From e25b5910a12ee0a3f8144efccfa82d2c95fb7dde Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Fri, 11 Oct 2019 14:15:42 +0300 Subject: [PATCH 01/42] cups: 2.2.12 -> 2.3.0 --- pkgs/misc/cups/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/misc/cups/default.nix b/pkgs/misc/cups/default.nix index 6e27fdb0a52..5ce0be5cf41 100644 --- a/pkgs/misc/cups/default.nix +++ b/pkgs/misc/cups/default.nix @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { pname = "cups"; # After 2.2.6, CUPS requires headers only available in macOS 10.12+ - version = if stdenv.isDarwin then "2.2.6" else "2.2.12"; + version = if stdenv.isDarwin then "2.2.6" else "2.3.0"; passthru = { inherit version; }; @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { url = "https://github.com/apple/cups/releases/download/v${version}/cups-${version}-source.tar.gz"; sha256 = if version == "2.2.6" then "16qn41b84xz6khrr2pa2wdwlqxr29rrrkjfi618gbgdkq9w5ff20" - else "1a4sgx5y7z16flmpnchd2ix294bnzy0v8mdkd96a4j27kr2anq8g"; + else "19d1jpdpxy0fclq37pchi7ldnw9dssxx3zskcgqai3h0rwlh5bxc"; }; outputs = [ "out" "lib" "dev" "man" ]; From bbe85265f78ffb1c11ff4128eb44e7643cf2cda6 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 21 Oct 2019 10:47:52 -0700 Subject: [PATCH 02/42] fdk_aac: 2.0.0 -> 2.0.1 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/fdk-aac/versions --- pkgs/development/libraries/fdk-aac/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/fdk-aac/default.nix b/pkgs/development/libraries/fdk-aac/default.nix index 70269002e2f..16560f19c86 100644 --- a/pkgs/development/libraries/fdk-aac/default.nix +++ b/pkgs/development/libraries/fdk-aac/default.nix @@ -5,11 +5,11 @@ with stdenv.lib; stdenv.mkDerivation rec { pname = "fdk-aac"; - version = "2.0.0"; + version = "2.0.1"; src = fetchurl { url = "mirror://sourceforge/opencore-amr/fdk-aac/${pname}-${version}.tar.gz"; - sha256 = "0v6rbyw9f9lpfvcg3v1qyapga5hqfnb3wp3x5yaxpwcgjw7ydmpp"; + sha256 = "0wgjjc0dfkm2w966lc9c8ir8f671vl1ppch3mya3h58jjjm360c4"; }; configureFlags = [ ] From 6badf4507955868bd2c903f16537e6ec5a499838 Mon Sep 17 00:00:00 2001 From: Doron Behar Date: Mon, 28 Oct 2019 16:22:48 +0200 Subject: [PATCH 03/42] firmwareLinuxNonfree: 2019-09-23 -> 2019-10-22 --- .../linux/firmware/firmware-linux-nonfree/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix index 3b5867837bd..8db9d4fb3b5 100644 --- a/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix +++ b/pkgs/os-specific/linux/firmware/firmware-linux-nonfree/default.nix @@ -1,13 +1,13 @@ -{ stdenv, fetchgit }: +{ stdenv, fetchgit, lib }: stdenv.mkDerivation rec { pname = "firmware-linux-nonfree"; - version = "2019-09-23"; + version = "2019-10-22"; src = fetchgit { url = "https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git"; - rev = "20190923"; - sha256 = "1gq55ny6lb2nh6rr1w55bslzysyj0bwdl6rbpv882hhyjrnsma0n"; + rev = lib.replaceStrings ["-"] [""] version; + sha256 = "03ycc55h7vgd4fmb7v7gl7lplf7pg7acs16aa2rramgldxqvyx7j"; }; installFlags = [ "DESTDIR=$(out)" ]; @@ -17,7 +17,7 @@ stdenv.mkDerivation rec { outputHashMode = "recursive"; outputHashAlgo = "sha256"; - outputHash = "1y2z3wxqq2km6x08kfdqgcr9xczbq1h2jqyrqr6h31bapjb8x0k9"; + outputHash = "15nm0xh2xq8mnk7a66iljcklc15gvh6jcpz2d9llg1fkv6w8lqc6"; meta = with stdenv.lib; { description = "Binary firmware collection packaged by kernel.org"; From 14e2d5d9a7bfcc37cea3e653405e82ae53fe2af2 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 26 Oct 2019 12:26:08 +0100 Subject: [PATCH 04/42] jbig2dec: 0.16 -> 0.17 --- pkgs/development/libraries/jbig2dec/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/libraries/jbig2dec/default.nix b/pkgs/development/libraries/jbig2dec/default.nix index 31c9c89d96f..35fbdfe488a 100644 --- a/pkgs/development/libraries/jbig2dec/default.nix +++ b/pkgs/development/libraries/jbig2dec/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, python, autoconf }: stdenv.mkDerivation rec { - name = "jbig2dec-0.16"; + name = "jbig2dec-0.17"; src = fetchurl { - url = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs927/${name}.tar.gz"; - sha256 = "00h61y7bh3z6mqfzxyb318gyh0f8jwarg4hvlrm83rqps8avzxm4"; + url = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs950/${name}.tar.gz"; + sha256 = "0wpvslmwazia3z8gyk343kbq6yj47pxr4x5yjvx332v309qssazp"; }; postPatch = '' From 0b32782d33c42b32cde106762a24b70e76f5b55f Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 26 Oct 2019 12:26:49 +0100 Subject: [PATCH 05/42] ghostscript: 9.27 -> 9.50 --- pkgs/misc/ghostscript/default.nix | 22 ++-------------------- 1 file changed, 2 insertions(+), 20 deletions(-) diff --git a/pkgs/misc/ghostscript/default.nix b/pkgs/misc/ghostscript/default.nix index ac410a22997..89583bb15d3 100644 --- a/pkgs/misc/ghostscript/default.nix +++ b/pkgs/misc/ghostscript/default.nix @@ -10,8 +10,8 @@ assert cupsSupport -> cups != null; let version = "9.${ver_min}"; - ver_min = "27"; - sha512 = "00m8pfvvg4dzvrzk66myr8kid76x44sgqk84m9562g4viv9zbw759l8q9qg64mgvbajzn78zpqfgdlgz9nwgcdb1vpwc08gm12ssrsy"; + ver_min = "50"; + sha512 = "3p46kzn6kh7z4qqnqydmmvdlgzy5730z3yyvyxv6i4yb22mgihzrwqmhmvfn3b7lypwf6fdkkndarzv7ly3zndqpyvg89x436sms7iw"; fonts = stdenv.mkDerivation { name = "ghostscript-fonts"; @@ -47,24 +47,6 @@ stdenv.mkDerivation rec { patches = [ ./urw-font-files.patch ./doc-no-ref.diff - (fetchpatch { - name = "CVE-2019-10216.patch"; - url = "https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=5b85ddd19a8420a1bd2d5529325be35d78e94234"; - sha256 = "165svml4knq1xlysfvj7vc07h68bhv3rgvl83xrhxsxdzs1ign31"; - }) - (fetchpatch { - name = "CVE-2019-14811.CVE-2019-14812.CVE-2019-14813.patch"; - url = "https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33"; - sha256 = "19928sr7xpx7iibk9gn127g0r1yv2lcfpwgk2ipzz4wgrs3f5j70"; - }) - (fetchpatch { - name = "CVE-2019-14817-partial.patch"; - url = "https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19"; - # patch doesn't apply cleanly to all files, but at least partially applying it fixes - # *most* of the problematic sites. - excludes = ["Resource/Init/pdf_font.ps"]; - sha256 = "0f8qgdqpv7bldc9akvjj10af2h2876cvnz4q3nvg4a00rk5i05wn"; - }) ]; outputs = [ "out" "man" "doc" ]; From a51aa02c7849229cac80c4697d026650a5bd8a73 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Sat, 15 Jun 2019 20:32:23 +0200 Subject: [PATCH 06/42] libxml2: use python3 for build and as default for bindings Changing the default may cause breakage, however, users should have already switched to `pythonPackages.libxml2` long ago. --- pkgs/development/libraries/libxml2/default.nix | 7 ++----- pkgs/top-level/all-packages.nix | 4 +++- pkgs/top-level/python-packages.nix | 2 +- 3 files changed, 6 insertions(+), 7 deletions(-) diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 04954f3e1f5..2d2fb89d595 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -1,15 +1,12 @@ { stdenv, lib, fetchurl -, zlib, xz, python2, ncurses, findXMLCatalogs +, zlib, xz, python, ncurses, findXMLCatalogs , pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform , icuSupport ? false, icu ? null , enableShared ? stdenv.hostPlatform.libc != "msvcrt" , enableStatic ? !enableShared, }: -let - python = python2; - -in stdenv.mkDerivation rec { +stdenv.mkDerivation rec { pname = "libxml2"; version = "2.9.9"; diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f2a80fdc0b6..cc35ae589c6 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12723,7 +12723,9 @@ in libxmi = callPackage ../development/libraries/libxmi { }; - libxml2 = callPackage ../development/libraries/libxml2 { }; + libxml2 = callPackage ../development/libraries/libxml2 { + python = if stdenv.isDarwin then python2 else python3; + }; libxml2Python = pkgs.buildEnv { # slightly hacky name = "libxml2+py-${res.libxml2.version}"; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index d723bdb2b63..0a171d3a9cf 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3689,7 +3689,7 @@ in { libplist = disabledIf isPy3k (toPythonModule (pkgs.libplist.override{python2Packages=self; })).py; - libxml2 = toPythonModule (pkgs.libxml2.override{pythonSupport=true; python2=python;}).py; + libxml2 = toPythonModule (pkgs.libxml2.override{pythonSupport=true; inherit python;}).py; libxslt = disabledIf isPy3k (toPythonModule (pkgs.libxslt.override{pythonSupport=true; python2=python; inherit (self) libxml2;})).py; From 94e4dd89609fe01cd07fa28096fa5c6a7a6b8aab Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Sat, 15 Jun 2019 20:32:52 +0200 Subject: [PATCH 07/42] libxslt: use python3 for build and as default for bindings Changing the default may cause breakage, however, users should have already switched to `pythonPackages.libxslt` long ago. --- pkgs/development/libraries/libxslt/default.nix | 10 +++++----- pkgs/top-level/all-packages.nix | 4 +++- pkgs/top-level/python-packages.nix | 3 +-- 3 files changed, 9 insertions(+), 8 deletions(-) diff --git a/pkgs/development/libraries/libxslt/default.nix b/pkgs/development/libraries/libxslt/default.nix index 1a3efee176a..ed77a1873a8 100644 --- a/pkgs/development/libraries/libxslt/default.nix +++ b/pkgs/development/libraries/libxslt/default.nix @@ -1,9 +1,9 @@ -{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs, python2, libgcrypt +{ stdenv, fetchurl, fetchpatch, libxml2, findXMLCatalogs, python, libgcrypt , cryptoSupport ? false , pythonSupport ? stdenv.buildPlatform == stdenv.hostPlatform }: -assert pythonSupport -> python2 != null; +assert pythonSupport -> python != null; assert pythonSupport -> libxml2.pythonSupport; with stdenv.lib; @@ -38,7 +38,7 @@ stdenv.mkDerivation rec { outputs = [ "bin" "dev" "out" "man" "doc" ] ++ stdenv.lib.optional pythonSupport "py"; buildInputs = [ libxml2.dev ] - ++ stdenv.lib.optionals pythonSupport [ libxml2.py python2 ] + ++ stdenv.lib.optionals pythonSupport [ libxml2.py python ] ++ stdenv.lib.optionals cryptoSupport [ libgcrypt ]; propagatedBuildInputs = [ findXMLCatalogs ]; @@ -48,7 +48,7 @@ stdenv.mkDerivation rec { "--without-debug" "--without-mem-debug" "--without-debugger" - ] ++ optional pythonSupport "--with-python=${python2}" + ] ++ optional pythonSupport "--with-python=${python}" ++ optional (!cryptoSupport) "--without-crypto"; postFixup = '' @@ -58,7 +58,7 @@ stdenv.mkDerivation rec { '' + optionalString pythonSupport '' mkdir -p $py/nix-support echo ${libxml2.py} >> $py/nix-support/propagated-build-inputs - moveToOutput lib/python2.7 "$py" + moveToOutput ${python.libPrefix} "$py" ''; passthru = { diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index cc35ae589c6..4a490bc5e72 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12745,7 +12745,9 @@ in libxmp = callPackage ../development/libraries/libxmp { }; - libxslt = callPackage ../development/libraries/libxslt { }; + libxslt = callPackage ../development/libraries/libxslt { + python = if stdenv.isDarwin then python2 else python3; + }; libixp_hg = callPackage ../development/libraries/libixp-hg { }; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 0a171d3a9cf..96b0ec30559 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3691,8 +3691,7 @@ in { libxml2 = toPythonModule (pkgs.libxml2.override{pythonSupport=true; inherit python;}).py; - libxslt = disabledIf isPy3k - (toPythonModule (pkgs.libxslt.override{pythonSupport=true; python2=python; inherit (self) libxml2;})).py; + libxslt = toPythonModule (pkgs.libxslt.override{pythonSupport=true; inherit python; inherit (self) libxml2;}).py; limits = callPackage ../development/python-modules/limits { }; From 6a97422a7555af7db66cd26cdafaff6aad5eb7c8 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 12:49:29 +0100 Subject: [PATCH 08/42] pythonPackages.libxml: fix reference to output --- pkgs/top-level/python-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 96b0ec30559..1b2bfa4298d 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3689,7 +3689,7 @@ in { libplist = disabledIf isPy3k (toPythonModule (pkgs.libplist.override{python2Packages=self; })).py; - libxml2 = toPythonModule (pkgs.libxml2.override{pythonSupport=true; inherit python;}).py; + libxml2 = (toPythonModule (pkgs.libxml2.override{pythonSupport=true; inherit python;})).py; libxslt = toPythonModule (pkgs.libxslt.override{pythonSupport=true; inherit python; inherit (self) libxml2;}).py; From 785035628301baa00d88b84519f4e4154770ff4f Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 12:49:41 +0100 Subject: [PATCH 09/42] pythonPackages.libxslt: fix reference to output --- pkgs/top-level/python-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index 1b2bfa4298d..e03b4ea92a0 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -3691,7 +3691,7 @@ in { libxml2 = (toPythonModule (pkgs.libxml2.override{pythonSupport=true; inherit python;})).py; - libxslt = toPythonModule (pkgs.libxslt.override{pythonSupport=true; inherit python; inherit (self) libxml2;}).py; + libxslt = (toPythonModule (pkgs.libxslt.override{pythonSupport=true; inherit python; inherit (self) libxml2;})).py; limits = callPackage ../development/python-modules/limits { }; From 8d926467be6438fd88b19b38389ad1fdfc472f4d Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 12:50:03 +0100 Subject: [PATCH 10/42] itstool: don't use libxml2Python --- pkgs/development/tools/misc/itstool/default.nix | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/pkgs/development/tools/misc/itstool/default.nix b/pkgs/development/tools/misc/itstool/default.nix index 9368a3c1acf..dd536685485 100644 --- a/pkgs/development/tools/misc/itstool/default.nix +++ b/pkgs/development/tools/misc/itstool/default.nix @@ -1,5 +1,4 @@ -{ stdenv, fetchurl, python2, libxml2Python }: -# We need the same Python as is used to build libxml2Python +{ stdenv, fetchurl, python3 }: stdenv.mkDerivation rec { # 2.0.3+ breaks the build of gnome3.gnome-desktop @@ -11,14 +10,7 @@ stdenv.mkDerivation rec { sha256 = "bf909fb59b11a646681a8534d5700fec99be83bb2c57badf8c1844512227033a"; }; - buildInputs = [ python2 libxml2Python ]; - - patchPhase = - '' - sed -e '/import libxml2/i import sys\ - sys.path.append("${libxml2Python}/lib/${python2.libPrefix}/site-packages")' \ - -i itstool.in - ''; + buildInputs = [ (python3.withPackages(ps: with ps; [ libxml2 ])) ]; meta = { homepage = http://itstool.org/; From 31cf1ff4ee6d7181a679f1d5bcd7a5d82e6f7c5e Mon Sep 17 00:00:00 2001 From: Jan Malakhovski Date: Fri, 21 Jun 2019 18:14:06 +0000 Subject: [PATCH 11/42] openalSolf: make it search its own $out for data files Without those data files HRTF will silently fail to initialize. It searches /usr and /usr/local by default but we don't have those paths. It also searches XDG_DATA_DIRS but using that requires configuration by the user. This patch makes makes it just work. How to play with it: - Build `mpv` with `openalSoft` support. - cat << EOF > ~/.alsoftrc [general] hrtf = true EOF - Wear stereo headphones. - Play a file with 6 or more channels with `mpv -ao openal $file`, e.g. https://archive.org/download/5.1SurroundSoundTestFilesVariousFormatsAACAC3MP4DTSWAV/5.1%20Surround%20Sound%20AAC%20Test.mp4 - Try `hrtf = false` to hear the difference. --- pkgs/development/libraries/openal-soft/default.nix | 8 ++++++++ .../libraries/openal-soft/search-out.patch | 12 ++++++++++++ 2 files changed, 20 insertions(+) create mode 100644 pkgs/development/libraries/openal-soft/search-out.patch diff --git a/pkgs/development/libraries/openal-soft/default.nix b/pkgs/development/libraries/openal-soft/default.nix index 89ac85b752b..76f2861428d 100644 --- a/pkgs/development/libraries/openal-soft/default.nix +++ b/pkgs/development/libraries/openal-soft/default.nix @@ -20,6 +20,14 @@ stdenv.mkDerivation rec { sha256 = "0b0g0q1c36nfb289xcaaj3cmyfpiswvvgky3qyalsf9n4dj7vnzi"; }; + # this will make it find its own data files (e.g. HRTF profiles) + # without any other configuration + patches = [ ./search-out.patch ]; + postPatch = '' + substituteInPlace Alc/helpers.c \ + --replace "@OUT@" $out + ''; + nativeBuildInputs = [ cmake ]; buildInputs = [] diff --git a/pkgs/development/libraries/openal-soft/search-out.patch b/pkgs/development/libraries/openal-soft/search-out.patch new file mode 100644 index 00000000000..0f9c2abad3c --- /dev/null +++ b/pkgs/development/libraries/openal-soft/search-out.patch @@ -0,0 +1,12 @@ +diff -Nuar a/Alc/helpers.c b/Alc/helpers.c +--- a/Alc/helpers.c 1970-01-01 00:00:01.000000000 +0000 ++++ b/Alc/helpers.c 1970-01-01 00:00:02.000000000 +0000 +@@ -951,6 +951,8 @@ + } + } + ++ DirectorySearch("@OUT@/share", ext, &results); ++ + alstr_reset(&path); + } + From 4d680f3f3d583ec67fef13d176fca1c31f294ea7 Mon Sep 17 00:00:00 2001 From: Jan Malakhovski Date: Fri, 21 Jun 2019 18:14:38 +0000 Subject: [PATCH 12/42] mpv: enable openal support by default See the previous commit. --- pkgs/applications/video/mpv/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/video/mpv/default.nix b/pkgs/applications/video/mpv/default.nix index 7aedce98d56..78e0544fa1d 100644 --- a/pkgs/applications/video/mpv/default.nix +++ b/pkgs/applications/video/mpv/default.nix @@ -52,7 +52,7 @@ , zimgSupport ? true, zimg ? null , archiveSupport ? false, libarchive ? null , jackaudioSupport ? false, libjack2 ? null -, openalSupport ? false, openalSoft ? null +, openalSupport ? true, openalSoft ? null , vapoursynthSupport ? false, vapoursynth ? null }: From 860b22f5765a49949bb1526921f1661d7e4cd7a2 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 19:02:47 +0100 Subject: [PATCH 13/42] libxml2Python: keep using python2 as to not break too much --- pkgs/top-level/all-packages.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 1fe311ddd5a..59c01407afb 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -12727,7 +12727,9 @@ in python = if stdenv.isDarwin then python2 else python3; }; - libxml2Python = pkgs.buildEnv { # slightly hacky + libxml2Python = let + libxml2 = python2Packages.libxml2; + in pkgs.buildEnv { # slightly hacky name = "libxml2+py-${res.libxml2.version}"; paths = with libxml2; [ dev bin py ]; inherit (libxml2) passthru; From 5d59133d968ab97668e0eaabb65d7cefdb6f10f2 Mon Sep 17 00:00:00 2001 From: "Markus S. Wamser" Date: Tue, 22 Oct 2019 00:41:10 +0200 Subject: [PATCH 14/42] python3Packages.sphinx: 1.8.3 -> 2.2.0 and update the Python 2 version to 1.8.5 Motivation: http://www.sphinx-doc.org/en/master/changes.html#release-2-2-0-released-aug-19-2019 --- pkgs/development/python-modules/sphinx/2.nix | 75 +++++++++++++++++++ .../python-modules/sphinx/default.nix | 16 +++- pkgs/top-level/python-packages.nix | 8 +- 3 files changed, 95 insertions(+), 4 deletions(-) create mode 100644 pkgs/development/python-modules/sphinx/2.nix diff --git a/pkgs/development/python-modules/sphinx/2.nix b/pkgs/development/python-modules/sphinx/2.nix new file mode 100644 index 00000000000..b6374989690 --- /dev/null +++ b/pkgs/development/python-modules/sphinx/2.nix @@ -0,0 +1,75 @@ +{ lib +, buildPythonPackage +, fetchPypi +, pytest +, simplejson +, mock +, glibcLocales +, html5lib +, pythonOlder +, enum34 +, python +, docutils +, jinja2 +, pygments +, alabaster +, Babel +, snowballstemmer +, six +, sqlalchemy +, whoosh +, imagesize +, requests +, typing +, sphinxcontrib-websupport +, setuptools +}: + +buildPythonPackage rec { + pname = "sphinx"; + version = "1.8.5"; + src = fetchPypi { + pname = "Sphinx"; + inherit version; + sha256 = "c7658aab75c920288a8cf6f09f244c6cfdae30d82d803ac1634d9f223a80ca08"; + }; + LC_ALL = "en_US.UTF-8"; + + checkInputs = [ pytest ]; + buildInputs = [ simplejson mock glibcLocales html5lib ] ++ lib.optional (pythonOlder "3.4") enum34; + # Disable two tests that require network access. + checkPhase = '' + cd tests; ${python.interpreter} run.py --ignore py35 -k 'not test_defaults and not test_anchors_ignored' + ''; + propagatedBuildInputs = [ + docutils + jinja2 + pygments + alabaster + Babel + setuptools + snowballstemmer + six + sphinxcontrib-websupport + sqlalchemy + whoosh + imagesize + requests + ] ++ lib.optional (pythonOlder "3.5") typing; + + # Lots of tests. Needs network as well at some point. + doCheck = false; + + # https://github.com/NixOS/nixpkgs/issues/22501 + # Do not run `python sphinx-build arguments` but `sphinx-build arguments`. + postPatch = '' + substituteInPlace sphinx/make_mode.py --replace "sys.executable, " "" + ''; + + meta = { + description = "A tool that makes it easy to create intelligent and beautiful documentation for Python projects"; + homepage = http://sphinx.pocoo.org/; + license = lib.licenses.bsd3; + maintainers = with lib.maintainers; [ nand0p ]; + }; +} diff --git a/pkgs/development/python-modules/sphinx/default.nix b/pkgs/development/python-modules/sphinx/default.nix index 1e69692eac1..307232903e8 100644 --- a/pkgs/development/python-modules/sphinx/default.nix +++ b/pkgs/development/python-modules/sphinx/default.nix @@ -20,6 +20,12 @@ , whoosh , imagesize , requests +, sphinxcontrib-applehelp +, sphinxcontrib-devhelp +, sphinxcontrib-htmlhelp +, sphinxcontrib-jsmath +, sphinxcontrib-qthelp +, sphinxcontrib-serializinghtml , sphinxcontrib-websupport , typing , setuptools @@ -27,11 +33,11 @@ buildPythonPackage rec { pname = "sphinx"; - version = "1.8.3"; + version = "2.2.0"; src = fetchPypi { pname = "Sphinx"; inherit version; - sha256 = "c4cb17ba44acffae3d3209646b6baec1e215cad3065e852c68cc569d4df1b9f8"; + sha256 = "0d586b0f8c2fc3cc6559c5e8fd6124628110514fda0e5d7c82e682d749d2e845"; }; LC_ALL = "en_US.UTF-8"; @@ -54,6 +60,12 @@ buildPythonPackage rec { whoosh imagesize requests + sphinxcontrib-applehelp + sphinxcontrib-devhelp + sphinxcontrib-htmlhelp + sphinxcontrib-jsmath + sphinxcontrib-qthelp + sphinxcontrib-serializinghtml sphinxcontrib-websupport ] ++ lib.optional (pythonOlder "3.5") typing; diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix index e03b4ea92a0..e7e7a033bbe 100644 --- a/pkgs/top-level/python-packages.nix +++ b/pkgs/top-level/python-packages.nix @@ -4988,9 +4988,13 @@ in { spark_parser = callPackage ../development/python-modules/spark_parser { }; - sphinx = callPackage ../development/python-modules/sphinx { }; + sphinx = if isPy3k then + callPackage ../development/python-modules/sphinx { } + else + callPackage ../development/python-modules/sphinx/2.nix { }; - sphinx_1_7_9 = (callPackage ../development/python-modules/sphinx { }) + # Only exists for a Haskell package. + sphinx_1_7_9 = (callPackage ../development/python-modules/sphinx/2.nix { }) .overridePythonAttrs (oldAttrs: rec { version = "1.7.9"; src = oldAttrs.src.override { From be85360e08efd276553ae0e50b5e19848db51f22 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 17:14:05 +0100 Subject: [PATCH 15/42] pythonPackages.recommonmark: 0.5.0 -> 0.6.0 --- .../python-modules/recommonmark/default.nix | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/pkgs/development/python-modules/recommonmark/default.nix b/pkgs/development/python-modules/recommonmark/default.nix index f6965fd6cd9..98cee494f3f 100644 --- a/pkgs/development/python-modules/recommonmark/default.nix +++ b/pkgs/development/python-modules/recommonmark/default.nix @@ -1,7 +1,7 @@ { lib , buildPythonPackage , fetchFromGitHub -, pytest +, pytestCheckHook , CommonMark , docutils , sphinx @@ -9,22 +9,26 @@ buildPythonPackage rec { pname = "recommonmark"; - version = "0.5.0"; + version = "0.6.0"; # PyPI tarball is missing some test files: https://github.com/rtfd/recommonmark/pull/128 src = fetchFromGitHub { owner = "rtfd"; repo = pname; rev = version; - sha256 = "04bjqx2hczmg7rnj2rpsjk7h24diwk83s6fhgrxk00k40w2bpz5j"; + sha256 = "0m6qk17irka448vcz5b39yck1qsq90k98dmkx80mni0w00yq9ggd"; }; - checkInputs = [ pytest ]; + checkInputs = [ pytestCheckHook ]; propagatedBuildInputs = [ CommonMark docutils sphinx ]; - checkPhase = '' - py.test - ''; + dontUseSetuptoolsCheck = true; + + disabledTests = [ + # https://github.com/readthedocs/recommonmark/issues/164 + "test_lists" + "test_integration" + ]; meta = { description = "A docutils-compatibility bridge to CommonMark"; From 0e10ad926d96afd8220ce634d4a291571457a6f6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Niklas=20Hamb=C3=BCchen?= Date: Sun, 27 Oct 2019 01:44:34 +0200 Subject: [PATCH 16/42] polkit: Fix unstable patch URL. Unmerged upstream merge requests can change when iterated on! --- pkgs/development/libraries/polkit/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/polkit/default.nix b/pkgs/development/libraries/polkit/default.nix index a04e67e0fd1..7e986a6964b 100644 --- a/pkgs/development/libraries/polkit/default.nix +++ b/pkgs/development/libraries/polkit/default.nix @@ -24,8 +24,9 @@ stdenv.mkDerivation rec { patches = [ # Don't use etc/dbus-1/system.d + # Upstream MR: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/11 (fetchpatch { - url = "https://gitlab.freedesktop.org/polkit/polkit/merge_requests/11.patch"; + url = "https://gitlab.freedesktop.org/polkit/polkit/commit/5dd4e22efd05d55833c4634b56e473812b5acbf2.patch"; sha256 = "17lv7xj5ksa27iv4zpm4zwd4iy8zbwjj4ximslfq3sasiz9kxhlp"; }) ]; From 0c999c7521ee52dd00566643f3600627783d2550 Mon Sep 17 00:00:00 2001 From: Chuck Date: Wed, 30 Oct 2019 17:32:15 -0700 Subject: [PATCH 17/42] itstool: 2.0.2 -> 2.0.6 To get python3 support. #63174 flipped itstool to python3, but itstool doesn't support python3 until 2.0.3 (and perhaps does not support it well until 2.0.5). Pressing forward instead of rolling back at worldofpeace's suggestion, who mentions that other distros seem to be able to ship recent versions of itstool. Tensions in this space seem two-fold. One set centers around libxml2 being a low-level C library with sharp edges, manual memory management, and performance concerns; the python libxml2 wrapper being quite thin (the most dubious character in this drama); and python's sentiment that it ought to be quite hard to crash the interpreter casually. This comes to a head in https://gitlab.gnome.org/GNOME/libxml2/issues/12 , where a use-after-free problem in idiomatic-looking python code is declared working-as-designed. The other set is around python3 being more UTF-8-aware than libxml2's python wrapper, such as https://bugzilla.gnome.org/show_bug.cgi?id=789714 and https://src.fedoraproject.org/rpms/libxml2/blob/master/f/libxml2-2.9.8-python3-unicode-errors.patch itstool is caught in this crossfire merely for being a widely-used python program that uses XML. --- pkgs/development/tools/misc/itstool/default.nix | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/pkgs/development/tools/misc/itstool/default.nix b/pkgs/development/tools/misc/itstool/default.nix index dd536685485..a5c3623b699 100644 --- a/pkgs/development/tools/misc/itstool/default.nix +++ b/pkgs/development/tools/misc/itstool/default.nix @@ -1,13 +1,11 @@ { stdenv, fetchurl, python3 }: stdenv.mkDerivation rec { - # 2.0.3+ breaks the build of gnome3.gnome-desktop - # https://github.com/itstool/itstool/issues/17 - name = "itstool-2.0.2"; + name = "itstool-2.0.6"; src = fetchurl { url = "http://files.itstool.org/itstool/${name}.tar.bz2"; - sha256 = "bf909fb59b11a646681a8534d5700fec99be83bb2c57badf8c1844512227033a"; + sha256 = "1acjgf8zlyk7qckdk19iqaca4jcmywd7vxjbcs1mm6kaf8icqcv2"; }; buildInputs = [ (python3.withPackages(ps: with ps; [ libxml2 ])) ]; From c0cecd0e6007382ff6c64d3d47a947895bc36ff6 Mon Sep 17 00:00:00 2001 From: Chuck Date: Thu, 31 Oct 2019 17:00:56 -0700 Subject: [PATCH 18/42] python3Packages.libxml2: Patch to work around python3 + utf-8 itstool crash 1. Gnumeric has unbalanced XML tags in its doc translations. 2. itstool's XML error handler tries to print this error with context. 3. libxml2's context snipper treats the data as bytes, not UTF-8. 4. python3Packages.libxml2 casts the context to a UTF-8 Python string. 5. itstool dereferences a null pointer. This patch intervenes at #4. In https://bugzilla.gnome.org/show_bug.cgi?id=789714#c4 , upstream suggests that intervening at #3 would be better -- that each of the four copies of xmlParserPrintFileContextInternal() have four additional UTF-8 problems, one of which is that the caret indicator ought to count "unicode characters" not bytes. But to position a caret correctly, a character count is not sufficient -- this would need to use icu's BiDi logic (with fallback to doing something wrong when libxml2 is configured not to use icu) -- which makes a 'correct' fix a much larger project than this simple band-aid. --- .../development/libraries/libxml2/default.nix | 14 +++++++++ .../libxml2/utf8-xmlErrorFuncHandler.patch | 30 +++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 pkgs/development/libraries/libxml2/utf8-xmlErrorFuncHandler.patch diff --git a/pkgs/development/libraries/libxml2/default.nix b/pkgs/development/libraries/libxml2/default.nix index 2d2fb89d595..7ed50f61224 100644 --- a/pkgs/development/libraries/libxml2/default.nix +++ b/pkgs/development/libraries/libxml2/default.nix @@ -14,6 +14,20 @@ stdenv.mkDerivation rec { url = "http://xmlsoft.org/sources/${pname}-${version}.tar.gz"; sha256 = "0wd881jzvqayx0ihzba29jl80k06xj9ywp16kxacdqs3064p1ywl"; }; + patches = [ + # Upstream bugs: + # https://bugzilla.gnome.org/show_bug.cgi?id=789714 + # https://gitlab.gnome.org/GNOME/libxml2/issues/64 + # Patch from https://bugzilla.opensuse.org/show_bug.cgi?id=1065270 , + # but only the UTF-8 part. + # Can also be mitigated by fixing malformed XML inputs, such as in + # https://gitlab.gnome.org/GNOME/gnumeric/merge_requests/3 . + # Other discussion: + # https://github.com/itstool/itstool/issues/22 + # https://github.com/NixOS/nixpkgs/pull/63174 + # https://github.com/NixOS/nixpkgs/pull/72342 + ./utf8-xmlErrorFuncHandler.patch + ]; outputs = [ "bin" "dev" "out" "man" "doc" ] ++ lib.optional pythonSupport "py" diff --git a/pkgs/development/libraries/libxml2/utf8-xmlErrorFuncHandler.patch b/pkgs/development/libraries/libxml2/utf8-xmlErrorFuncHandler.patch new file mode 100644 index 00000000000..9f4c99b0934 --- /dev/null +++ b/pkgs/development/libraries/libxml2/utf8-xmlErrorFuncHandler.patch @@ -0,0 +1,30 @@ +Index: libxml2-2.9.5/python/libxml.c +=================================================================== +--- libxml2-2.9.5.orig/python/libxml.c ++++ libxml2-2.9.5/python/libxml.c +@@ -1620,6 +1620,7 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU + PyObject *message; + PyObject *result; + char str[1000]; ++ unsigned char *ptr = (unsigned char *)str; + + #ifdef DEBUG_ERROR + printf("libxml_xmlErrorFuncHandler(%p, %s, ...) called\n", ctx, msg); +@@ -1636,10 +1637,16 @@ libxml_xmlErrorFuncHandler(ATTRIBUTE_UNU + str[999] = 0; + va_end(ap); + ++#if PY_MAJOR_VERSION >= 3 ++ /* Ensure the error string doesn't start at UTF8 continuation. */ ++ while (*ptr && (*ptr & 0xc0) == 0x80) ++ ptr++; ++#endif ++ + list = PyTuple_New(2); + PyTuple_SetItem(list, 0, libxml_xmlPythonErrorFuncCtxt); + Py_XINCREF(libxml_xmlPythonErrorFuncCtxt); +- message = libxml_charPtrConstWrap(str); ++ message = libxml_charPtrConstWrap(ptr); + PyTuple_SetItem(list, 1, message); + result = PyEval_CallObject(libxml_xmlPythonErrorFuncHandler, list); + Py_XDECREF(list); From dafa543bf8795e84e4169e107a04278f781cb264 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Fri, 1 Nov 2019 01:20:45 +0100 Subject: [PATCH 19/42] gnome-doc-utils: do not propagate Python That breaks packages that rely on Python like itstool does. https://github.com/NixOS/nixpkgs/pull/72342#issuecomment-548250501 --- .../tools/documentation/gnome-doc-utils/default.nix | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/pkgs/development/tools/documentation/gnome-doc-utils/default.nix b/pkgs/development/tools/documentation/gnome-doc-utils/default.nix index 2f29fb2fbad..54c37fa6183 100644 --- a/pkgs/development/tools/documentation/gnome-doc-utils/default.nix +++ b/pkgs/development/tools/documentation/gnome-doc-utils/default.nix @@ -29,6 +29,11 @@ python2Packages.buildPythonApplication rec { }; }; + postFixup = '' + # Do not propagate Python + rm $out/nix-support/propagated-build-inputs + ''; + meta = with stdenv.lib; { description = "Collection of documentation utilities for the GNOME project"; homepage = "https://gitlab.gnome.org/GNOME/gnome-doc-utils"; From 265c1be3053478555c40f5b30f6a1a5c604c96a1 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 07:46:24 -0700 Subject: [PATCH 20/42] btrfs-progs: 5.2.2 -> 5.3.1 --- pkgs/tools/filesystems/btrfs-progs/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/filesystems/btrfs-progs/default.nix b/pkgs/tools/filesystems/btrfs-progs/default.nix index 95fc1c1cd7a..e04b9efe48f 100644 --- a/pkgs/tools/filesystems/btrfs-progs/default.nix +++ b/pkgs/tools/filesystems/btrfs-progs/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "btrfs-progs"; - version = "5.2.2"; + version = "5.3.1"; src = fetchurl { url = "mirror://kernel/linux/kernel/people/kdave/btrfs-progs/btrfs-progs-v${version}.tar.xz"; - sha256 = "1imivxjppi8zl27gn472pwpk8bg5dijkbyi340by31vhy7dj24w2"; + sha256 = "0f6s1iwiqbncrvxp74k50s88x6zqf85sjxg04kyni82l1vk1m8xz"; }; nativeBuildInputs = [ From 1c253da73de589e125525f87cb83b8f551490216 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 20:13:05 -0700 Subject: [PATCH 21/42] glib: 2.62.1 -> 2.62.2 --- pkgs/development/libraries/glib/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/glib/default.nix b/pkgs/development/libraries/glib/default.nix index 7c7d0aca75c..f1dca25d404 100644 --- a/pkgs/development/libraries/glib/default.nix +++ b/pkgs/development/libraries/glib/default.nix @@ -48,11 +48,11 @@ in stdenv.mkDerivation rec { pname = "glib"; - version = "2.62.1"; + version = "2.62.2"; src = fetchurl { url = "mirror://gnome/sources/glib/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "1pzrw2x9r0kyghrvwdbx3nqn2wcrrxy962f5gbdacwh83m705n9x"; + sha256 = "1wdkvqq6fkk99smmnjg7d999v4qhbgs7halwfcwz0vgp2fj29239"; }; patches = optionals stdenv.isDarwin [ From 5728d7d0ae7fe40de56ac8c1a518e4abc0a0fa8e Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 01:47:38 -0700 Subject: [PATCH 22/42] libuv: 1.32.0 -> 1.33.1 --- pkgs/development/libraries/libuv/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libuv/default.nix b/pkgs/development/libraries/libuv/default.nix index f9b49a46ebf..3c4f90edecc 100644 --- a/pkgs/development/libraries/libuv/default.nix +++ b/pkgs/development/libraries/libuv/default.nix @@ -1,14 +1,14 @@ { stdenv, lib, fetchFromGitHub, autoconf, automake, libtool, pkgconfig, ApplicationServices, CoreServices }: stdenv.mkDerivation rec { - version = "1.32.0"; + version = "1.33.1"; pname = "libuv"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "1ifazxr5ssw2ay6j66acaxgfwq0x8130fvsyjs1wxvf2r9g4ds9w"; + sha256 = "13w60g9pc6998v8plslwpwn7f1hx3c1y4zhgmw025nyd504h5lak"; }; postPatch = let From 7e5ea6f440eaf980c4af5074100b0f6d1b15cbb6 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 05:57:44 -0700 Subject: [PATCH 23/42] modemmanager: 1.10.4 -> 1.10.6 --- pkgs/tools/networking/modem-manager/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/networking/modem-manager/default.nix b/pkgs/tools/networking/modem-manager/default.nix index d921e841c5b..221e873387f 100644 --- a/pkgs/tools/networking/modem-manager/default.nix +++ b/pkgs/tools/networking/modem-manager/default.nix @@ -3,12 +3,12 @@ stdenv.mkDerivation rec { pname = "modem-manager"; - version = "1.10.4"; + version = "1.10.6"; package = "ModemManager"; src = fetchurl { url = "https://www.freedesktop.org/software/${package}/${package}-${version}.tar.xz"; - sha256 = "0w6wdj9dh7zwhzl68775h1ni6zcgvss524dp17kph50zpas6nmgs"; + sha256 = "15n9sd6ymxvw7hidc9pw81j89acwi5cjfhj220a68mi1h8vsfb1w"; }; nativeBuildInputs = [ vala gobject-introspection gettext pkgconfig ]; From 9802b19e596500c62e532a9fd81a29c5ef7b76f6 Mon Sep 17 00:00:00 2001 From: Christian Kauhaus Date: Sun, 27 Oct 2019 18:07:00 +0100 Subject: [PATCH 24/42] ilmbase-2.3.0: patch CVE-2018-18443 --- pkgs/development/libraries/ilmbase/default.nix | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/ilmbase/default.nix b/pkgs/development/libraries/ilmbase/default.nix index 5cc0f7c1f46..82d5583c55f 100644 --- a/pkgs/development/libraries/ilmbase/default.nix +++ b/pkgs/development/libraries/ilmbase/default.nix @@ -1,4 +1,5 @@ -{ stdenv, fetchurl, buildPackages, automake, autoconf, libtool, which }: +{ stdenv, fetchurl, buildPackages, automake, autoconf, libtool, which, + fetchpatch }: stdenv.mkDerivation rec { pname = "ilmbase"; @@ -21,7 +22,17 @@ stdenv.mkDerivation rec { NIX_CFLAGS_LINK = [ "-pthread" ]; - patches = [ ./bootstrap.patch ./cross.patch ]; + patches = [ + ./bootstrap.patch + ./cross.patch + (fetchpatch { + name = "CVE-2018-18443.patch"; + url = "https://github.com/kdt3rd/openexr/commit/5fa930b82cff2db386c64ca512af19e60c14d32a.patch"; + sha256 = "1j6xd0qkx99acc1szycxaj0wwp01yac67jz48hwc4fwwpz8blx4s"; + stripLen = 1; + excludes = [ "CHANGES.md" ]; + }) + ]; # fails 1 out of 1 tests with # "lt-ImathTest: testBoxAlgo.cpp:892: void {anonymous}::boxMatrixTransform(): Assertion `b21 == b2' failed" From 1bd842a121cc07a86635bfe88495da551005f561 Mon Sep 17 00:00:00 2001 From: Christian Kauhaus Date: Sun, 27 Oct 2019 18:08:45 +0100 Subject: [PATCH 25/42] openexr: patch CVE-2018-18444 --- pkgs/development/libraries/openexr/default.nix | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/openexr/default.nix b/pkgs/development/libraries/openexr/default.nix index 9eef138c532..7bd3985c12b 100644 --- a/pkgs/development/libraries/openexr/default.nix +++ b/pkgs/development/libraries/openexr/default.nix @@ -1,4 +1,5 @@ -{ lib, stdenv, buildPackages, fetchurl, autoconf, automake, libtool, pkgconfig, zlib, ilmbase, }: +{ lib, stdenv, buildPackages, fetchurl, autoconf, automake, libtool, pkgconfig, + zlib, ilmbase, fetchpatch }: let # Doesn't really do anything when not crosscompiling @@ -16,6 +17,12 @@ stdenv.mkDerivation rec { patches = [ ./bootstrap.patch + (fetchpatch { + name = "CVE-2018-18444.patch"; + url = "https://github.com/openexr/openexr/commit/1b0f1e5d7dcf2e9d6cbb4e005e803808b010b1e0.patch"; + sha256 = "0f5m4wdwqqg8wfg7azzsz5yfpdrvws314rd4sqfc74j1g6wrcnqj"; + stripLen = 1; + }) ]; outputs = [ "bin" "dev" "out" "doc" ]; From fe65a64e8e5929283fb18212faefc8d167c2e0c3 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 09:40:09 -0700 Subject: [PATCH 26/42] at-spi2-atk: 2.34.0 -> 2.34.1 --- pkgs/development/libraries/at-spi2-atk/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/at-spi2-atk/default.nix b/pkgs/development/libraries/at-spi2-atk/default.nix index 4af9c9ce32b..f63a341e26e 100644 --- a/pkgs/development/libraries/at-spi2-atk/default.nix +++ b/pkgs/development/libraries/at-spi2-atk/default.nix @@ -16,11 +16,11 @@ stdenv.mkDerivation rec { pname = "at-spi2-atk"; - version = "2.34.0"; + version = "2.34.1"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${pname}-${version}.tar.xz"; - sha256 = "00250s72ii8w6lb6ww61v49y9k4cswfj0hhawqlram7bl6b7x6is"; + sha256 = "05ncp7s5nddjinffs26mcvpbd63vk1m3cv5y530p3plgfhqgjvbp"; }; nativeBuildInputs = [ meson ninja pkgconfig ]; From d598b503522f4e551978e3e365bcb6792521df4f Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 17:44:50 -0700 Subject: [PATCH 27/42] gnu-efi: 3.0.9 -> 3.0.11 --- pkgs/development/libraries/gnu-efi/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gnu-efi/default.nix b/pkgs/development/libraries/gnu-efi/default.nix index af225cc50f2..9c9f19b124d 100644 --- a/pkgs/development/libraries/gnu-efi/default.nix +++ b/pkgs/development/libraries/gnu-efi/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "gnu-efi"; - version = "3.0.9"; + version = "3.0.11"; src = fetchurl { url = "mirror://sourceforge/gnu-efi/${pname}-${version}.tar.bz2"; - sha256 = "1w3p4aqlc5j93q44la7dc8cr3hky20zvsd0h0k2lyzhwmrzfl5b7"; + sha256 = "1ffnc4xbzfggs37ymrgfx76j56kk2644c081ivhr2bjkla9ag3gj"; }; buildInputs = [ pciutils ]; From eb87a73fe0656e735411399591ad87c2762673f7 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 19:57:09 -0700 Subject: [PATCH 28/42] go: 1.13.3 -> 1.13.4 --- pkgs/development/compilers/go/1.13.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/compilers/go/1.13.nix b/pkgs/development/compilers/go/1.13.nix index 95c51e2e880..9e8a6601724 100644 --- a/pkgs/development/compilers/go/1.13.nix +++ b/pkgs/development/compilers/go/1.13.nix @@ -30,11 +30,11 @@ in stdenv.mkDerivation rec { pname = "go"; - version = "1.13.3"; + version = "1.13.4"; src = fetchurl { url = "https://dl.google.com/go/go${version}.src.tar.gz"; - sha256 = "1pz3423gw3z2zwcmk9l2c6v68w5is39gndq7502c9mbm8c226wag"; + sha256 = "093n5v0bipaan0qqc02wash18r625y74r4zhmjwlc9zf8asfmnwm"; }; # perl is used for testing go vet From cfc2cc8291624f869d9e0d547ba74d8a7dc6939d Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 20:44:30 -0700 Subject: [PATCH 29/42] harfbuzz: 2.6.2 -> 2.6.4 --- pkgs/development/libraries/harfbuzz/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/harfbuzz/default.nix b/pkgs/development/libraries/harfbuzz/default.nix index 361ac4f27aa..42f68eea83f 100644 --- a/pkgs/development/libraries/harfbuzz/default.nix +++ b/pkgs/development/libraries/harfbuzz/default.nix @@ -8,7 +8,7 @@ }: let - version = "2.6.2"; + version = "2.6.4"; inherit (stdenv.lib) optional optionals optionalString; in @@ -17,7 +17,7 @@ stdenv.mkDerivation { src = fetchurl { url = "https://www.freedesktop.org/software/harfbuzz/release/harfbuzz-${version}.tar.xz"; - sha256 = "097ncrkaawdzpgwlrpp4kwciq4z5pqz2n4f3yra5vc7jyxr6lk1v"; + sha256 = "04iwq13w6zkdhljmsxrzgg4fyh04qnwfn57rgrl9kmijc7cvh4wl"; }; postPatch = '' From b64bb00298a29fffceecc0ac68280bd60ecea873 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 00:47:17 -0700 Subject: [PATCH 30/42] libinput: 1.14.1 -> 1.14.3 --- pkgs/development/libraries/libinput/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libinput/default.nix b/pkgs/development/libraries/libinput/default.nix index 044ef2dd6a7..2085d27a1ee 100644 --- a/pkgs/development/libraries/libinput/default.nix +++ b/pkgs/development/libraries/libinput/default.nix @@ -27,11 +27,11 @@ in with stdenv.lib; stdenv.mkDerivation rec { pname = "libinput"; - version = "1.14.1"; + version = "1.14.3"; src = fetchurl { url = "https://www.freedesktop.org/software/libinput/${pname}-${version}.tar.xz"; - sha256 = "0w7fas37mp2k06f12i3lnj717lw73asziknj6z51kh1m50ja6cz3"; + sha256 = "1dy58j8dvr7ri34bx0lppmh5638m956azgwk501w373hi42kmsqg"; }; outputs = [ "bin" "out" "dev" ]; From 786c92e169e7387284cc1c6d2efb3144a1f35508 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 02:03:31 -0700 Subject: [PATCH 31/42] libmicrohttpd: 0.9.67 -> 0.9.68 --- pkgs/development/libraries/libmicrohttpd/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libmicrohttpd/default.nix b/pkgs/development/libraries/libmicrohttpd/default.nix index 866edcc437c..c8340626935 100644 --- a/pkgs/development/libraries/libmicrohttpd/default.nix +++ b/pkgs/development/libraries/libmicrohttpd/default.nix @@ -2,11 +2,11 @@ stdenv.mkDerivation rec { pname = "libmicrohttpd"; - version = "0.9.67"; + version = "0.9.68"; src = fetchurl { url = "mirror://gnu/libmicrohttpd/${pname}-${version}.tar.gz"; - sha256 = "1584lv2miq7sp7yjd58lcbddh3yh5p8f9gbygn1d96fh4ckqa7vy"; + sha256 = "0q8bc4hrxn6llml7w2vam6n833x8injs39wgdkhwkawr50m6wwf5"; }; outputs = [ "out" "dev" "devdoc" "info" ]; From c5489349587e60610a5d9e846051653436375d75 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 01:36:20 -0700 Subject: [PATCH 32/42] librsvg: 2.46.1 -> 2.46.3 --- pkgs/development/libraries/librsvg/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/librsvg/default.nix b/pkgs/development/libraries/librsvg/default.nix index e54098b4459..e9a67c5d059 100644 --- a/pkgs/development/libraries/librsvg/default.nix +++ b/pkgs/development/libraries/librsvg/default.nix @@ -4,14 +4,14 @@ let pname = "librsvg"; - version = "2.46.1"; + version = "2.46.3"; in stdenv.mkDerivation rec { name = "${pname}-${version}"; src = fetchurl { url = "mirror://gnome/sources/${pname}/${stdenv.lib.versions.majorMinor version}/${name}.tar.xz"; - sha256 = "0hvnqrgfi8c2xh94gxs6xwwg1m2z3l0lblqs2anlx8k3g9ag589d"; + sha256 = "1s3a96i7f4pynjwxxvhysp4b6r7kyi8nasdxfyi62hc7gm34d3kn"; }; outputs = [ "out" "dev" "installedTests" ]; From ba065f3fad8af9220f3d975b6344ad5ec5f62551 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 22 Oct 2019 04:50:06 -0700 Subject: [PATCH 33/42] libical: 3.0.5 -> 3.0.6 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/libical/versions --- pkgs/development/libraries/libical/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/libical/default.nix b/pkgs/development/libraries/libical/default.nix index 050cba5460d..903a1a26eb7 100644 --- a/pkgs/development/libraries/libical/default.nix +++ b/pkgs/development/libraries/libical/default.nix @@ -15,7 +15,7 @@ stdenv.mkDerivation rec { pname = "libical"; - version = "3.0.5"; + version = "3.0.6"; outputs = [ "out" "dev" ]; # "devdoc" ]; @@ -23,7 +23,7 @@ stdenv.mkDerivation rec { owner = "libical"; repo = "libical"; rev = "v${version}"; - sha256 = "03kjc4s1svmzkmzkr0irgczq37aslhj4bxnvjqav0jwa2zrynhra"; + sha256 = "181lf07fj36fp0rbcjjmb53yzdvv9i4qxpnbpax8hayjhha8pjh3"; }; nativeBuildInputs = [ From 3466faf9d877cbe1442661557181d0e2f93f6f7e Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Tue, 29 Oct 2019 14:49:55 -0400 Subject: [PATCH 34/42] pythonPackages.setuptoolsBuildHook: fix debug message --- .../interpreters/python/hooks/setuptools-build-hook.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/interpreters/python/hooks/setuptools-build-hook.sh b/pkgs/development/interpreters/python/hooks/setuptools-build-hook.sh index c99ef313c10..322a0336df2 100644 --- a/pkgs/development/interpreters/python/hooks/setuptools-build-hook.sh +++ b/pkgs/development/interpreters/python/hooks/setuptools-build-hook.sh @@ -17,7 +17,7 @@ setuptoolsBuildPhase() { eval "@pythonInterpreter@ nix_run_setup $args bdist_wheel" runHook postBuild - echo "Finished executing setuptoolsInstallPhase" + echo "Finished executing setuptoolsBuildPhase" } setuptoolsShellHook() { From e3e9af4d03ae1cbed9a1a8c6da9a99e0706bcf6f Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Thu, 31 Oct 2019 23:29:27 +0000 Subject: [PATCH 35/42] jack2: 1.9.12 -> 1.9.13 (security) addressing CVE-2019-13351 removing now-redundant patch fixing build on macos --- pkgs/misc/jackaudio/default.nix | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/pkgs/misc/jackaudio/default.nix b/pkgs/misc/jackaudio/default.nix index f246c41d965..6ca09c9516b 100644 --- a/pkgs/misc/jackaudio/default.nix +++ b/pkgs/misc/jackaudio/default.nix @@ -28,13 +28,13 @@ let in stdenv.mkDerivation rec { name = "${prefix}jack2-${version}"; - version = "1.9.12"; + version = "1.9.13"; src = fetchFromGitHub { owner = "jackaudio"; repo = "jack2"; rev = "v${version}"; - sha256 = "0ynpyn0l77m94b50g7ysl795nvam3ra65wx5zb46nxspgbf6wnkh"; + sha256 = "1dnq75ylcv3npsyvzzkj0g8mdnzwis1whc2pk6s5hkcc1bgvv2xy"; }; nativeBuildInputs = [ pkgconfig python makeWrapper wafHook ]; @@ -49,11 +49,6 @@ stdenv.mkDerivation rec { --replace /bin/bash ${bash}/bin/bash ''; - patches = [ (fetchpatch { - url = "https://github.com/jackaudio/jack2/commit/d851fada460d42508a6f82b19867f63853062583.patch"; - sha256 = "1iwwxjzvgrj7dz3s8alzlhcgmcarjcbkrgvsmy6kafw21pyyw7hp"; - }) ]; - wafConfigureFlags = [ "--classic" "--autostart=${if (optDbus != null) then "dbus" else "classic"}" From 4c5687356ce903416013fc0b8b2f98945645ed76 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Tue, 22 Oct 2019 10:39:41 -0700 Subject: [PATCH 36/42] man: 2.8.6.1 -> 2.8.7 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/man-db/versions --- pkgs/tools/misc/man-db/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/misc/man-db/default.nix b/pkgs/tools/misc/man-db/default.nix index a8fb7eea97c..49e4ab44836 100644 --- a/pkgs/tools/misc/man-db/default.nix +++ b/pkgs/tools/misc/man-db/default.nix @@ -1,11 +1,11 @@ { stdenv, fetchurl, pkgconfig, libpipeline, db, groff, libiconv, makeWrapper, buildPackages }: stdenv.mkDerivation rec { - name = "man-db-2.8.6.1"; + name = "man-db-2.8.7"; src = fetchurl { url = "mirror://savannah/man-db/${name}.tar.xz"; - sha256 = "0a1sh5gxa16k6irzf3q2lli8m204w9ik1xm62wjgf1mzknxs4xrc"; + sha256 = "09mkpvwirv9kh2pqhfq90zl7pjdl63f4w4g1x6zhhp9hjswmpkdr"; }; outputs = [ "out" "doc" ]; From 60024b53d7587581643075f20b817041122002ba Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 21 Oct 2019 06:08:16 -0700 Subject: [PATCH 37/42] cmakeWithGui: 3.15.1 -> 3.15.4 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/cmake-cursesui-qt5ui/versions --- pkgs/development/tools/build-managers/cmake/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/build-managers/cmake/default.nix b/pkgs/development/tools/build-managers/cmake/default.nix index 5bad0100a03..6dd7f5a884c 100644 --- a/pkgs/development/tools/build-managers/cmake/default.nix +++ b/pkgs/development/tools/build-managers/cmake/default.nix @@ -19,12 +19,12 @@ stdenv.mkDerivation rec { + lib.optionalString useNcurses "-cursesUI" + lib.optionalString withQt5 "-qt5UI" + lib.optionalString useQt4 "-qt4UI"; - version = "3.15.1"; + version = "3.15.4"; src = fetchurl { url = "${meta.homepage}files/v${lib.versions.majorMinor version}/cmake-${version}.tar.gz"; # compare with https://cmake.org/files/v${lib.versions.majorMinor version}/cmake-${version}-SHA-256.txt - sha256 = "1xyprly3sf4wi0n1x79k4n22yxm6pb7fv70gqr9lvc7qv14cbphq"; + sha256 = "0ypd051rh3nxhjfb5wcmnxi78p1d1qbzrhazn94lwdr1xa4ia8ca"; }; patches = [ From 738fdb49830feb3e0594c053970b1e08ab45ffb1 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 1 Nov 2019 12:33:14 -0700 Subject: [PATCH 38/42] check: 0.12.0 -> 0.13.0 --- pkgs/development/libraries/check/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/check/default.nix b/pkgs/development/libraries/check/default.nix index 08610d1e9af..6a94d9a71ce 100644 --- a/pkgs/development/libraries/check/default.nix +++ b/pkgs/development/libraries/check/default.nix @@ -4,11 +4,11 @@ stdenv.mkDerivation rec { pname = "check"; - version = "0.12.0"; + version = "0.13.0"; src = fetchurl { url = "https://github.com/libcheck/check/releases/download/${version}/check-${version}.tar.gz"; - sha256 = "0d22h8xshmbpl9hba9ch3xj8vb9ybm5akpsbbh7yj07fic4h2hj6"; + sha256 = "02crar51gniijrrl9p8f9maibnwc33n76kw5cqr7xk3s8hqnncy4"; }; # Test can randomly fail: http://hydra.nixos.org/build/7243912 From 651b72a704e5d19ed6b9af044b787bd1194a44b9 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Mon, 7 Oct 2019 02:39:24 -0700 Subject: [PATCH 39/42] gmock: 1.8.1 -> 1.10.0 Semi-automatic update generated by https://github.com/ryantm/nixpkgs-update tools. This update was made based on information from https://repology.org/metapackage/gtest/versions --- pkgs/development/libraries/gtest/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/gtest/default.nix b/pkgs/development/libraries/gtest/default.nix index 5fecd45b7da..4326be59724 100644 --- a/pkgs/development/libraries/gtest/default.nix +++ b/pkgs/development/libraries/gtest/default.nix @@ -3,7 +3,7 @@ stdenv.mkDerivation rec { pname = "gtest"; - version = "1.8.1"; + version = "1.10.0"; outputs = [ "out" "dev" ]; @@ -11,7 +11,7 @@ stdenv.mkDerivation rec { owner = "google"; repo = "googletest"; rev = "release-${version}"; - sha256 = "0270msj6n7mggh4xqqjp54kswbl7mkcc8px1p5dqdpmw5ngh9fzk"; + sha256 = "1zbmab9295scgg4z2vclgfgjchfjailjnvzc6f5x9jvlsdi3dpwz"; }; patches = [ From 3cf749b58f718626b83a75bb0c4917ade9615a30 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 2 Nov 2019 08:22:59 -0700 Subject: [PATCH 40/42] nspr: 4.22 -> 4.23 --- pkgs/development/libraries/nspr/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/nspr/default.nix b/pkgs/development/libraries/nspr/default.nix index f5e4843a826..23587cbef6b 100644 --- a/pkgs/development/libraries/nspr/default.nix +++ b/pkgs/development/libraries/nspr/default.nix @@ -2,7 +2,7 @@ , CoreServices ? null , buildPackages }: -let version = "4.22"; in +let version = "4.23"; in stdenv.mkDerivation { pname = "nspr"; @@ -10,7 +10,7 @@ stdenv.mkDerivation { src = fetchurl { url = "mirror://mozilla/nspr/releases/v${version}/src/nspr-${version}.tar.gz"; - sha256 = "0c6ljv3bdqhc169srbpjy0cs52xk715p04zy08rcjvl54k6bdr69"; + sha256 = "193p6i2r6wvpb4i04a9pxbqkxcn8rbcmwl81m4yp5xgs6w8857ab"; }; patches = [ From cd87f1ba239b79eb69ba86938644a1307243f45d Mon Sep 17 00:00:00 2001 From: David Terry Date: Fri, 18 Oct 2019 16:05:19 +0200 Subject: [PATCH 41/42] automake-1.15: deterministic documentation generation automake 1.15 uses a bundled version of help2man from 2012 that does not support the SOURCE_DATE_EPOCH environment variable. This means that the build date is included in the generated documentation, breaking reproducibility. This changes adds the SOURCE_DATE_EPOCH support from the current help2man to the version bundled in automake 1.15. --- .../tools/misc/automake/automake-1.15.x.nix | 2 + .../help2man-SOURCE_DATE_EPOCH-support.patch | 41 +++++++++++++++++++ 2 files changed, 43 insertions(+) create mode 100644 pkgs/development/tools/misc/automake/help2man-SOURCE_DATE_EPOCH-support.patch diff --git a/pkgs/development/tools/misc/automake/automake-1.15.x.nix b/pkgs/development/tools/misc/automake/automake-1.15.x.nix index e1aeb025c30..f1a48644617 100644 --- a/pkgs/development/tools/misc/automake/automake-1.15.x.nix +++ b/pkgs/development/tools/misc/automake/automake-1.15.x.nix @@ -13,6 +13,8 @@ stdenv.mkDerivation rec { setupHook = ./setup-hook.sh; + patches = [ ./help2man-SOURCE_DATE_EPOCH-support.patch ]; + # Disable indented log output from Make, otherwise "make.test" will # fail. preCheck = "unset NIX_INDENT_MAKE"; diff --git a/pkgs/development/tools/misc/automake/help2man-SOURCE_DATE_EPOCH-support.patch b/pkgs/development/tools/misc/automake/help2man-SOURCE_DATE_EPOCH-support.patch new file mode 100644 index 00000000000..048f75e6334 --- /dev/null +++ b/pkgs/development/tools/misc/automake/help2man-SOURCE_DATE_EPOCH-support.patch @@ -0,0 +1,41 @@ +From 2e3357d7f0d63f1caeb40d9644c2436a5cd0da5f Mon Sep 17 00:00:00 2001 +From: David Terry +Date: Fri, 18 Oct 2019 10:23:11 +0200 +Subject: [PATCH] help2man: add support for SOURCE_DATE_EPOCH + +--- + doc/help2man | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/doc/help2man b/doc/help2man +index af4306f..4a64167 100755 +--- a/doc/help2man ++++ b/doc/help2man +@@ -213,11 +213,23 @@ sub get_option_value; + my $help_text = get_option_value $ARGV[0], $help_option; + $version_text ||= get_option_value $ARGV[0], $version_option; + ++# By default the generated manual pages will include the current date. This may ++# however be overriden by setting the environment variable $SOURCE_DATE_EPOCH ++# to an integer value of the seconds since the UNIX epoch. This is primarily ++# intended to support reproducible builds (wiki.debian.org/ReproducibleBuilds) ++# and will additionally ensure that the output date string is UTC. ++my $epoch_secs = time; ++if (exists $ENV{SOURCE_DATE_EPOCH} and $ENV{SOURCE_DATE_EPOCH} =~ /^(\d+)$/) ++{ ++ $epoch_secs = $1; ++ $ENV{TZ} = 'UTC'; ++} ++ + # Translators: the following message is a strftime(3) format string, which in + # the English version expands to the month as a word and the full year. It + # is used on the footer of the generated manual pages. If in doubt, you may + # just use %x as the value (which should be the full locale-specific date). +-my $date = enc strftime _("%B %Y"), localtime; ++my $date = enc strftime _("%B %Y"), localtime $epoch_secs; + (my $program = $ARGV[0]) =~ s!.*/!!; + my $package = $program; + my $version; +-- +2.23.0 + From b4270a7e798940213362a368ae9e1da27adcfb88 Mon Sep 17 00:00:00 2001 From: Frederik Rietdijk Date: Tue, 29 Oct 2019 12:59:46 +0100 Subject: [PATCH 42/42] shadow: replace gnome-doc-utils with itstool gnome-doc-utils is no longer supported and requires Python 2. --- pkgs/os-specific/linux/shadow/default.nix | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/shadow/default.nix b/pkgs/os-specific/linux/shadow/default.nix index 1a38b804888..f810270a29e 100644 --- a/pkgs/os-specific/linux/shadow/default.nix +++ b/pkgs/os-specific/linux/shadow/default.nix @@ -1,5 +1,5 @@ { stdenv, fetchpatch, fetchFromGitHub, autoreconfHook, libxslt, libxml2 -, docbook_xml_dtd_45, docbook_xsl, gnome-doc-utils, flex, bison +, docbook_xml_dtd_45, docbook_xsl, itstool, flex, bison , pam ? null, glibcCross ? null }: @@ -30,7 +30,7 @@ stdenv.mkDerivation rec { buildInputs = stdenv.lib.optional (pam != null && stdenv.isLinux) pam; nativeBuildInputs = [autoreconfHook libxslt libxml2 - docbook_xml_dtd_45 docbook_xsl gnome-doc-utils flex bison + docbook_xml_dtd_45 docbook_xsl flex bison itstool ]; patches = @@ -38,6 +38,12 @@ stdenv.mkDerivation rec { # Obtain XML resources from XML catalog (patch adapted from gtk-doc) ./respect-xml-catalog-files-var.patch dots_in_usernames + # Allow building with itstool + # https://github.com/shadow-maint/shadow/pull/184 + (fetchpatch { + url = https://github.com/shadow-maint/shadow/commit/6c6c8d3a33bba32277e1ed46f55df1e6dbc914b7.patch; + sha256 = "0xfr1mrfv5xsmri6l7ycbpz3qhs4vf3fyci4kwpffi3icsfjn557"; + }) ]; # The nix daemon often forbids even creating set[ug]id files.