Merge staging-next-21.05 into staging-21.05
This commit is contained in:
github-actions[bot]
GitHub
commit
48b0dbb885
|
|
@ -21,7 +21,15 @@ let
|
|||
))
|
||||
else throw (traceSeq v "services.unbound.settings: unexpected type");
|
||||
|
||||
confFile = pkgs.writeText "unbound.conf" (concatStringsSep "\n" ((mapAttrsToList (toConf "") cfg.settings) ++ [""]));
|
||||
confNoServer = concatStringsSep "\n" ((mapAttrsToList (toConf "") (builtins.removeAttrs cfg.settings [ "server" ])) ++ [""]);
|
||||
confServer = concatStringsSep "\n" (mapAttrsToList (toConf " ") (builtins.removeAttrs cfg.settings.server [ "define-tag" ]));
|
||||
|
||||
confFile = pkgs.writeText "unbound.conf" ''
|
||||
server:
|
||||
${optionalString (cfg.settings.server.define-tag != "") (toOption " " "define-tag" cfg.settings.server.define-tag)}
|
||||
${confServer}
|
||||
${confNoServer}
|
||||
'';
|
||||
|
||||
rootTrustAnchorFile = "${cfg.stateDir}/root.key";
|
||||
|
||||
|
|
@ -170,6 +178,7 @@ in {
|
|||
# prevent race conditions on system startup when interfaces are not yet
|
||||
# configured
|
||||
ip-freebind = mkDefault true;
|
||||
define-tag = mkDefault "";
|
||||
};
|
||||
remote-control = {
|
||||
control-enable = mkDefault false;
|
||||
|
|
|
|||
|
|
@ -30,7 +30,10 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
|
|||
machine.imports = [ ./common/user-account.nix ./common/x11.nix ];
|
||||
machine.virtualisation.memorySize = 2047;
|
||||
machine.test-support.displayManager.auto.user = user;
|
||||
machine.environment.systemPackages = [ chromiumPkg ];
|
||||
machine.environment = {
|
||||
systemPackages = [ chromiumPkg ];
|
||||
variables."XAUTHORITY" = "/home/alice/.Xauthority";
|
||||
};
|
||||
|
||||
startupHTML = pkgs.writeText "chromium-startup.html" ''
|
||||
<!DOCTYPE html>
|
||||
|
|
@ -63,17 +66,32 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
|
|||
return "su - ${user} -c " + shlex.quote(cmd)
|
||||
|
||||
|
||||
def get_browser_binary():
|
||||
"""Returns the name of the browser binary."""
|
||||
def launch_browser():
|
||||
"""Launches the web browser with the correct options."""
|
||||
# Determine the name of the binary:
|
||||
pname = "${getName chromiumPkg.name}"
|
||||
if pname.find("chromium") != -1:
|
||||
return "chromium" # Same name for all channels and ungoogled-chromium
|
||||
if pname == "google-chrome":
|
||||
return "google-chrome-stable"
|
||||
if pname == "google-chrome-dev":
|
||||
return "google-chrome-unstable"
|
||||
# For google-chrome-beta and as fallback:
|
||||
return pname
|
||||
binary = "chromium" # Same name for all channels and ungoogled-chromium
|
||||
elif pname == "google-chrome":
|
||||
binary = "google-chrome-stable"
|
||||
elif pname == "google-chrome-dev":
|
||||
binary = "google-chrome-unstable"
|
||||
else: # For google-chrome-beta and as fallback:
|
||||
binary = pname
|
||||
# Add optional CLI options:
|
||||
options = []
|
||||
major_version = "${versions.major (getVersion chromiumPkg.name)}"
|
||||
if major_version > "91":
|
||||
# To avoid a GPU crash:
|
||||
options += ["--use-gl=angle", "--use-angle=swiftshader"]
|
||||
options.append("file://${startupHTML}")
|
||||
# Launch the process:
|
||||
machine.succeed(ru(f'ulimit -c unlimited; {binary} {shlex.join(options)} & disown'))
|
||||
if binary.startswith("google-chrome"):
|
||||
# Need to click away the first window:
|
||||
machine.wait_for_text("Make Google Chrome the default browser")
|
||||
machine.screenshot("google_chrome_default_browser_prompt")
|
||||
machine.send_key("ret")
|
||||
|
||||
|
||||
def create_new_win():
|
||||
|
|
@ -124,24 +142,32 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
|
|||
|
||||
|
||||
@contextmanager
|
||||
def test_new_win(description):
|
||||
def test_new_win(description, url, window_name):
|
||||
create_new_win()
|
||||
machine.wait_for_window("New Tab")
|
||||
machine.send_chars(f"{url}\n")
|
||||
machine.wait_for_window(window_name)
|
||||
machine.screenshot(description)
|
||||
machine.succeed(
|
||||
ru(
|
||||
"${xdo "copy-all" ''
|
||||
key --delay 1000 Ctrl+a Ctrl+c
|
||||
''}"
|
||||
)
|
||||
)
|
||||
clipboard = machine.succeed(
|
||||
ru("${pkgs.xclip}/bin/xclip -o")
|
||||
)
|
||||
print(f"{description} window content:\n{clipboard}")
|
||||
with machine.nested(description):
|
||||
yield
|
||||
yield clipboard
|
||||
# Close the newly created window:
|
||||
machine.send_key("ctrl-w")
|
||||
|
||||
|
||||
machine.wait_for_x()
|
||||
|
||||
url = "file://${startupHTML}"
|
||||
machine.succeed(ru(f'ulimit -c unlimited; "{get_browser_binary()}" "{url}" & disown'))
|
||||
|
||||
if get_browser_binary().startswith("google-chrome"):
|
||||
# Need to click away the first window:
|
||||
machine.wait_for_text("Make Google Chrome the default browser")
|
||||
machine.screenshot("google_chrome_default_browser_prompt")
|
||||
machine.send_key("ret")
|
||||
launch_browser()
|
||||
|
||||
machine.wait_for_text("startup done")
|
||||
machine.wait_until_succeeds(
|
||||
|
|
@ -164,49 +190,7 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
|
|||
|
||||
machine.screenshot("startup_done")
|
||||
|
||||
with test_new_win("check sandbox"):
|
||||
machine.succeed(
|
||||
ru(
|
||||
"${xdo "type-url" ''
|
||||
search --sync --onlyvisible --name "New Tab"
|
||||
windowfocus --sync
|
||||
type --delay 1000 "chrome://sandbox"
|
||||
''}"
|
||||
)
|
||||
)
|
||||
|
||||
machine.succeed(
|
||||
ru(
|
||||
"${xdo "submit-url" ''
|
||||
search --sync --onlyvisible --name "New Tab"
|
||||
windowfocus --sync
|
||||
key --delay 1000 Return
|
||||
''}"
|
||||
)
|
||||
)
|
||||
|
||||
machine.screenshot("sandbox_info")
|
||||
|
||||
machine.succeed(
|
||||
ru(
|
||||
"${xdo "find-window" ''
|
||||
search --sync --onlyvisible --name "Sandbox Status"
|
||||
windowfocus --sync
|
||||
''}"
|
||||
)
|
||||
)
|
||||
machine.succeed(
|
||||
ru(
|
||||
"${xdo "copy-sandbox-info" ''
|
||||
key --delay 1000 Ctrl+a Ctrl+c
|
||||
''}"
|
||||
)
|
||||
)
|
||||
|
||||
clipboard = machine.succeed(
|
||||
ru("${pkgs.xclip}/bin/xclip -o")
|
||||
)
|
||||
|
||||
with test_new_win("sandbox_info", "chrome://sandbox", "Sandbox Status") as clipboard:
|
||||
filters = [
|
||||
"layer 1 sandbox.*namespace",
|
||||
"pid namespaces.*yes",
|
||||
|
|
@ -253,6 +237,12 @@ mapAttrs (channel: chromiumPkg: makeTest rec {
|
|||
|
||||
machine.screenshot("after_copy_from_chromium")
|
||||
|
||||
|
||||
with test_new_win("gpu_info", "chrome://gpu", "chrome://gpu"):
|
||||
# To check the text rendering (catches regressions like #131074):
|
||||
machine.wait_for_text("Graphics Feature Status")
|
||||
|
||||
|
||||
machine.shutdown()
|
||||
'';
|
||||
}) channelMap
|
||||
|
|
|
|||
|
|
@ -10,8 +10,8 @@ let
|
|||
genericName = "Apache Directory Studio";
|
||||
categories = "Java;Network";
|
||||
};
|
||||
version = "2.0.0-M15";
|
||||
versionWithDate = "2.0.0.v20200411-M15";
|
||||
version = "2.0.0-M17";
|
||||
versionWithDate = "2.0.0.v20210717-M17";
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "apache-directory-studio";
|
||||
|
|
@ -21,7 +21,7 @@ stdenv.mkDerivation rec {
|
|||
if stdenv.hostPlatform.system == "x86_64-linux" then
|
||||
fetchurl {
|
||||
url = "mirror://apache/directory/studio/${versionWithDate}/ApacheDirectoryStudio-${versionWithDate}-linux.gtk.x86_64.tar.gz";
|
||||
sha256 = "1rkyb0qcsl9hk2qcwp5mwaab69q3sn77v5xyn9mbvi5wg9icbc37";
|
||||
sha256 = "19zdspzv4n3mfgb1g45s3wh0vbvn6a9zjd4xi5x2afmdjkzlwxi4";
|
||||
}
|
||||
else throw "Unsupported system: ${stdenv.hostPlatform.system}";
|
||||
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ mkChromiumDerivation (base: rec {
|
|||
-e '/\[Desktop Entry\]/a\' \
|
||||
-e 'StartupWMClass=chromium-browser' \
|
||||
$out/share/applications/chromium-browser.desktop
|
||||
'' + lib.optionalString (channel == "dev") ''
|
||||
'' + lib.optionalString (channel != "stable") ''
|
||||
cp -v "$buildPath/crashpad_handler" "$libExecPath/"
|
||||
'';
|
||||
|
||||
|
|
@ -84,7 +84,7 @@ mkChromiumDerivation (base: rec {
|
|||
else "https://www.chromium.org/";
|
||||
maintainers = with maintainers; if ungoogled
|
||||
then [ squalus primeos ]
|
||||
else [ primeos thefloweringash bendlas ];
|
||||
else [ primeos thefloweringash ];
|
||||
license = if enableWideVine then licenses.unfree else licenses.bsd3;
|
||||
platforms = platforms.linux;
|
||||
mainProgram = "chromium";
|
||||
|
|
|
|||
|
|
@ -149,9 +149,11 @@ in stdenv.mkDerivation {
|
|||
+ "chromium${suffix}-${version}";
|
||||
inherit version;
|
||||
|
||||
buildInputs = [
|
||||
nativeBuildInputs = [
|
||||
makeWrapper ed
|
||||
];
|
||||
|
||||
buildInputs = [
|
||||
# needed for GSETTINGS_SCHEMAS_PATH
|
||||
gsettings-desktop-schemas glib gtk3
|
||||
|
||||
|
|
|
|||
|
|
@ -19,14 +19,14 @@ for entry in feed.entries:
|
|||
continue
|
||||
url = requests.get(entry.link).url.split('?')[0]
|
||||
content = entry.content[0].value
|
||||
content = html_tags.sub('', content) # Remove any HTML tags
|
||||
if re.search(r'Linux', content) is None:
|
||||
continue
|
||||
#print(url) # For debugging purposes
|
||||
version = re.search(r'\d+(\.\d+){3}', content).group(0)
|
||||
print('chromium: TODO -> ' + version)
|
||||
print('\n' + url)
|
||||
if fixes := re.search(r'This update includes .+ security fixes\.', content):
|
||||
fixes = html_tags.sub('', fixes.group(0))
|
||||
if fixes := re.search(r'This update includes .+ security fixes\.', content).group(0):
|
||||
zero_days = re.search(r'Google is aware( of reports)? that .+ in the wild\.', content)
|
||||
if zero_days:
|
||||
fixes += " " + zero_days.group(0)
|
||||
|
|
|
|||
|
|
@ -18,9 +18,9 @@
|
|||
}
|
||||
},
|
||||
"beta": {
|
||||
"version": "92.0.4515.40",
|
||||
"sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p",
|
||||
"sha256bin64": "0i3plysx51n2gsm5vbf9666rz73pqbbns7v09wznbbncvw9zngrf",
|
||||
"version": "92.0.4515.107",
|
||||
"sha256": "04khamgxwzgbm2rn7is53j5g55vm5qfyz7zwxqc51sd429jsqlbf",
|
||||
"sha256bin64": "179i18lckd85i6cc60mqpvv2jqdshc338m686yackdgz9qjrrlwd",
|
||||
"deps": {
|
||||
"gn": {
|
||||
"version": "2021-05-07",
|
||||
|
|
@ -31,15 +31,15 @@
|
|||
}
|
||||
},
|
||||
"dev": {
|
||||
"version": "93.0.4535.3",
|
||||
"sha256": "19iy4p59n0pg9s39g614y4yxh5f6h86bcp471qdnm6fvzmzcxd18",
|
||||
"sha256bin64": "16q9s8l20bmr2n0y3pi505l5hbhbmpi8kh47aylj5gzk1nr30a8r",
|
||||
"version": "93.0.4577.8",
|
||||
"sha256": "1x6i5bmcnj8bkpcb9gcyd1m9nzpq206yyprxrnpak117k7abr2b1",
|
||||
"sha256bin64": "0qjfb9jxr2gmwb1dsvl6yzz06vsjny2l3icrsdcm0pl6r6davk2w",
|
||||
"deps": {
|
||||
"gn": {
|
||||
"version": "2021-05-07",
|
||||
"version": "2021-07-08",
|
||||
"url": "https://gn.googlesource.com/gn",
|
||||
"rev": "39a87c0b36310bdf06b692c098f199a0d97fc810",
|
||||
"sha256": "0x63jr5hssm9dl6la4q5ahy669k4gxvbapqxi5w32vv107jrj8v4"
|
||||
"rev": "24e2f7df92641de0351a96096fb2c490b2436bb8",
|
||||
"sha256": "1lwkyhfhw0zd7daqz466n7x5cddf0danr799h4jg3s0yvd4galjl"
|
||||
}
|
||||
}
|
||||
},
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
, systemd
|
||||
|
||||
# Loaded at runtime.
|
||||
, libexif
|
||||
, libexif, pciutils
|
||||
|
||||
# Additional dependencies according to other distros.
|
||||
## Ubuntu
|
||||
|
|
@ -62,7 +62,7 @@ let
|
|||
alsaLib libXdamage libXtst libXrandr libxshmfence expat cups
|
||||
dbus gdk-pixbuf gcc-unwrapped.lib
|
||||
systemd
|
||||
libexif
|
||||
libexif pciutils
|
||||
liberation_ttf curl util-linux xdg-utils wget
|
||||
flac harfbuzz icu libpng opusWithCustomModes snappy speechd
|
||||
bzip2 libcap at-spi2-atk at-spi2-core
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@
|
|||
, pkg-config, cmake, ninja, python3, wrapGAppsHook, wrapQtAppsHook, removeReferencesTo
|
||||
, qtbase, qtimageformats, gtk3, libsForQt5, enchant2, lz4, xxHash
|
||||
, dee, ffmpeg, openalSoft, minizip, libopus, alsaLib, libpulseaudio, range-v3
|
||||
, tl-expected, hunspell, glibmm, webkitgtk, libtgvoip
|
||||
, tl-expected, hunspell, glibmm, webkitgtk
|
||||
# Transitive dependencies:
|
||||
, pcre, xorg, util-linux, libselinux, libsepol, epoxy
|
||||
, at-spi2-core, libXtst, libthai, libdatrie
|
||||
|
|
@ -47,6 +47,13 @@ in mkDerivation rec {
|
|||
--replace '"libenchant-2.so.2"' '"${enchant2}/lib/libenchant-2.so.2"'
|
||||
substituteInPlace Telegram/CMakeLists.txt \
|
||||
--replace '"''${TDESKTOP_LAUNCHER_BASENAME}.appdata.xml"' '"''${TDESKTOP_LAUNCHER_BASENAME}.metainfo.xml"'
|
||||
|
||||
substituteInPlace Telegram/ThirdParty/libtgvoip/os/linux/AudioInputALSA.cpp \
|
||||
--replace '"libasound.so.2"' '"${alsaLib}/lib/libasound.so.2"'
|
||||
substituteInPlace Telegram/ThirdParty/libtgvoip/os/linux/AudioOutputALSA.cpp \
|
||||
--replace '"libasound.so.2"' '"${alsaLib}/lib/libasound.so.2"'
|
||||
substituteInPlace Telegram/ThirdParty/libtgvoip/os/linux/AudioPulse.cpp \
|
||||
--replace '"libpulse.so.0"' '"${libpulseaudio}/lib/libpulse.so.0"'
|
||||
'';
|
||||
|
||||
# We want to run wrapProgram manually (with additional parameters)
|
||||
|
|
@ -59,7 +66,7 @@ in mkDerivation rec {
|
|||
qtbase qtimageformats gtk3 libsForQt5.kwayland libsForQt5.libdbusmenu enchant2 lz4 xxHash
|
||||
dee ffmpeg openalSoft minizip libopus alsaLib libpulseaudio range-v3
|
||||
tl-expected hunspell glibmm webkitgtk
|
||||
tg_owt libtgvoip
|
||||
tg_owt
|
||||
# Transitive dependencies:
|
||||
pcre xorg.libpthreadstubs xorg.libXdmcp util-linux libselinux libsepol epoxy
|
||||
at-spi2-core libXtst libthai libdatrie libsysprof-capture libpsl brotli
|
||||
|
|
@ -70,8 +77,9 @@ in mkDerivation rec {
|
|||
# We're allowed to used the API ID of the Snap package:
|
||||
"-DTDESKTOP_API_ID=611335"
|
||||
"-DTDESKTOP_API_HASH=d524b414d21f4d37f08684c1df41ac9c"
|
||||
#"-DDESKTOP_APP_SPECIAL_TARGET=\"\"" # TODO: Error when set to "": Bad special target '""'
|
||||
"-DTDESKTOP_LAUNCHER_BASENAME=telegramdesktop" # Note: This is the default
|
||||
# See: https://github.com/NixOS/nixpkgs/pull/130827#issuecomment-885212649
|
||||
"-DDESKTOP_APP_USE_PACKAGED_FONTS=OFF"
|
||||
];
|
||||
|
||||
# Note: The following packages could be packaged system-wide, but it's
|
||||
|
|
@ -115,7 +123,7 @@ in mkDerivation rec {
|
|||
license = licenses.gpl3;
|
||||
platforms = platforms.linux;
|
||||
homepage = "https://desktop.telegram.org/";
|
||||
changelog = "https://github.com/telegramdesktop/tdesktop/releases/tag/v{version}";
|
||||
maintainers = with maintainers; [ primeos abbradar ];
|
||||
changelog = "https://github.com/telegramdesktop/tdesktop/releases/tag/v${version}";
|
||||
maintainers = with maintainers; [ primeos abbradar oxalica ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,11 +29,11 @@
|
|||
assert pulseaudioSupport -> libpulseaudio != null;
|
||||
|
||||
let
|
||||
version = "5.6.16888.0424";
|
||||
version = "5.7.28852.0718";
|
||||
srcs = {
|
||||
x86_64-linux = fetchurl {
|
||||
url = "https://zoom.us/client/${version}/zoom_x86_64.pkg.tar.xz";
|
||||
sha256 = "H/G9cSVmxYM0AVfrdpXzm7ohssDbKq2xdvIBc4d+elc=";
|
||||
sha256 = "NoB9qxsuGsiwsZ3Y+F3WZpszujPBX/nehtFFI+KPV5E=";
|
||||
};
|
||||
};
|
||||
|
||||
|
|
|
|||
|
|
@ -1,27 +1,18 @@
|
|||
{ mkDerivation, lib, fetchFromGitHub, fetchpatch, pkg-config, cmake, qtbase, qttools
|
||||
{ mkDerivation, lib, fetchFromGitHub, pkg-config, cmake, qtbase, qttools
|
||||
, seafile-shared, jansson, libsearpc
|
||||
, withShibboleth ? true, qtwebengine }:
|
||||
|
||||
mkDerivation rec {
|
||||
pname = "seafile-client";
|
||||
version = "8.0.1";
|
||||
version = "8.0.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "haiwen";
|
||||
repo = "seafile-client";
|
||||
rev = "b4b944921c7efef13a93d693c45c997943899dec";
|
||||
sha256 = "2vV+6ZXjVg81JVLfWeD0UK+RdmpBxBU2Ozx790WFSyw=";
|
||||
rev = "v${version}";
|
||||
sha256 = "cG3OSqRhYnxlzfauQia6pM/1gu+iE5mtHTGk3kGMFH0=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
# Fix compilation failure with "error: template with C linkage", fixes #122505
|
||||
(fetchpatch {
|
||||
url = "https://aur.archlinux.org/cgit/aur.git/plain/fix_build_with_glib2.diff?h=seafile-client&id=7be253aaa2bdb6771721f45aa08bc875c8001c5a";
|
||||
name = "fix_build_with_glib2.diff";
|
||||
sha256 = "0hl7rcqfr8k62c1pr133bp3j63b905izaaggmgvr1af4jibal05v";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ pkg-config cmake ];
|
||||
buildInputs = [ qtbase qttools seafile-shared jansson libsearpc ]
|
||||
++ lib.optional withShibboleth qtwebengine;
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ rec {
|
|||
, containerdRev, containerdSha256
|
||||
, tiniRev, tiniSha256, buildxSupport ? false
|
||||
# package dependencies
|
||||
, stdenv, fetchFromGitHub, fetchpatch, buildGoPackage
|
||||
, stdenv, fetchFromGitHub, buildGoPackage
|
||||
, makeWrapper, installShellFiles, pkg-config
|
||||
, go-md2man, go, containerd, runc, docker-proxy, tini, libtool
|
||||
, sqlite, iproute2, lvm2, systemd, docker-buildx
|
||||
|
|
@ -124,7 +124,7 @@ rec {
|
|||
}) // rec {
|
||||
inherit version rev;
|
||||
|
||||
name = "docker-${version}";
|
||||
pname = "docker";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "docker";
|
||||
|
|
@ -163,8 +163,6 @@ rec {
|
|||
postPatch = ''
|
||||
patchShebangs .
|
||||
substituteInPlace ./scripts/build/.variables --replace "set -eu" ""
|
||||
substituteInPlace ./scripts/docs/generate-man.sh --replace "-v md2man" "-v go-md2man"
|
||||
substituteInPlace ./man/md2man-all.sh --replace md2man go-md2man
|
||||
'' + optionalString buildxSupport ''
|
||||
substituteInPlace ./cli-plugins/manager/manager_unix.go --replace /usr/libexec/docker/cli-plugins \
|
||||
${lib.strings.makeSearchPathOutput "bin" "libexec/docker/cli-plugins" [docker-buildx]}
|
||||
|
|
@ -222,19 +220,19 @@ rec {
|
|||
# Get revisions from
|
||||
# https://github.com/moby/moby/tree/${version}/hack/dockerfile/install/*
|
||||
docker_20_10 = callPackage dockerGen rec {
|
||||
version = "20.10.2";
|
||||
version = "20.10.6";
|
||||
rev = "v${version}";
|
||||
sha256 = "0z0hpm5hrqh7p8my8lmiwpym2shs48my6p0zv2cc34wym0hcly51";
|
||||
sha256 = "15kknb26vyzjgqmn8r81a1sy1i5br6bvngqd5xljihppnxvp2gvl";
|
||||
moby-src = fetchFromGitHub {
|
||||
owner = "moby";
|
||||
repo = "moby";
|
||||
rev = "v${version}";
|
||||
sha256 = "0c2zycpnwj4kh8m8xckv1raj3fx07q9bfaj46rr85jihm4p2dp5w";
|
||||
sha256 = "1l4ra9bsvydaxd2fy7dgxp7ynpp0mrlwvcdhxiafw596559ab6qk";
|
||||
};
|
||||
runcRev = "ff819c7e9184c13b7c2607fe6c30ae19403a7aff"; # v1.0.0-rc92
|
||||
runcSha256 = "0r4zbxbs03xr639r7848282j1ybhibfdhnxyap9p76j5w8ixms94";
|
||||
containerdRev = "269548fa27e0089a8b8278fc4fc781d7f65a939b"; # v1.4.3
|
||||
containerdSha256 = "09xvhjg5f8h90w1y94kqqnqzhbhd62dcdd9wb9sdqakisjk6zrl0";
|
||||
runcRev = "b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7"; # v1.0.0-rc95
|
||||
runcSha256 = "18sbvmlvb6kird4w3rqsfrjdj7n25firabvdxsl0rxjfy9r1g2xb";
|
||||
containerdRev = "12dca9790f4cb6b18a6a7a027ce420145cb98ee7"; # v1.5.1
|
||||
containerdSha256 = "16q34yiv5q98b9d5vgy1lmmppg8agrmnfd1kzpakkf4czkws0p4d";
|
||||
tiniRev = "de40ad007797e0dcd8b7126f27bb87401d224240"; # v0.19.0
|
||||
tiniSha256 = "1h20i3wwlbd8x4jr2gz68hgklh0lb0jj7y5xk1wvr8y58fip1rdn";
|
||||
};
|
||||
|
|
|
|||
|
|
@ -1,17 +1,17 @@
|
|||
{ fetchurl, lib, stdenv }:
|
||||
|
||||
let
|
||||
version = "0.24.3";
|
||||
version = "0.24.4";
|
||||
|
||||
suffix = {
|
||||
x86_64-linux = "x86_64";
|
||||
x86_64-linux = "x86_64";
|
||||
aarch64-linux = "aarch64";
|
||||
}."${stdenv.hostPlatform.system}" or (throw "Unsupported system: ${stdenv.hostPlatform.system}");
|
||||
|
||||
baseurl = "https://github.com/firecracker-microvm/firecracker/releases/download";
|
||||
|
||||
dlbin = sha256: fetchurl {
|
||||
url = "${baseurl}/v${version}/firecracker-v${version}-${suffix}.tgz";
|
||||
url = "${baseurl}/v${version}/firecracker-v${version}-${suffix}.tgz";
|
||||
sha256 = sha256."${stdenv.hostPlatform.system}";
|
||||
};
|
||||
|
||||
|
|
@ -22,15 +22,15 @@ stdenv.mkDerivation {
|
|||
|
||||
sourceRoot = ".";
|
||||
src = dlbin {
|
||||
x86_64-linux = "sha256-i6NMVFoLm4hQJH7RnhfC0t+0DJCINoP5b/iCv9JyRdk=";
|
||||
aarch64-linux = "0m7xs12g97z1ipzaf7dgknf3azlah0p6bdr9i454azvzg955238b";
|
||||
x86_64-linux = "sha256-EKndfLdkxn+S+2ElAyQ+mKEo5XN6kqZLuLCsQf+fKuk=";
|
||||
aarch64-linux = "0zzr8x776aya6f6pw0dc0a6jxgbqv3f37p1vd8mmlsdv66c4kmfb";
|
||||
};
|
||||
|
||||
configurePhase = ":";
|
||||
|
||||
buildPhase = ''
|
||||
mv firecracker-* firecracker
|
||||
mv jailer-* jailer
|
||||
buildPhase = ''
|
||||
mv release-v${version}/firecracker-v${version}-${suffix} firecracker
|
||||
mv release-v${version}/jailer-v${version}-${suffix} jailer
|
||||
chmod +x firecracker jailer
|
||||
'';
|
||||
|
||||
|
|
@ -48,9 +48,9 @@ stdenv.mkDerivation {
|
|||
|
||||
meta = with lib; {
|
||||
description = "Secure, fast, minimal micro-container virtualization";
|
||||
homepage = "http://firecracker-microvm.io";
|
||||
license = licenses.asl20;
|
||||
platforms = [ "x86_64-linux" "aarch64-linux" ];
|
||||
maintainers = with maintainers; [ thoughtpolice ];
|
||||
homepage = "http://firecracker-microvm.io";
|
||||
license = licenses.asl20;
|
||||
platforms = [ "x86_64-linux" "aarch64-linux" ];
|
||||
maintainers = with maintainers; [ thoughtpolice endocrimes ];
|
||||
};
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,11 +53,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gnome-boxes";
|
||||
version = "40.1";
|
||||
version = "40.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "seKPLH+3a/T7uGLQ1S6BG5TL6f8W8GdAiWRWhpCILvg=";
|
||||
sha256 = "hzN1mi2GpWNnWWpTSQRjO4HKqlxFpWNtsulZDHFK6Nk=";
|
||||
};
|
||||
|
||||
doCheck = true;
|
||||
|
|
|
|||
|
|
@ -24,11 +24,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gnome-calendar";
|
||||
version = "40.1";
|
||||
version = "40.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "2M30n57uHDo8aZHDL4VjxKfE2w23ymPOUcyRjkM7M6U=";
|
||||
sha256 = "njcB/UoOWJgA0iUgN3BkTzHVI0ZV9UqDqF/wVW3X6jM=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
|
|||
|
|
@ -37,11 +37,11 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "epiphany";
|
||||
version = "40.1";
|
||||
version = "40.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/${pname}/${lib.versions.major version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "1l0sb1xg16g4wg3z99xb0w2kbyczbn7q4mphs3w4lxq22xml4sk9";
|
||||
sha256 = "dRGeIgZWV89w7ytgPU9zg1VzvQNPHmGMD2YkeP1saDU=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
|||
|
|
@ -6,13 +6,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "evolution-data-server";
|
||||
version = "3.40.1";
|
||||
version = "3.40.2";
|
||||
|
||||
outputs = [ "out" "dev" ];
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/evolution-data-server/${lib.versions.majorMinor version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "08iykha7zhk21b3axsp3v1jfwda612v0m8rz8zlzppm5i8s5ziza";
|
||||
sha256 = "7IKVFjnzKlzs6AqLC5qj9mt9MY4+4sHDUjTy4r3opBg=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
|
|||
|
|
@ -43,11 +43,11 @@ in
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "gnome-software";
|
||||
version = "40.1";
|
||||
version = "40.2";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnome/sources/gnome-software/${lib.versions.major version}/${pname}-${version}.tar.xz";
|
||||
sha256 = "16q2902swxsjdxb1nj335sv1bb76rvq4w6dn4yszkwf3s0fd86in";
|
||||
sha256 = "y9HdKguvw/U93kIAPEpKA3RsuNZNxdJ+uNvmc27nJ5Y=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
|
|
|
|||
|
|
@ -1,5 +1,6 @@
|
|||
{ lib, stdenv
|
||||
, fetchurl
|
||||
, fetchpatch
|
||||
, meson
|
||||
, ninja
|
||||
, pkg-config
|
||||
|
|
@ -28,6 +29,14 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "sha256-96AwfqUfXkTRuDL0k92QRURKOk4hHvhd/Zql3W6up9E=";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2021-33516.patch";
|
||||
url = "https://gitlab.gnome.org/GNOME/gupnp/-/commit/ca6ec9dcb26fd7a2a630eb6a68118659b589afac.patch";
|
||||
sha256 = "sha256-G7e/xNQB7Kp2fPzqVeD/cH3h1co9hZXh55QOUBnAnvU=";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [
|
||||
meson
|
||||
ninja
|
||||
|
|
|
|||
|
|
@ -13,13 +13,13 @@
|
|||
|
||||
stdenv.mkDerivation rec {
|
||||
pname = "seafile-shared";
|
||||
version = "8.0.1";
|
||||
version = "8.0.3";
|
||||
|
||||
src = fetchFromGitHub {
|
||||
owner = "haiwen";
|
||||
repo = "seafile";
|
||||
rev = "d34499a2aafa024623a4210fe7f663cef13fe9a6";
|
||||
sha256 = "VKoGr3CTDFg3Q0X+MTlwa4BbfLB+28FeTyTJRCq37RA=";
|
||||
rev = "v${version}";
|
||||
sha256 = "QflLh3fj+jOq/8etr9aG8LGrvtIlB/htVkWbdO+GIbM=";
|
||||
};
|
||||
|
||||
nativeBuildInputs = [
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
{ lib, stdenv, fetchurl }:
|
||||
{ lib, stdenv, gettext, fetchurl, fetchpatch }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "lrzsz-0.12.20";
|
||||
|
|
@ -8,6 +8,16 @@ stdenv.mkDerivation rec {
|
|||
sha256 = "1wcgfa9fsigf1gri74gq0pa7pyajk12m4z69x7ci9c6x9fqkd2y2";
|
||||
};
|
||||
|
||||
patches = [
|
||||
(fetchpatch {
|
||||
name = "CVE-2018-10195.patch";
|
||||
url = "https://bugzilla.redhat.com/attachment.cgi?id=79507";
|
||||
sha256 = "0jlh8w0cjaz6k56f0h3a0h4wgc51axmrdn3mdspk7apjfzqcvx3c";
|
||||
})
|
||||
];
|
||||
|
||||
nativeBuildInputs = [ gettext ];
|
||||
|
||||
hardeningDisable = [ "format" ];
|
||||
|
||||
configureFlags = [ "--program-transform-name=s/^l//" ];
|
||||
|
|
|
|||
Loading…
Reference in New Issue