, jbig2dec +, libjpeg, libpng, libtiff, freetype, fontconfig, libpaper, jbig2dec , libiconv, ijs , x11Support ? false, xlibsWrapper ? null , cupsSupport ? false, cups ? null @@ -43,6 +43,11 @@ stdenv.mkDerivation rec { inherit sha512; }; + patches = [ + ./urw-font-files.patch + ./doc-no-ref.diff + ]; + outputs = [ "out" "man" "doc" ]; enableParallelBuilding = true; @@ -50,16 +55,13 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ pkgconfig autoconf ]; buildInputs = [ zlib expat openssl - libjpeg libpng libtiff freetype fontconfig lcms2 libpaper jbig2dec + libjpeg libpng libtiff freetype fontconfig libpaper jbig2dec libiconv ijs ] ++ lib.optional x11Support xlibsWrapper ++ lib.optional cupsSupport cups ; - - patches = [ - ./urw-font-files.patch - ]; + # No lcms2; upstream "is in process of forking it" and thus won't use one from a library. preConfigure = '' # requires in-tree (heavily patched) openjpeg diff --git a/pkgs/misc/ghostscript/doc-no-ref.diff b/pkgs/misc/ghostscript/doc-no-ref.diff new file mode 100644 index 00000000000..7380ba2f995 --- /dev/null +++ b/pkgs/misc/ghostscript/doc-no-ref.diff @@ -0,0 +1,7 @@ +Kill the reference from libgc.so to the documentation directory. +It's bad for closure, and probably not really good for anything. +--- a/base/gs.mak ++++ b/base/gs.mak +@@ -538,1 +538,1 @@ +- $(EXP)$(ECHOGS_XE) -a $(gconfigd_h) -x 23 define -s -u GS_DOCDIR -x 2022 $(GS_DOCDIR) -x 22 ++ $(EXP)$(ECHOGS_XE) -a $(gconfigd_h) -x 23 define -s -u GS_DOCDIR -x 2022 /no-path-to-docs -x 22