From 1d3122f3fc46fa0ed7a4754e5937c4cc00a05a1f Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 6 Jun 2021 16:08:22 +0200 Subject: [PATCH 001/202] maintainers/teams: remove pacien from the matrix team I prefer to focus only on the individual packages which I know. (cherry picked from commit b24cc395ccf892827585d32246b4902bd9379113) --- maintainers/team-list.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/maintainers/team-list.nix b/maintainers/team-list.nix index 1d8a920efcb..a0bbc4d4383 100644 --- a/maintainers/team-list.nix +++ b/maintainers/team-list.nix @@ -145,7 +145,6 @@ with lib.maintainers; { matrix = { members = [ ma27 - pacien fadenb mguentner ekleog From 1b06bcfeea9d16097f112fc4fd01fbaefa2a8967 Mon Sep 17 00:00:00 2001 From: pacien Date: Sun, 6 Jun 2021 16:09:19 +0200 Subject: [PATCH 002/202] matrix-appservice-discord: increase test timeout Hydra and my local machine are sometimes hitting the default timeout. See https://hydra.nixos.org/build/138032455/nixlog/8/tail (cherry picked from commit 92f62de6f1ee9c9e31a8432ad222e79deef2ad87) --- pkgs/servers/matrix-appservice-discord/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/matrix-appservice-discord/default.nix b/pkgs/servers/matrix-appservice-discord/default.nix index 4a41f019e17..7b7a67821f9 100644 --- a/pkgs/servers/matrix-appservice-discord/default.nix +++ b/pkgs/servers/matrix-appservice-discord/default.nix @@ -43,7 +43,8 @@ in mkYarnPackage rec { doCheck = true; checkPhase = '' - yarn --offline test + # the default 2000ms timeout is sometimes too short on our busy builders + yarn --offline test --timeout 10000 ''; postInstall = '' From 440f0ac4666724ebd6ba53228639cbaf0f0594f5 Mon Sep 17 00:00:00 2001 From: "Nicolas B. Pierron" Date: Fri, 4 Jun 2021 14:47:23 +0200 Subject: [PATCH 003/202] firefox-bin: Avoid including both the wrapped and unwrapped version when using nix run command. In order to make the man pages accessible, the previous code used nix-support/propagated-user-env-packages. However this file is also used to set the PATH when the application is executed with `nix run`, thus including the wrapped and the wrappee in the environment. Having the wrappee enumerated first in the environment caused `firefox` to default to the wrappee, and as such not being able to find a proper GTK. This was a source of failures while opening a file-picker. This change removes the code to propagate the wrappe in the environment, as the man pages are already linked in the wrapper output. (cherry picked from commit efef092ba59259fb2654038bbd952baca5c8bab7) --- pkgs/applications/networking/browsers/firefox/wrapper.nix | 4 ---- 1 file changed, 4 deletions(-) diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix index 793e8688a5f..13becfc4f62 100644 --- a/pkgs/applications/networking/browsers/firefox/wrapper.nix +++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix @@ -303,10 +303,6 @@ let ln -sLt $out/lib/mozilla/pkcs11-modules $ext/lib/mozilla/pkcs11-modules/* done - # For manpages, in case the program supplies them - mkdir -p $out/nix-support - echo ${browser} > $out/nix-support/propagated-user-env-packages - ######################### # # From 1e9c68521cb4206bc9334e3635bf707b8c6775ef Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Thu, 3 Jun 2021 08:29:19 +0200 Subject: [PATCH 004/202] linux: 5.10.40 -> 5.10.41 (cherry picked from commit 78aaa23acecfbfd977d22bf3a7050c9a27c815fa) --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index ae8f5095307..7b4636f332d 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.40"; + version = "5.10.41"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "091g9g29m4vh66bxihiylyprb3cxr8cy4m494klb2lkirlx8103l"; + sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ]; From 68f2116f109058780d5b8604bf2b6497b1519100 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Thu, 3 Jun 2021 08:29:24 +0200 Subject: [PATCH 005/202] linux: 5.12.7 -> 5.12.8 (cherry picked from commit 85b9e08436dd3cb37707fffd93b0d2dea30b99d1) --- pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix index 80a25ad2396..3c61889bc68 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.12.7"; + version = "5.12.8"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0ircrclggrbmm80vz7irhg73qvhjddsmf7zclw5cqnnmm3qfj8jk"; + sha256 = "134g8d5zvbzdqxy7z6a527dqcmiq4ixf7s05rnnsc4qcajpbcimd"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ]; From e28f728bdf85b6a1a6e09a2b15b5dcd7a29be83a Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Thu, 3 Jun 2021 08:29:30 +0200 Subject: [PATCH 006/202] linux: 5.4.122 -> 5.4.123 (cherry picked from commit fd37913b5699c23ef59dd0bb3a38ab92d8ed82de) --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index a245ee7c44e..85d24132b7e 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.122"; + version = "5.4.123"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "00g6s3ymriwddshy5sd458b1wfvw2ynxv6dr63ziykwfq50jlr9p"; + sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ]; From 11bdcb66bd652dba6937a0d4027180e110c619d5 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:11 +0200 Subject: [PATCH 007/202] linux: 4.14.234 -> 4.14.235 (cherry picked from commit 14c5ae2a443f4296fd37bc556b7cf7aba2ac8033) --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 58804158761..7c986259dff 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.234"; + version = "4.14.235"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1mwqb9sq6qd9angl3xysdsrfpgppf46g3kiwg1svqgpgrx7cqn1b"; + sha256 = "03k793hj294zf7jncs1h8zh5dh6xagkfvnydd9jadxvq2z8vvl8f"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_14 ]; From e9d5f300eb188cb8f72337c72c71317faf4560f8 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:24 +0200 Subject: [PATCH 008/202] linux: 4.19.192 -> 4.19.193 (cherry picked from commit df489760a1f346e71e6d61c93f80da029128d292) --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index 23d651e21da..3a31ad473cf 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.192"; + version = "4.19.193"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1680dz4wjg721a8lqwh6ijd90zcr2f3wzcvhwgn3shbwgjkwsk87"; + sha256 = "17ci49ak5iw01kfkn3fcgncg9hm4j188417bxi3bnsq9il5ymhl4"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_19 ]; From 11c473038befc866b8d3b0636cfef76a8d90f415 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:29 +0200 Subject: [PATCH 009/202] linux: 4.4.270 -> 4.4.271 (cherry picked from commit eab8c884b84d6e89177430306a2ce8e2319a148d) --- pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 8320c2fb9ce..9bc01eeff49 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.270"; + version = "4.4.271"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1lz48gv1v3wvw9xvd3y9q4py7ii1g9fj4dwyvvjdzbipyw7s21pq"; + sha256 = "0n5h2lv1p542a45pas3pi0vkhgrk096vwrps79a7v3a6c1q2dxx6"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_4 ]; From b21519e899125b404a3e4e4ee134019c1258097b Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:33 +0200 Subject: [PATCH 010/202] linux: 4.9.270 -> 4.9.271 (cherry picked from commit 3739547f71399e6b689682f64376ea47055563e4) --- pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 7dda6f5356d..4be4b6fb222 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.270"; + version = "4.9.271"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0ck5abzpla291gcxrxjindj5szgcvmb2fwfilvdnzc6pnqk00ay3"; + sha256 = "1480miixphkf0b8w00m753ar7yp1rnl3zyr9wp4inngi2f90553r"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_9 ]; From 48c065427c25e604c228fd593ecf03707d8b3dea Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:39 +0200 Subject: [PATCH 011/202] linux: 5.10.41 -> 5.10.42 (cherry picked from commit 3d8eaa87efac4063cd1474e0f17078d0f16b2863) --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 7b4636f332d..ec7b16f9f3f 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.41"; + version = "5.10.42"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n"; + sha256 = "1r86v6q7ml7zv001f25w3h667nqqy39439s94vnqsyyn7g3jg84b"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ]; From 7a527b80a4445e8b1421649c1f02a87cc69001cd Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:45 +0200 Subject: [PATCH 012/202] linux: 5.12.8 -> 5.12.9 (cherry picked from commit 638dd47cd4adf14e8bdf7045acee10c1642528e9) --- pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix index 3c61889bc68..85a69f0c5ad 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.12.8"; + version = "5.12.9"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "134g8d5zvbzdqxy7z6a527dqcmiq4ixf7s05rnnsc4qcajpbcimd"; + sha256 = "0vg71h8r90fl01a8khyf1776y76rgqisxafky89cswa2fpsvxyn7"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ]; From 6a0f53fd68a92d2c0ca5c5015019990b2a028e13 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:10:50 +0200 Subject: [PATCH 013/202] linux: 5.4.123 -> 5.4.124 (cherry picked from commit 32d11bc730a489d79825dc6e6c3d0de1f310ebdd) --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 85d24132b7e..4cf7c2bfafd 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.123"; + version = "5.4.124"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf"; + sha256 = "10kxa1ng9w9xd2d5xh48fbhp1kri650p90nihrcpnb845gd9vwpp"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ]; From 6a671c3d4a8389d7b5c3da98bd5d4b42833ec4af Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:11:04 +0200 Subject: [PATCH 014/202] linux-rt_5_10: 5.10.35-rt39 -> 5.10.41-rt42 (cherry picked from commit b42424bdd0946c167becd3ffa2d169d5e08877ed) --- pkgs/os-specific/linux/kernel/linux-rt-5.10.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix index 90c0c4e2930..5567022edcc 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.10.35-rt39"; # updated by ./update-rt.sh + version = "5.10.41-rt42"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -18,14 +18,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1zcqsjzqgcvlhkjwhzs6sxgbhzkfg898pbisivjqfymp8nfs2dxc"; + sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "03gq9y111k4js4cc87yc9y7hyg1wxwbc1bjyjdvb4nrx2wqka79y"; + sha256 = "1z8jgsq5fkg486xxawg4c4wk1l9xra7x1cfqaf4grhw0csbbx883"; }; }; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches; From 4a79e6ce2b2da2bf3603e3f84baacbff347d4562 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:11:27 +0200 Subject: [PATCH 015/202] linux-rt_5_4: 5.4.115-rt57 -> 5.4.123-rt59 (cherry picked from commit 759559f3d3f57aeb76a38d8d47e481fe68767d81) --- pkgs/os-specific/linux/kernel/linux-rt-5.4.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix index 34efc8e21ee..8592ad4c3b3 100644 --- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix @@ -6,7 +6,7 @@ , ... } @ args: let - version = "5.4.115-rt57"; # updated by ./update-rt.sh + version = "5.4.123-rt59"; # updated by ./update-rt.sh branch = lib.versions.majorMinor version; kversion = builtins.elemAt (lib.splitString "-" version) 0; in buildLinux (args // { @@ -14,14 +14,14 @@ in buildLinux (args // { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz"; - sha256 = "1llxk04vlpi7a4ca2f5vlcxfn68n8yhmsar3hsl259i7hms28isv"; + sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf"; }; kernelPatches = let rt-patch = { name = "rt"; patch = fetchurl { url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz"; - sha256 = "1xh7xi27q58njhfayi2lnk4id7hnlklkgh2zx012gxv4ari76g0k"; + sha256 = "1m1mnmk7h35p7dv6mg3pla6pw3b645hbbccjmp1jc3fyn6qiy6fq"; }; }; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches; From 8d8739976a9abdd2b7b11a40c689f501064842c9 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:11:46 +0200 Subject: [PATCH 016/202] linux_latest-libre: 18096 -> 18115 (cherry picked from commit b599c482957ff3991ee45474f02c3b617df87ece) --- pkgs/os-specific/linux/kernel/linux-libre.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index 6d1c7339720..2001b350ecc 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "18096"; - sha256 = "08m7afj0h9bcgg8rx8ksp85hmaqjl4k4p4q4zy6x51788xn4mycg"; + rev = "18115"; + sha256 = "00wsxlhz7lc4qk7jcgshb05hvv3mm4m8r3zalc9wvp4r1r6xbbjp"; } , ... }: From 7da6c0c3c93cd4df0c835918dabff4220b34a450 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:11:58 +0200 Subject: [PATCH 017/202] linux/hardened/patches/4.14: 4.14.234-hardened1 -> 4.14.235-hardened1 (cherry picked from commit adb9d3b15240bc8272cfb023beee9e035df4027b) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 6cf635da18b..3763dba1559 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,9 +1,9 @@ { "4.14": { "extra": "-hardened1", - "name": "linux-hardened-4.14.234-hardened1.patch", - "sha256": "1vdr3j62whc2xdy1l4imkp6axpwh7r3cjp0sgsld7l5331x19qh7", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.234-hardened1/linux-hardened-4.14.234-hardened1.patch" + "name": "linux-hardened-4.14.235-hardened1.patch", + "sha256": "0m49pg27pnp6kwkbawg0fw3lzm5nchqjhqkfgprckwgb9v5bgbcc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.235-hardened1/linux-hardened-4.14.235-hardened1.patch" }, "4.19": { "extra": "-hardened1", From 6bec4b45c627316ca03ab6740d4316e9eca76425 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:12:00 +0200 Subject: [PATCH 018/202] linux/hardened/patches/4.19: 4.19.192-hardened1 -> 4.19.193-hardened1 (cherry picked from commit ac9d2af41f3ca372d50719225f7e029321312e46) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 3763dba1559..5f3e94213b7 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -7,9 +7,9 @@ }, "4.19": { "extra": "-hardened1", - "name": "linux-hardened-4.19.192-hardened1.patch", - "sha256": "0gy4h73ygiqr6c9zbmfz4as18ldcnnzgc4qd2nss08m2x1cb1n76", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.192-hardened1/linux-hardened-4.19.192-hardened1.patch" + "name": "linux-hardened-4.19.193-hardened1.patch", + "sha256": "0r2rxl08x2l1yimaqksrc79s36rnp77xm5in9cvp7ff24y9r9g0j", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.193-hardened1/linux-hardened-4.19.193-hardened1.patch" }, "5.10": { "extra": "-hardened1", From 961ffc28db82aad1c9ecc794a4cee4fcc869fcbe Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:12:01 +0200 Subject: [PATCH 019/202] linux/hardened/patches/5.10: 5.10.40-hardened1 -> 5.10.42-hardened1 (cherry picked from commit 9395f64db2e9e8b7c8bd72e0aa91490428b83969) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 5f3e94213b7..cd1c85c69bc 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -13,9 +13,9 @@ }, "5.10": { "extra": "-hardened1", - "name": "linux-hardened-5.10.40-hardened1.patch", - "sha256": "15nprqyw9whqghpnr39wpn54snxz49wdr4dq41dbmmqmrrlfyxnr", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.40-hardened1/linux-hardened-5.10.40-hardened1.patch" + "name": "linux-hardened-5.10.42-hardened1.patch", + "sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch" }, "5.11": { "extra": "-hardened1", From fd3156d46f1136d83a31646764b82664c421a4bb Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:12:03 +0200 Subject: [PATCH 020/202] linux/hardened/patches/5.12: 5.12.7-hardened1 -> 5.12.9-hardened1 (cherry picked from commit 405b66f9773fee406e1d05843e5b52d26daa4c59) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index cd1c85c69bc..271ca09d380 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -25,9 +25,9 @@ }, "5.12": { "extra": "-hardened1", - "name": "linux-hardened-5.12.7-hardened1.patch", - "sha256": "1r8bf8hrxpzyxqcy3zf1m86bfi0lr4aijbrq12sqb7n2g1wc1j87", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.7-hardened1/linux-hardened-5.12.7-hardened1.patch" + "name": "linux-hardened-5.12.9-hardened1.patch", + "sha256": "08ijifhl8sl858ik32ny47h7pq0r160sv55a07igkbhrh60arfqa", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.9-hardened1/linux-hardened-5.12.9-hardened1.patch" }, "5.4": { "extra": "-hardened1", From a01a6485435704fa38efc70d3546f12b9dbacd36 Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Mon, 7 Jun 2021 20:12:05 +0200 Subject: [PATCH 021/202] linux/hardened/patches/5.4: 5.4.122-hardened1 -> 5.4.124-hardened1 (cherry picked from commit 598dadab6ee7552d429db1e25a8379b4d5a518c5) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 271ca09d380..028bdbda3f2 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -31,8 +31,8 @@ }, "5.4": { "extra": "-hardened1", - "name": "linux-hardened-5.4.122-hardened1.patch", - "sha256": "1wa3h18gwgn4blkidf8mlw3r0nb2asya5rbwylghq3qnaa2hc0k7", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.122-hardened1/linux-hardened-5.4.122-hardened1.patch" + "name": "linux-hardened-5.4.124-hardened1.patch", + "sha256": "1bn7fa09kzgv6v9d3gl66l8wg6z23chjhk6g219cqb7mfd4m5ykl", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.124-hardened1/linux-hardened-5.4.124-hardened1.patch" } } From 48b5af66d9e89e9db4b427720f52fcd7beb76d3e Mon Sep 17 00:00:00 2001 From: Yurii Matsiuk Date: Tue, 8 Jun 2021 16:22:28 +0200 Subject: [PATCH 022/202] linux: remove 5.11 (cherry picked from commit 73f7db3ecd9f2ca744ed82d7bfc954601c591350) --- .../linux/kernel/hardened/patches.json | 6 ------ pkgs/os-specific/linux/kernel/linux-5.11.nix | 20 ------------------- pkgs/os-specific/linux/kernel/linux-lqx.nix | 8 ++++---- pkgs/os-specific/linux/kernel/linux-zen.nix | 8 ++++---- pkgs/top-level/all-packages.nix | 10 +--------- 5 files changed, 9 insertions(+), 43 deletions(-) delete mode 100644 pkgs/os-specific/linux/kernel/linux-5.11.nix diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 028bdbda3f2..bb668a6e904 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -17,12 +17,6 @@ "sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix", "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch" }, - "5.11": { - "extra": "-hardened1", - "name": "linux-hardened-5.11.22-hardened1.patch", - "sha256": "1lwf56pxyzqzjqw4k1qd93vi44abmbz6hqbalamz6ancxkb800hh", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.11.22-hardened1/linux-hardened-5.11.22-hardened1.patch" - }, "5.12": { "extra": "-hardened1", "name": "linux-hardened-5.12.9-hardened1.patch", diff --git a/pkgs/os-specific/linux/kernel/linux-5.11.nix b/pkgs/os-specific/linux/kernel/linux-5.11.nix deleted file mode 100644 index e6a8aef650b..00000000000 --- a/pkgs/os-specific/linux/kernel/linux-5.11.nix +++ /dev/null @@ -1,20 +0,0 @@ -{ lib, buildPackages, fetchurl, perl, buildLinux, nixosTests, modDirVersionArg ? null, ... } @ args: - -with lib; - -buildLinux (args // rec { - version = "5.11.22"; - - # modDirVersion needs to be x.y.z, will automatically add .0 if needed - modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; - - # branchVersion needs to be x.y - extraMeta.branch = versions.majorMinor version; - - src = fetchurl { - url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "003nlphkqish6l4xblhi369v4qv2zck7529prkdnx4gb2ihpq0hi"; - }; - - kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_11 ]; -} // (args.argsOverride or {})) diff --git a/pkgs/os-specific/linux/kernel/linux-lqx.nix b/pkgs/os-specific/linux/kernel/linux-lqx.nix index 4bc5cee4444..609dc494c69 100644 --- a/pkgs/os-specific/linux/kernel/linux-lqx.nix +++ b/pkgs/os-specific/linux/kernel/linux-lqx.nix @@ -1,7 +1,7 @@ { lib, fetchFromGitHub, buildLinux, linux_zen, ... } @ args: let - version = "5.11.21"; + version = "5.12.9"; suffix = "lqx1"; in @@ -14,13 +14,13 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${version}-${suffix}"; - sha256 = "1klvik8nrqsqi5ijnga1li4gacsknmap75g2zp8f3hd3hz18d5n1"; + sha256 = "sha256-qmX66nz+gVOt1RGsUT9fA3wPUT7I9Z4jhxpybP0I8Cw="; }; extraMeta = { - branch = "5.10/master"; + branch = "5.12/master"; maintainers = with lib.maintainers; [ atemu ]; description = linux_zen.meta.description + " (Same as linux_zen but less aggressive release schedule)"; }; -} // (args.argsOverride or {})) +} // (args.argsOverride or { })) diff --git a/pkgs/os-specific/linux/kernel/linux-zen.nix b/pkgs/os-specific/linux/kernel/linux-zen.nix index b28400819d5..47e72a61c18 100644 --- a/pkgs/os-specific/linux/kernel/linux-zen.nix +++ b/pkgs/os-specific/linux/kernel/linux-zen.nix @@ -1,7 +1,7 @@ { lib, fetchFromGitHub, buildLinux, ... } @ args: let - version = "5.11.16"; + version = "5.12.9"; suffix = "zen1"; in @@ -14,13 +14,13 @@ buildLinux (args // { owner = "zen-kernel"; repo = "zen-kernel"; rev = "v${version}-${suffix}"; - sha256 = "0jyicnpqccn194jrm1mc4zq0cil7ls9l57ws3nv783vlk7b0k3gv"; + sha256 = "sha256-Sbe7pY/htLRRx5Qs78BpEzNCSIEsnZMj1+bkAftZdbQ="; }; extraMeta = { - branch = "5.10/master"; + branch = "5.12/master"; maintainers = with lib.maintainers; [ atemu andresilva ]; description = "Built using the best configuration and kernel sources for desktop, multimedia, and gaming workloads."; }; -} // (args.argsOverride or {})) +} // (args.argsOverride or { })) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a161dee933f..2ce87c6e10c 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -20394,13 +20394,6 @@ in ]; }; - linux_5_11 = callPackage ../os-specific/linux/kernel/linux-5.11.nix { - kernelPatches = [ - kernelPatches.bridge_stp_helper - kernelPatches.request_key_helper - ]; - }; - linux_5_12 = callPackage ../os-specific/linux/kernel/linux-5.12.nix { kernelPatches = [ kernelPatches.bridge_stp_helper @@ -20712,7 +20705,6 @@ in linuxPackages_4_19 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_19); linuxPackages_5_4 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_4); linuxPackages_5_10 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_10); - linuxPackages_5_11 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_11); linuxPackages_5_12 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_12); # When adding to the list above: @@ -20746,7 +20738,7 @@ in # Hardened Linux hardenedLinuxPackagesFor = kernel': overrides: let # Note: We use this hack since the hardened patches can lag behind and we don't want to delay updates: - linux_latest_for_hardened = pkgs.linux_5_11; + linux_latest_for_hardened = pkgs.linux_5_12; kernel = (if kernel' == pkgs.linux_latest then linux_latest_for_hardened else kernel').override overrides; in linuxPackagesFor (kernel.override { structuredExtraConfig = import ../os-specific/linux/kernel/hardened/config.nix { From b3ec6fd9592a4285bf9e369c7f3bdacdd39220b3 Mon Sep 17 00:00:00 2001 From: Natan Lao Date: Tue, 8 Jun 2021 16:46:45 -0700 Subject: [PATCH 023/202] nixos/nvidia: fix hardware.nvidia.package example (cherry picked from commit 86a31cc9719ed409d523d4f738aa2a994d79ff9e) --- nixos/modules/hardware/video/nvidia.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix index 97accc7b99a..2be9da8f42a 100644 --- a/nixos/modules/hardware/video/nvidia.nix +++ b/nixos/modules/hardware/video/nvidia.nix @@ -92,7 +92,7 @@ in example = "PCI:4:0:0"; description = '' Bus ID of the AMD APU. You can find it using lspci; for example if lspci - shows the AMD APU at "04:00.0", set this option to "PCI:4:0:0". + shows the AMD APU at "04:00.0", set this option to "PCI:4:0:0". ''; }; @@ -159,7 +159,7 @@ in description = '' The NVIDIA X11 derivation to use. ''; - example = "config.boot.kernelPackages.nvidiaPackages.legacy340"; + example = "config.boot.kernelPackages.nvidiaPackages.legacy_340"; }; }; From 60cce7e5e1fdf62421ef6d4184ee399b46209366 Mon Sep 17 00:00:00 2001 From: Daniel Nagy Date: Tue, 8 Jun 2021 18:30:49 +0200 Subject: [PATCH 024/202] blender: add libharu as dependency This allows to export Grease Pencil drawings as pdfs. For more information, see: https://wiki.blender.org/wiki/Reference/Release_Notes/2.93/Grease_Pencil https://developer.blender.org/rBa8a92cd15a52 (cherry picked from commit d847851a3719ebc53c653250f808905d496aafc1) --- pkgs/applications/misc/blender/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/misc/blender/default.nix b/pkgs/applications/misc/blender/default.nix index cf5ede1c7fe..305ab891713 100644 --- a/pkgs/applications/misc/blender/default.nix +++ b/pkgs/applications/misc/blender/default.nix @@ -12,7 +12,7 @@ , pugixml, llvmPackages, SDL, Cocoa, CoreGraphics, ForceFeedback, OpenAL, OpenGL , potrace , openxr-loader -, embree, gmp +, embree, gmp, libharu }: with lib; @@ -48,6 +48,7 @@ stdenv.mkDerivation rec { gmp pugixml potrace + libharu ] ++ (if (!stdenv.isDarwin) then [ libXi libX11 libXext libXrender From 3993e891e481e69f78f879a0c44456adda92f78c Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Wed, 9 Jun 2021 11:39:53 +0200 Subject: [PATCH 025/202] nixos/tests/kernel-generic: fix evaluation The test doesn't evaluate since #125469 because Linux 5.11 got removed as it's EOL. As this fixes the evaluation of the test and it only removes a declaration that was apparently forgotten, I figured that a push to unbreak the test is fine. (cherry picked from commit 10eab5b6b3d1d38ffd3594fa6e4be13924dafd15) --- nixos/tests/kernel-generic.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix index a300609cf2b..cb23bb2fc2d 100644 --- a/nixos/tests/kernel-generic.nix +++ b/nixos/tests/kernel-generic.nix @@ -31,7 +31,6 @@ with pkgs; { linux_4_19 = makeKernelTest "4.19" linuxPackages_4_19; linux_5_4 = makeKernelTest "5.4" linuxPackages_5_4; linux_5_10 = makeKernelTest "5.10" linuxPackages_5_10; - linux_5_11 = makeKernelTest "5.11" linuxPackages_5_11; linux_5_12 = makeKernelTest "5.12" linuxPackages_5_12; linux_testing = makeKernelTest "testing" linuxPackages_testing; From 8d0c4b749dc38a47751a01749482fbfdd9ed83ac Mon Sep 17 00:00:00 2001 From: Thiago Kenji Okada Date: Mon, 7 Jun 2021 20:11:08 -0300 Subject: [PATCH 026/202] opentabletdriver: 0.5.3.1 -> 0.5.3.2 (cherry picked from commit 4211a977d4cd4a74652b8117ca6d45675824cc35) --- pkgs/tools/X11/opentabletdriver/default.nix | 6 ++-- pkgs/tools/X11/opentabletdriver/deps.nix | 37 ++++++++++++--------- 2 files changed, 24 insertions(+), 19 deletions(-) diff --git a/pkgs/tools/X11/opentabletdriver/default.nix b/pkgs/tools/X11/opentabletdriver/default.nix index 5128e4d30ca..2d1ce4a4e33 100644 --- a/pkgs/tools/X11/opentabletdriver/default.nix +++ b/pkgs/tools/X11/opentabletdriver/default.nix @@ -23,18 +23,18 @@ stdenv.mkDerivation rec { pname = "OpenTabletDriver"; - version = "0.5.3.1"; + version = "0.5.3.2"; src = fetchFromGitHub { owner = "InfinityGhost"; repo = "OpenTabletDriver"; rev = "v${version}"; - sha256 = "OT8/c+6wNpZyq/q7uMxIqmyJKNAq0B4ynEAqFF0GWyo="; + sha256 = "qRc/9Edp3x7/XVEWgBbPush76MSQz4biYSk+E9Gt68w="; }; debPkg = fetchurl { url = "https://github.com/InfinityGhost/OpenTabletDriver/releases/download/v${version}/OpenTabletDriver.deb"; - sha256 = "0nm0v1xhphl6g6rz3li4rbdp7408g6sf9l4nh3mbbif5042xa0qh"; + sha256 = "14k06iyc642x42yadyfmmf8ky84y8rc6kgd63b4ipskkcxyl1gvl"; }; nativeBuildInputs = [ diff --git a/pkgs/tools/X11/opentabletdriver/deps.nix b/pkgs/tools/X11/opentabletdriver/deps.nix index 041795596b1..45ded855587 100644 --- a/pkgs/tools/X11/opentabletdriver/deps.nix +++ b/pkgs/tools/X11/opentabletdriver/deps.nix @@ -1,43 +1,48 @@ { fetchNuGet }: [ (fetchNuGet { name = "AtkSharp"; - version = "3.22.25.74"; - sha256 = "04zjpjrddw5clac0mjpk0q00rbmv45bh1bsqa4s3pc5pb7fm9cd9"; + version = "3.24.24.34"; + sha256 = "1jn1vgi9xm0jp7769k6sbdi8d273kigjrsh93i6s4c03hqxv7cqs"; }) (fetchNuGet { name = "CairoSharp"; - version = "3.22.25.74"; - sha256 = "0sx7vmwcrfbkg3g887v051iklcdmdhh43ndp96nk4bccjimmmwl6"; + version = "3.24.24.34"; + sha256 = "0pydn1k0cam1gclg9sc1sbnmbyzh28qlc5qanyxcylwghink3kgz"; }) (fetchNuGet { name = "Eto.Forms"; version = "2.5.10"; sha256 = "1d71wglk4ixfqfbm6sxmj753x5iwbar8i9zzjy3bh64fy1dn8lz7"; }) + (fetchNuGet { + name = "Eto.Forms"; + version = "2.5.11"; + sha256 = "0h86jc19wy3ssj7pb34w1h02v92mg29gdipszwjs3y15piy66z3s"; + }) (fetchNuGet { name = "Eto.Platform.Gtk"; - version = "2.5.10"; - sha256 = "1pkqvlfx7bzracnw19bl50i9jg4ym376vihmy9qq7m5z5nfdqn4g"; + version = "2.5.11"; + sha256 = "1s9njz7l9zghrbzli7lbiav5ss3glqf17npj07f3jldd933nb95j"; }) (fetchNuGet { name = "GdkSharp"; - version = "3.22.25.74"; - sha256 = "07sdfvqk2jmyjj7fyd0mikhnzsk52zd3g2dhip8kz3006cczqm81"; + version = "3.24.24.34"; + sha256 = "0r0x0yib7chwsyrbpvicrfwldwqx5lyqq4p86zaxpmzd6zdaj0x5"; }) (fetchNuGet { name = "GioSharp"; - version = "3.22.25.74"; - sha256 = "01l4216bm5jxbxypkkq4d2527c6zd68kbywr3h1lr1darc9nf1d1"; + version = "3.24.24.34"; + sha256 = "02hxvgjd4w9jpzbkk7qf9q9bkvyp5hfzwxfqp10vg5lpl9yl3xpx"; }) (fetchNuGet { name = "GLibSharp"; - version = "3.22.25.74"; - sha256 = "0k2p79z4wcswi528v0ykc37rsqfqi6xd6pl0j4csdj9zf19svgx2"; + version = "3.24.24.34"; + sha256 = "0kvp033fgdwc8p2abfp5z9pzq66cvwbnjfvr4v4bkpy5s5h181kq"; }) (fetchNuGet { name = "GtkSharp"; - version = "3.22.25.74"; - sha256 = "0vazfvkjyzppcynqa1h70s1jmp4vq2j30v5x2scg8n2c5dxaj0k3"; + version = "3.24.24.34"; + sha256 = "0028hzmmqyfx87qqmaf9cgb5psn7gkbmqvixcid67x1d6mzxjicb"; }) (fetchNuGet { name = "HidSharpCore"; @@ -126,8 +131,8 @@ }) (fetchNuGet { name = "PangoSharp"; - version = "3.22.25.74"; - sha256 = "172i1hjpz4rgqlilir8a57kgmciw9x0shz4zwbhhlr59mndvqbih"; + version = "3.24.24.34"; + sha256 = "1r0h14cklglfpv1lhv93cxmzi2w7d5s03gzpq3j5dmrz43flg9zw"; }) (fetchNuGet { name = "runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl"; From 0647103d181a7c73caa9aacce4b80b3beafb6419 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 8 Jun 2021 20:29:28 +0200 Subject: [PATCH 027/202] firefox: use nss without p11-kit Quickfix to allow firefox to recognize certificates as trusted by Mozilla. Related: #126065 (cherry picked from commit 42e25d855fa959b7832fbdbc0a384294460d9258) --- pkgs/applications/networking/browsers/firefox/common.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix index 62e641280b6..51a671cb198 100644 --- a/pkgs/applications/networking/browsers/firefox/common.nix +++ b/pkgs/applications/networking/browsers/firefox/common.nix @@ -122,7 +122,9 @@ let then overrideCC stdenv llvmPackages.clangUseLLVM else stdenv; - nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss; + # Disable p11-kit support in nss until our cacert packages has caught up exposing CKA_NSS_MOZILLA_CA_POLICY + # https://github.com/NixOS/nixpkgs/issues/126065 + nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss.override { useP11kit = false; }; # --enable-release adds -ffunction-sections & LTO that require a big amount of # RAM and the 32-bit memory space cannot handle that linking From e9434d6728495be25023cc014d25bd9036eddd06 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 9 Jun 2021 00:32:53 +0200 Subject: [PATCH 028/202] nixos/tests/custom-ca: disable firefox test integration Firefox has been decoupled from the system certificate store since the nss p11-kit integration in combination with our cacert package does not expose CKA_NSS_MOZILLA_CA_POLICY, which among other things is required for addon updates. (cherry picked from commit 2d4ed9bae6f9c80d75cf5ef18ccdac85cf889ff3) --- nixos/tests/custom-ca.nix | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/nixos/tests/custom-ca.nix b/nixos/tests/custom-ca.nix index 7ce1101911d..26f29a3e68f 100644 --- a/nixos/tests/custom-ca.nix +++ b/nixos/tests/custom-ca.nix @@ -107,8 +107,15 @@ in ''; }; - environment.systemPackages = with pkgs; - [ xdotool firefox chromium falkon midori ]; + environment.systemPackages = with pkgs; [ + xdotool + # Firefox was disabled here, because we needed to disable p11-kit support in nss, + # which is why it will not use the system certificate store for the time being. + # firefox + chromium + falkon + midori + ]; }; testScript = '' @@ -145,7 +152,14 @@ in with subtest("Unknown CA is untrusted in curl"): machine.fail("curl -fv https://bad.example.com") - browsers = ["firefox", "chromium", "falkon", "midori"] + browsers = [ + # Firefox was disabled here, because we needed to disable p11-kit support in nss, + # which is why it will not use the system certificate store for the time being. + # "firefox", + "chromium", + "falkon", + "midori" + ] errors = ["Security Risk", "not private", "Certificate Error", "Security"] machine.wait_for_x() From d69ca2fb5042c84c41666d4933ea1662f8cd75e7 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 9 Jun 2021 11:59:41 +0200 Subject: [PATCH 029/202] signal-desktop: 5.4.0 -> 5.4.1 (cherry picked from commit 6a11eafbc9eede9d6f981a8d1b52fae7ccc2591b) --- .../networking/instant-messengers/signal-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 19469783629..01e68e7753b 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -25,7 +25,7 @@ let else ""); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.4.0"; # Please backport all updates to the stable channel. + version = "5.4.1"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "046xy033ars70ay5ryj39i5053py00xj92ajdg212pamq415z1zb"; + sha256 = "1f1narpqj8gcyi4r574nqm1cbyi3azk1y7d1j300scr51gk74fq6"; }; nativeBuildInputs = [ From 19a1348fbb565635bc133b3db783d29183340758 Mon Sep 17 00:00:00 2001 From: piegames Date: Tue, 8 Jun 2021 20:42:36 +0200 Subject: [PATCH 030/202] matrix-appservice-irc: 0.26.0 -> 0.26.1 (cherry picked from commit 6a18a9a2c517c7e9a8a1b3490502ad54583bbf62) --- .../matrix-appservice-irc/node-packages.nix | 563 +++++++++++------- .../matrix-appservice-irc/package.json | 2 +- 2 files changed, 359 insertions(+), 206 deletions(-) diff --git a/pkgs/servers/matrix-synapse/matrix-appservice-irc/node-packages.nix b/pkgs/servers/matrix-synapse/matrix-appservice-irc/node-packages.nix index cb552b34f96..290eae2c02f 100644 --- a/pkgs/servers/matrix-synapse/matrix-appservice-irc/node-packages.nix +++ b/pkgs/servers/matrix-synapse/matrix-appservice-irc/node-packages.nix @@ -22,13 +22,13 @@ let sha512 = "HV1Cm0Q3ZrpCR93tkWOYiuYIgLxZXZFVG2VgK+MBWjUqZTundupbfx2aXarXuw5Ko5aMcjtJgbSs4vUGBS5v6g=="; }; }; - "@babel/generator-7.14.2" = { + "@babel/generator-7.14.3" = { name = "_at_babel_slash_generator"; packageName = "@babel/generator"; - version = "7.14.2"; + version = "7.14.3"; src = fetchurl { - url = "https://registry.npmjs.org/@babel/generator/-/generator-7.14.2.tgz"; - sha512 = "OnADYbKrffDVai5qcpkMxQ7caomHOoEwjkouqnN2QhydAjowFAZcsdecFIRUBdb+ZcruwYE4ythYmF1UBZU5xQ=="; + url = "https://registry.npmjs.org/@babel/generator/-/generator-7.14.3.tgz"; + sha512 = "bn0S6flG/j0xtQdz3hsjJ624h3W0r3llttBMfyHX3YrZ/KtLYr15bjA0FXkgW7FpvrDuTuElXeVjiKlYRpnOFA=="; }; }; "@babel/helper-function-name-7.14.2" = { @@ -76,13 +76,13 @@ let sha512 = "YSCOwxvTYEIMSGaBQb5kDDsCopDdiUGsqpatp3fOlI4+2HQSkTmEVWnVuySdAC5EWCqSWWTv0ib63RjR7dTBdg=="; }; }; - "@babel/parser-7.14.2" = { + "@babel/parser-7.14.4" = { name = "_at_babel_slash_parser"; packageName = "@babel/parser"; - version = "7.14.2"; + version = "7.14.4"; src = fetchurl { - url = "https://registry.npmjs.org/@babel/parser/-/parser-7.14.2.tgz"; - sha512 = "IoVDIHpsgE/fu7eXBeRWt8zLbDrSvD7H1gpomOkPpBoEN8KCruCqSDdqo8dddwQQrui30KSvQBaMUOJiuFu6QQ=="; + url = "https://registry.npmjs.org/@babel/parser/-/parser-7.14.4.tgz"; + sha512 = "ArliyUsWDUqEGfWcmzpGUzNfLxTdTp6WU4IuP6QFSp9gGfWS6boxFCkJSJ/L4+RG8z/FnIU3WxCk6hPL9SSWeA=="; }; }; "@babel/runtime-7.14.0" = { @@ -112,13 +112,13 @@ let sha512 = "TsdRgvBFHMyHOOzcP9S6QU0QQtjxlRpEYOy3mcCO5RgmC305ki42aSAmfZEMSSYBla2oZ9BMqYlncBaKmD/7iA=="; }; }; - "@babel/types-7.14.2" = { + "@babel/types-7.14.4" = { name = "_at_babel_slash_types"; packageName = "@babel/types"; - version = "7.14.2"; + version = "7.14.4"; src = fetchurl { - url = "https://registry.npmjs.org/@babel/types/-/types-7.14.2.tgz"; - sha512 = "SdjAG/3DikRHpUOjxZgnkbR11xUlyDMUFJdvnIgZEE16mqmY0BINMmc4//JMJglEmn6i7sq6p+mGrFWyZ98EEw=="; + url = "https://registry.npmjs.org/@babel/types/-/types-7.14.4.tgz"; + sha512 = "lCj4aIs0xUefJFQnwwQv2Bxg7Omd6bgquZ6LGC+gGMh6/s5qDVfjuCMlDmYQ15SLsWHd9n+X3E75lKIhl5Lkiw=="; }; }; "@dabh/diagnostics-2.0.2" = { @@ -130,40 +130,40 @@ let sha512 = "+A1YivoVDNNVCdfozHSR8v/jyuuLTMXwjWuxPFlFlUapXoGc+Gj9mDlTDDfrwl7rXCl2tNZ0kE8sIBO6YOn96Q=="; }; }; - "@eslint/eslintrc-0.4.1" = { + "@eslint/eslintrc-0.4.2" = { name = "_at_eslint_slash_eslintrc"; packageName = "@eslint/eslintrc"; - version = "0.4.1"; + version = "0.4.2"; src = fetchurl { - url = "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.1.tgz"; - sha512 = "5v7TDE9plVhvxQeWLXDTvFvJBdH6pEsdnl2g/dAptmuFEPedQ4Erq5rsDsX+mvAM610IhNaO2W5V1dOOnDKxkQ=="; + url = "https://registry.npmjs.org/@eslint/eslintrc/-/eslintrc-0.4.2.tgz"; + sha512 = "8nmGq/4ycLpIwzvhI4tNDmQztZ8sp+hI7cyG8i1nQDhkAbRzHpXPidRAHlNvCZQpJTKw5ItIpMw9RSToGF00mg=="; }; }; - "@nodelib/fs.scandir-2.1.4" = { + "@nodelib/fs.scandir-2.1.5" = { name = "_at_nodelib_slash_fs.scandir"; packageName = "@nodelib/fs.scandir"; - version = "2.1.4"; + version = "2.1.5"; src = fetchurl { - url = "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.4.tgz"; - sha512 = "33g3pMJk3bg5nXbL/+CY6I2eJDzZAni49PfJnL5fghPTggPvBd/pFNSgJsdAgWptuFu7qq/ERvOYFlhvsLTCKA=="; + url = "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz"; + sha512 = "vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g=="; }; }; - "@nodelib/fs.stat-2.0.4" = { + "@nodelib/fs.stat-2.0.5" = { name = "_at_nodelib_slash_fs.stat"; packageName = "@nodelib/fs.stat"; - version = "2.0.4"; + version = "2.0.5"; src = fetchurl { - url = "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.4.tgz"; - sha512 = "IYlHJA0clt2+Vg7bccq+TzRdJvv19c2INqBSsoOLp1je7xjtr7J26+WXR72MCdvU9q1qTzIWDfhMf+DRvQJK4Q=="; + url = "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz"; + sha512 = "RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A=="; }; }; - "@nodelib/fs.walk-1.2.6" = { + "@nodelib/fs.walk-1.2.7" = { name = "_at_nodelib_slash_fs.walk"; packageName = "@nodelib/fs.walk"; - version = "1.2.6"; + version = "1.2.7"; src = fetchurl { - url = "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.6.tgz"; - sha512 = "8Broas6vTtW4GIXTAHDoE32hnN2M5ykgCpWGbuXHQ15vEMqr23pB76e/GZcYsZCHALv50ktd24qhEyKr6wBtow=="; + url = "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.7.tgz"; + sha512 = "BTIhocbPBSrRmHxOAJFtR18oLhxTtAFDAvL8hY1S3iU8k+E60W/YFs4jrixGzQjMpF4qPXxIQHcjVD9dz1C2QA=="; }; }; "@sentry/core-5.30.0" = { @@ -247,13 +247,13 @@ let sha512 = "XIB2XbzHTN6ieIjfIMV9hlVcfPU26s2vafYWQcZHWXHOxiaRZYEDKEwdl129Zyg50+foYV2jCgtrqSA6qNuNSA=="; }; }; - "@types/bluebird-3.5.34" = { + "@types/bluebird-3.5.35" = { name = "_at_types_slash_bluebird"; packageName = "@types/bluebird"; - version = "3.5.34"; + version = "3.5.35"; src = fetchurl { - url = "https://registry.npmjs.org/@types/bluebird/-/bluebird-3.5.34.tgz"; - sha512 = "QMc57Pf067Rr78l6f4FftvuIXPYxu0VYFRKrZk1Clv+LWy7gN2fTBiAiv68askFHEHZcTLPFd01kNlpKOiSPgQ=="; + url = "https://registry.npmjs.org/@types/bluebird/-/bluebird-3.5.35.tgz"; + sha512 = "2WeeXK7BuQo7yPI4WGOBum90SzF/f8rqlvpaXx4rjeTmNssGRDHWf7fgDUH90xMB3sUOu716fUK5d+OVx0+ncQ=="; }; }; "@types/body-parser-1.19.0" = { @@ -274,22 +274,22 @@ let sha512 = "ePPA/JuI+X0vb+gSWlPKOY0NdNAie/rPUqX2GUPpbZwiKTkSPhjXWuee47E4MtE54QVzGCQMQkAL6JhV2E1+cQ=="; }; }; - "@types/express-4.17.11" = { + "@types/express-4.17.12" = { name = "_at_types_slash_express"; packageName = "@types/express"; - version = "4.17.11"; + version = "4.17.12"; src = fetchurl { - url = "https://registry.npmjs.org/@types/express/-/express-4.17.11.tgz"; - sha512 = "no+R6rW60JEc59977wIxreQVsIEOAYwgCqldrA/vkpCnbD7MqTefO97lmoBe4WE0F156bC4uLSP1XHDOySnChg=="; + url = "https://registry.npmjs.org/@types/express/-/express-4.17.12.tgz"; + sha512 = "pTYas6FrP15B1Oa0bkN5tQMNqOcVXa9j4FTFtO8DWI9kppKib+6NJtfTOOLcwxuuYvcX2+dVG6et1SxW/Kc17Q=="; }; }; - "@types/express-serve-static-core-4.17.19" = { + "@types/express-serve-static-core-4.17.21" = { name = "_at_types_slash_express-serve-static-core"; packageName = "@types/express-serve-static-core"; - version = "4.17.19"; + version = "4.17.21"; src = fetchurl { - url = "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.19.tgz"; - sha512 = "DJOSHzX7pCiSElWaGR8kCprwibCB/3yW6vcT8VG3P0SJjnv19gnWG/AZMfM60Xj/YJIp/YCaDHyvzsFVeniARA=="; + url = "https://registry.npmjs.org/@types/express-serve-static-core/-/express-serve-static-core-4.17.21.tgz"; + sha512 = "gwCiEZqW6f7EoR8TTEfalyEhb1zA5jQJnRngr97+3pzMaO1RKoI1w2bw07TK72renMUVWcWS5mLI6rk1NqN0nA=="; }; }; "@types/extend-3.0.1" = { @@ -337,13 +337,13 @@ let sha512 = "qHQRLZ0e6l/XK/2Qb2v5N1ujmdttYkUvnRI4nPIifMy6vYwoAnER10xhX13isWjjQtNsrjNLinZgDDguzPmEKw=="; }; }; - "@types/node-15.0.3" = { + "@types/node-15.12.2" = { name = "_at_types_slash_node"; packageName = "@types/node"; - version = "15.0.3"; + version = "15.12.2"; src = fetchurl { - url = "https://registry.npmjs.org/@types/node/-/node-15.0.3.tgz"; - sha512 = "/WbxFeBU+0F79z9RdEOXH4CsDga+ibi5M8uEYr91u3CkT/pdWcV8MCook+4wDPnZBexRdwWS+PiVZ2xJviAzcQ=="; + url = "https://registry.npmjs.org/@types/node/-/node-15.12.2.tgz"; + sha512 = "zjQ69G564OCIWIOHSXyQEEDpdpGl+G348RAKY0XXy9Z5kU9Vzv1GMNnkar/ZJ8dzXB3COzD9Mo9NtRZ4xfgUww=="; }; }; "@types/nopt-3.0.29" = { @@ -355,13 +355,13 @@ let sha1 = "f19df3db4c97ee1459a2740028320a71d70964ce"; }; }; - "@types/pg-7.14.11" = { + "@types/pg-8.6.0" = { name = "_at_types_slash_pg"; packageName = "@types/pg"; - version = "7.14.11"; + version = "8.6.0"; src = fetchurl { - url = "https://registry.npmjs.org/@types/pg/-/pg-7.14.11.tgz"; - sha512 = "EnZkZ1OMw9DvNfQkn2MTJrwKmhJYDEs5ujWrPfvseWNoI95N8B4HzU/Ltrq5ZfYxDX/Zg8mTzwr6UAyTjjFvXA=="; + url = "https://registry.npmjs.org/@types/pg/-/pg-8.6.0.tgz"; + sha512 = "3JXFrsl8COoqVB1+2Pqelx6soaiFVXzkT3fkuSNe7GB40ysfT0FHphZFPiqIXpMyTHSFRdLTyZzrFBrJRPAArA=="; }; }; "@types/qs-6.9.6" = { @@ -382,13 +382,13 @@ let sha512 = "ewFXqrQHlFsgc09MK5jP5iR7vumV/BYayNC6PgJO2LPe8vrnNFyjQjSppfEngITi0qvfKtzFvgKymGheFM9UOA=="; }; }; - "@types/sanitize-html-1.27.2" = { + "@types/sanitize-html-2.3.1" = { name = "_at_types_slash_sanitize-html"; packageName = "@types/sanitize-html"; - version = "1.27.2"; + version = "2.3.1"; src = fetchurl { - url = "https://registry.npmjs.org/@types/sanitize-html/-/sanitize-html-1.27.2.tgz"; - sha512 = "DrH26m7CV6PB4YVckjbSIx+xloB7HBolr9Ctm0gZBffSu5dDV4yJKFQGPquJlReVW+xmg59gx+b/8/qYHxZEuw=="; + url = "https://registry.npmjs.org/@types/sanitize-html/-/sanitize-html-2.3.1.tgz"; + sha512 = "+UT/XRluJuCunRftwO6OzG6WOBgJ+J3sROIoSJWX+7PB2FtTJTEJLrHCcNwzCQc0r60bej3WAbaigK+VZtZCGw=="; }; }; "@types/serve-static-1.13.9" = { @@ -400,67 +400,67 @@ let sha512 = "ZFqF6qa48XsPdjXV5Gsz0Zqmux2PerNd3a/ktL45mHpa19cuMi/cL8tcxdAx497yRh+QtYPuofjT9oWw9P7nkA=="; }; }; - "@typescript-eslint/eslint-plugin-4.23.0" = { + "@typescript-eslint/eslint-plugin-4.26.1" = { name = "_at_typescript-eslint_slash_eslint-plugin"; packageName = "@typescript-eslint/eslint-plugin"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.23.0.tgz"; - sha512 = "tGK1y3KIvdsQEEgq6xNn1DjiFJtl+wn8JJQiETtCbdQxw1vzjXyAaIkEmO2l6Nq24iy3uZBMFQjZ6ECf1QdgGw=="; + url = "https://registry.npmjs.org/@typescript-eslint/eslint-plugin/-/eslint-plugin-4.26.1.tgz"; + sha512 = "aoIusj/8CR+xDWmZxARivZjbMBQTT9dImUtdZ8tVCVRXgBUuuZyM5Of5A9D9arQPxbi/0rlJLcuArclz/rCMJw=="; }; }; - "@typescript-eslint/experimental-utils-4.23.0" = { + "@typescript-eslint/experimental-utils-4.26.1" = { name = "_at_typescript-eslint_slash_experimental-utils"; packageName = "@typescript-eslint/experimental-utils"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.23.0.tgz"; - sha512 = "WAFNiTDnQfrF3Z2fQ05nmCgPsO5o790vOhmWKXbbYQTO9erE1/YsFot5/LnOUizLzU2eeuz6+U/81KV5/hFTGA=="; + url = "https://registry.npmjs.org/@typescript-eslint/experimental-utils/-/experimental-utils-4.26.1.tgz"; + sha512 = "sQHBugRhrXzRCs9PaGg6rowie4i8s/iD/DpTB+EXte8OMDfdCG5TvO73XlO9Wc/zi0uyN4qOmX9hIjQEyhnbmQ=="; }; }; - "@typescript-eslint/parser-4.23.0" = { + "@typescript-eslint/parser-4.26.1" = { name = "_at_typescript-eslint_slash_parser"; packageName = "@typescript-eslint/parser"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.23.0.tgz"; - sha512 = "wsvjksHBMOqySy/Pi2Q6UuIuHYbgAMwLczRl4YanEPKW5KVxI9ZzDYh3B5DtcZPQTGRWFJrfcbJ6L01Leybwug=="; + url = "https://registry.npmjs.org/@typescript-eslint/parser/-/parser-4.26.1.tgz"; + sha512 = "q7F3zSo/nU6YJpPJvQveVlIIzx9/wu75lr6oDbDzoeIRWxpoc/HQ43G4rmMoCc5my/3uSj2VEpg/D83LYZF5HQ=="; }; }; - "@typescript-eslint/scope-manager-4.23.0" = { + "@typescript-eslint/scope-manager-4.26.1" = { name = "_at_typescript-eslint_slash_scope-manager"; packageName = "@typescript-eslint/scope-manager"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.23.0.tgz"; - sha512 = "ZZ21PCFxPhI3n0wuqEJK9omkw51wi2bmeKJvlRZPH5YFkcawKOuRMQMnI8mH6Vo0/DoHSeZJnHiIx84LmVQY+w=="; + url = "https://registry.npmjs.org/@typescript-eslint/scope-manager/-/scope-manager-4.26.1.tgz"; + sha512 = "TW1X2p62FQ8Rlne+WEShyd7ac2LA6o27S9i131W4NwDSfyeVlQWhw8ylldNNS8JG6oJB9Ha9Xyc+IUcqipvheQ=="; }; }; - "@typescript-eslint/types-4.23.0" = { + "@typescript-eslint/types-4.26.1" = { name = "_at_typescript-eslint_slash_types"; packageName = "@typescript-eslint/types"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.23.0.tgz"; - sha512 = "oqkNWyG2SLS7uTWLZf6Sr7Dm02gA5yxiz1RP87tvsmDsguVATdpVguHr4HoGOcFOpCvx9vtCSCyQUGfzq28YCw=="; + url = "https://registry.npmjs.org/@typescript-eslint/types/-/types-4.26.1.tgz"; + sha512 = "STyMPxR3cS+LaNvS8yK15rb8Y0iL0tFXq0uyl6gY45glyI7w0CsyqyEXl/Fa0JlQy+pVANeK3sbwPneCbWE7yg=="; }; }; - "@typescript-eslint/typescript-estree-4.23.0" = { + "@typescript-eslint/typescript-estree-4.26.1" = { name = "_at_typescript-eslint_slash_typescript-estree"; packageName = "@typescript-eslint/typescript-estree"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.23.0.tgz"; - sha512 = "5Sty6zPEVZF5fbvrZczfmLCOcby3sfrSPu30qKoY1U3mca5/jvU5cwsPb/CO6Q3ByRjixTMIVsDkqwIxCf/dMw=="; + url = "https://registry.npmjs.org/@typescript-eslint/typescript-estree/-/typescript-estree-4.26.1.tgz"; + sha512 = "l3ZXob+h0NQzz80lBGaykdScYaiEbFqznEs99uwzm8fPHhDjwaBFfQkjUC/slw6Sm7npFL8qrGEAMxcfBsBJUg=="; }; }; - "@typescript-eslint/visitor-keys-4.23.0" = { + "@typescript-eslint/visitor-keys-4.26.1" = { name = "_at_typescript-eslint_slash_visitor-keys"; packageName = "@typescript-eslint/visitor-keys"; - version = "4.23.0"; + version = "4.26.1"; src = fetchurl { - url = "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.23.0.tgz"; - sha512 = "5PNe5cmX9pSifit0H+nPoQBXdbNzi5tOEec+3riK+ku4e3er37pKxMKDH5Ct5Y4fhWxcD4spnlYjxi9vXbSpwg=="; + url = "https://registry.npmjs.org/@typescript-eslint/visitor-keys/-/visitor-keys-4.26.1.tgz"; + sha512 = "IGouNSSd+6x/fHtYRyLOM6/C+QxMDzWlDtN41ea+flWuSF9g02iqcIlX8wM53JkfljoIjP0U+yp7SiTS1onEkw=="; }; }; "abbrev-1.1.1" = { @@ -517,13 +517,13 @@ let sha512 = "j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g=="; }; }; - "ajv-8.3.0" = { + "ajv-8.6.0" = { name = "ajv"; packageName = "ajv"; - version = "8.3.0"; + version = "8.6.0"; src = fetchurl { - url = "https://registry.npmjs.org/ajv/-/ajv-8.3.0.tgz"; - sha512 = "RYE7B5An83d7eWnDR8kbdaIFqmKCNsP16ay1hDbJEU+sa0e3H9SebskCt0Uufem6cfAVu7Col6ubcn/W+Sm8/Q=="; + url = "https://registry.npmjs.org/ajv/-/ajv-8.6.0.tgz"; + sha512 = "cnUG4NSBiM4YFBxgZIj/In3/6KX+rQ2l2YPRVcvAMQGWEPKuXoPIhxzwqh31jA3IPbI4qEOp/5ILI4ynioXsGQ=="; }; }; "another-json-0.2.0" = { @@ -949,6 +949,15 @@ let sha512 = "diHzdDKxcU+bAsUboHLPEDQiw0qEe0qd7SYUn3HgcFlWgbDcfLGswOHYeGrHKzG9z6UYf01d9VFMfZxPM1xZSg=="; }; }; + "chardet-1.3.0" = { + name = "chardet"; + packageName = "chardet"; + version = "1.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/chardet/-/chardet-1.3.0.tgz"; + sha512 = "cyTQGGptIjIT+CMGT5J/0l9c6Fb+565GCFjjeUTKxUO7w3oR+FcNCMEKTn5xtVKaLFmladN7QF68IiQsv5Fbdw=="; + }; + }; "chokidar-3.5.1" = { name = "chokidar"; packageName = "chokidar"; @@ -1048,6 +1057,15 @@ let sha512 = "jgIoum0OfQfq9Whcfc2z/VhCNcmQjWbey6qBX0vqt7YICflUmBCh9E9CiQD5GSJ+Uehixm3NUwHVhqUAWRivZg=="; }; }; + "colorette-1.2.2" = { + name = "colorette"; + packageName = "colorette"; + version = "1.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/colorette/-/colorette-1.2.2.tgz"; + sha512 = "MKGMzyfeuutC/ZJ1cba9NqcNpfeqMUcYmyF1ZFY6/Cn7CNSAKx6a+s48sqLqyAiZuaP2TcqMhoo+dlwFnVxT9w=="; + }; + }; "colors-1.4.0" = { name = "colors"; packageName = "colors"; @@ -1273,6 +1291,15 @@ let sha1 = "b369d6fb5dbc13eecf524f91b070feedc357cf34"; }; }; + "deepmerge-4.2.2" = { + name = "deepmerge"; + packageName = "deepmerge"; + version = "4.2.2"; + src = fetchurl { + url = "https://registry.npmjs.org/deepmerge/-/deepmerge-4.2.2.tgz"; + sha512 = "FJ3UgI4gIl+PHZm53knsuSFpE+nESMr7M4v9QcgB7S63Kj/6WqMiFQJpBBYz1Pt+66bZpP3Q7Lye0Oo9MPKEdg=="; + }; + }; "default-require-extensions-2.0.0" = { name = "default-require-extensions"; packageName = "default-require-extensions"; @@ -1345,13 +1372,13 @@ let sha512 = "yS+Q5i3hBf7GBkd4KG8a7eBNNWNGLTaEwwYWUijIYM7zrlYDM0BFXHjjPWlWZ1Rg7UaddZeIDmi9jF3HmqiQ2w=="; }; }; - "dom-serializer-1.3.1" = { + "dom-serializer-1.3.2" = { name = "dom-serializer"; packageName = "dom-serializer"; - version = "1.3.1"; + version = "1.3.2"; src = fetchurl { - url = "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.3.1.tgz"; - sha512 = "Pv2ZluG5ife96udGgEDovOOOA5UELkltfJpnIExPrAk1LTvecolUGn6lIaoLh86d83GiB86CjzciMd9BuRB71Q=="; + url = "https://registry.npmjs.org/dom-serializer/-/dom-serializer-1.3.2.tgz"; + sha512 = "5c54Bk5Dw4qAxNOI1pFEizPSjVsx5+bpJKmL2kPn8JhBUq2q09tTCa3mjijun2NfK78NMouDYNMBkOrPZiS+ig=="; }; }; "domelementtype-2.2.0" = { @@ -1381,13 +1408,13 @@ let sha512 = "zk7sgt970kzPks2Bf+dwT/PLzghLnsivb9CcxkvR8Mzr66Olr0Ofd8neSbglHJHaHa2MadfoSdNlKYAaafmWfA=="; }; }; - "domutils-2.6.0" = { + "domutils-2.7.0" = { name = "domutils"; packageName = "domutils"; - version = "2.6.0"; + version = "2.7.0"; src = fetchurl { - url = "https://registry.npmjs.org/domutils/-/domutils-2.6.0.tgz"; - sha512 = "y0BezHuy4MDYxh6OvolXYsH+1EMGmFbwv5FKW7ovwMG6zTPWqNPq3WF9ayZssFq+UlKdffGLbOEaghNdaOm1WA=="; + url = "https://registry.npmjs.org/domutils/-/domutils-2.7.0.tgz"; + sha512 = "8eaHa17IwJUPAiB+SoTYBo5mCdeMgdcAoXJ59m6DT1vw+5iLS3gNoqYaRowaBKtGVrOF1Jz4yDTgYKLK2kvfJg=="; }; }; "dot-prop-5.3.0" = { @@ -1543,13 +1570,22 @@ let sha512 = "UpzcLCXolUWcNu5HtVMHYdXJjArjsF9C0aNnquZYY4uW/Vu0miy5YoWvbV345HauVvcAUnpRuhMMcqTcGOY2+w=="; }; }; - "eslint-7.26.0" = { + "escape-string-regexp-4.0.0" = { + name = "escape-string-regexp"; + packageName = "escape-string-regexp"; + version = "4.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz"; + sha512 = "TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA=="; + }; + }; + "eslint-7.28.0" = { name = "eslint"; packageName = "eslint"; - version = "7.26.0"; + version = "7.28.0"; src = fetchurl { - url = "https://registry.npmjs.org/eslint/-/eslint-7.26.0.tgz"; - sha512 = "4R1ieRf52/izcZE7AlLy56uIHHDLT74Yzz2Iv2l6kDaYvEu9x+wMB5dZArVL8SYGXSYV2YAg70FcW5Y5nGGNIg=="; + url = "https://registry.npmjs.org/eslint/-/eslint-7.28.0.tgz"; + sha512 = "UMfH0VSjP0G4p3EWirscJEQ/cHqnT/iuH6oNZOB94nBjWbMnhGEPxsZm1eyIW0C/9jLI0Fow4W5DXLjEI7mn1g=="; }; }; "eslint-scope-5.1.1" = { @@ -1570,6 +1606,15 @@ let sha512 = "w94dQYoauyvlDc43XnGB8lU3Zt713vNChgt4EWwhXAP2XkBvndfxF0AgIqKOOasjPIPzj9JqgwkwbCYD0/V3Zg=="; }; }; + "eslint-utils-3.0.0" = { + name = "eslint-utils"; + packageName = "eslint-utils"; + version = "3.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/eslint-utils/-/eslint-utils-3.0.0.tgz"; + sha512 = "uuQC43IGctw68pJA1RgbQS8/NP7rch6Cwd4j3ZBtgo4/8Flj4eGE7ZYSZRN3iq5pVUv6GPdW5Z1RFleo84uLDA=="; + }; + }; "eslint-visitor-keys-1.3.0" = { name = "eslint-visitor-keys"; packageName = "eslint-visitor-keys"; @@ -1885,13 +1930,13 @@ let sha512 = "1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ=="; }; }; - "forwarded-0.1.2" = { + "forwarded-0.2.0" = { name = "forwarded"; packageName = "forwarded"; - version = "0.1.2"; + version = "0.2.0"; src = fetchurl { - url = "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz"; - sha1 = "98c23dab1175657b8c0573e8ceccd91b0ff18c84"; + url = "https://registry.npmjs.org/forwarded/-/forwarded-0.2.0.tgz"; + sha512 = "buRG0fpBtRHSTCOASe6hD258tEubFoRLb4ZNA6NxMVHNw2gOcwHo9wyablzMzOA5z9xA9L1KNjk/Nt6MT9aYow=="; }; }; "fresh-0.5.2" = { @@ -2047,22 +2092,13 @@ let sha512 = "WOBp/EEGUiIsJSp7wcv/y6MO+lV9UoncWqxuFfm8eBwzWNgyfBd6Gz+IeKQ9jCmyhoH99g15M3T+QaVHFjizVA=="; }; }; - "globals-12.4.0" = { + "globals-13.9.0" = { name = "globals"; packageName = "globals"; - version = "12.4.0"; + version = "13.9.0"; src = fetchurl { - url = "https://registry.npmjs.org/globals/-/globals-12.4.0.tgz"; - sha512 = "BWICuzzDvDoH54NHKCseDanAhE3CeDorgDL5MT6LMXXj2WCnd9UC2szdk4AWLfjdgNBCXLUanXYcpBBKOSWGwg=="; - }; - }; - "globals-13.8.0" = { - name = "globals"; - packageName = "globals"; - version = "13.8.0"; - src = fetchurl { - url = "https://registry.npmjs.org/globals/-/globals-13.8.0.tgz"; - sha512 = "rHtdA6+PDBIjeEvA91rpqzEvk/k3/i7EeNQiryiWuJH0Hw9cpyJMAt2jtbAwUaRdhD+573X4vWw6IcjKPasi9Q=="; + url = "https://registry.npmjs.org/globals/-/globals-13.9.0.tgz"; + sha512 = "74/FduwI/JaIrr1H8e71UbDE+5x7pIPs1C2rrwC52SszOo043CsWOZEMW7o2Y58xwm9b+0RBKDxY5n2sUpEFxA=="; }; }; "globby-11.0.3" = { @@ -2218,6 +2254,15 @@ let sha512 = "4zDq1a1zhE4gQso/c5LP1OtrhYTncXNSpvJYtWJBtXAETPlMfi3IFNjGuQbYLuVY4ZR0QMqRVvo4Pdy9KLyP8Q=="; }; }; + "htmlparser2-6.1.0" = { + name = "htmlparser2"; + packageName = "htmlparser2"; + version = "6.1.0"; + src = fetchurl { + url = "https://registry.npmjs.org/htmlparser2/-/htmlparser2-6.1.0.tgz"; + sha512 = "gyyPk6rgonLFEDGoeRgQNaEUvdJ4ktTmmUh/h2t7s+M8oPpIPxgNACWa+6ESR57kXstwqPiCut0V8NRpcwgU7A=="; + }; + }; "http-cache-semantics-4.1.0" = { name = "http-cache-semantics"; packageName = "http-cache-semantics"; @@ -2272,6 +2317,15 @@ let sha512 = "v3MXnZAcvnywkTUEZomIActle7RXXeedOR31wwl7VlyoXO4Qi9arvSenNQWne1TcRwhCL1HwLI21bEqdpj8/rA=="; }; }; + "iconv-lite-0.6.3" = { + name = "iconv-lite"; + packageName = "iconv-lite"; + version = "0.6.3"; + src = fetchurl { + url = "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.3.tgz"; + sha512 = "4fCk79wshMdzMp2rH06qWrJE4iolqLhCUH+OiuIgU++RB0+94NlDL81atO7GX55uUKueo0txHNtvEyI6D7WdMw=="; + }; + }; "ignore-4.0.6" = { name = "ignore"; packageName = "ignore"; @@ -2543,6 +2597,15 @@ let sha512 = "Fd4gABb+ycGAmKou8eMftCupSir5lRxqf4aD/vd0cD2qc4HL07OjCeuHMr8Ro4CoMaeCKDB0/ECBOVWjTwUvPQ=="; }; }; + "is-plain-object-5.0.0" = { + name = "is-plain-object"; + packageName = "is-plain-object"; + version = "5.0.0"; + src = fetchurl { + url = "https://registry.npmjs.org/is-plain-object/-/is-plain-object-5.0.0.tgz"; + sha512 = "VRSzKkbMm5jMDoKLbltAkFQ5Qr7VDiTFGXxYFXXowVj387GeGNOCsOH6Msy00SGZ3Fp84b1Naa1psqgcCIEP5Q=="; + }; + }; "is-promise-2.2.2" = { name = "is-promise"; packageName = "is-promise"; @@ -2831,6 +2894,15 @@ let sha512 = "9ykJ/46SN/9KPM/sichzQ7OvXyGDYKGTaDlKMGCAlg2UK8KRy4jb0d8sFc+0Tt0YYnThq8X2RZgCg74RPxgcVA=="; }; }; + "klona-2.0.4" = { + name = "klona"; + packageName = "klona"; + version = "2.0.4"; + src = fetchurl { + url = "https://registry.npmjs.org/klona/-/klona-2.0.4.tgz"; + sha512 = "ZRbnvdg/NxqzC7L9Uyqzf4psi1OM4Cuc+sJAkQPjO6XkQIJTNbfK2Rsmbw8fx1p2mkZdp2FZYo2+LwXYY/uwIA=="; + }; + }; "kuler-2.0.0" = { name = "kuler"; packageName = "kuler"; @@ -2921,6 +2993,15 @@ let sha1 = "fb030917f86a3134e5bc9bec0d69e0013ddfedb2"; }; }; + "lodash.merge-4.6.2" = { + name = "lodash.merge"; + packageName = "lodash.merge"; + version = "4.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/lodash.merge/-/lodash.merge-4.6.2.tgz"; + sha512 = "0KpjqXRVvrYyCsX1swR/XTK0va6VQkQM6MNo7PqW77ByjAhoARA8EfrP1N4+KlKj8YS0ZUCtRT/YUuhyYDujIQ=="; + }; + }; "lodash.truncate-4.4.2" = { name = "lodash.truncate"; packageName = "lodash.truncate"; @@ -3038,13 +3119,13 @@ let sha512 = "mfgMpmV3dWLtzrd4V/3XtqUD0P44I/mTgsRreW5jMhSaUnnRGZbpptBw2q4/axbLjw2FarlWtOVgertDGMtccA=="; }; }; - "matrix-appservice-bridge-2.6.0" = { + "matrix-appservice-bridge-2.6.1" = { name = "matrix-appservice-bridge"; packageName = "matrix-appservice-bridge"; - version = "2.6.0"; + version = "2.6.1"; src = fetchurl { - url = "https://registry.npmjs.org/matrix-appservice-bridge/-/matrix-appservice-bridge-2.6.0.tgz"; - sha512 = "o1KHQHG1GdfUhTFBXVLztwbTowuCFO9/h8n2zdkRK/bZsdcXSFQVfUwDtRULcyinD4N7r0Lrwlg1LyR0pg2WSw=="; + url = "https://registry.npmjs.org/matrix-appservice-bridge/-/matrix-appservice-bridge-2.6.1.tgz"; + sha512 = "XNOziYVQoTQ9cym3Z2acXy8CKRXPVcEbni0XXCUfvu4O9+cBjUPywtRmhDBENsl/bgGbFKqbJNr68E/j9j+Tbw=="; }; }; "matrix-bot-sdk-0.4.0" = { @@ -3074,6 +3155,15 @@ let sha512 = "JFIMJPNGGqi0myzIlN94SQReUbCrWi1TW5PZih1OGXzUj2wXYz3puktV/f64HZYn6D1ZKcwxZdLuNCG8cRuCyw=="; }; }; + "matrix-org-irc-1.0.0-alpha4" = { + name = "matrix-org-irc"; + packageName = "matrix-org-irc"; + version = "1.0.0-alpha4"; + src = fetchurl { + url = "https://registry.npmjs.org/matrix-org-irc/-/matrix-org-irc-1.0.0-alpha4.tgz"; + sha512 = "2wKzQSpITrG9vChfw9d0goDcQZgKdaL7hgPzQwaybO9NF96HLarXFhznaFtngJiaaBAN52jkEetsQKV/lEfPqA=="; + }; + }; "media-typer-0.3.0" = { name = "media-typer"; packageName = "media-typer"; @@ -3137,22 +3227,22 @@ let sha512 = "x0Vn8spI+wuJ1O6S7gnbaQg8Pxh4NNHb7KSINmEWKiPE4RKOplvijn+NkmYmmRgP68mc70j2EbeTFRsrswaQeg=="; }; }; - "mime-db-1.47.0" = { + "mime-db-1.48.0" = { name = "mime-db"; packageName = "mime-db"; - version = "1.47.0"; + version = "1.48.0"; src = fetchurl { - url = "https://registry.npmjs.org/mime-db/-/mime-db-1.47.0.tgz"; - sha512 = "QBmA/G2y+IfeS4oktet3qRZ+P5kPhCKRXxXnQEudYqUaEioAU1/Lq2us3D/t1Jfo4hE9REQPrbB7K5sOczJVIw=="; + url = "https://registry.npmjs.org/mime-db/-/mime-db-1.48.0.tgz"; + sha512 = "FM3QwxV+TnZYQ2aRqhlKBMHxk10lTbMt3bBkMAp54ddrNeVSfcQYOOKuGuy3Ddrm38I04If834fOUSq1yzslJQ=="; }; }; - "mime-types-2.1.30" = { + "mime-types-2.1.31" = { name = "mime-types"; packageName = "mime-types"; - version = "2.1.30"; + version = "2.1.31"; src = fetchurl { - url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.30.tgz"; - sha512 = "crmjA4bLtR8m9qLpHvgxSChT+XoSlZi8J4n/aIdn3z92e/U47Z0V/yl+Wh9W046GgFVAmoNR/fmdbZYcSSIUeg=="; + url = "https://registry.npmjs.org/mime-types/-/mime-types-2.1.31.tgz"; + sha512 = "XGZnNzm3QvgKxa8dpzyhFTHmpP3l5YNusmne07VUOXxou9CqUqYa/HBy124RqtVh/O2pECas/MOcsDgpilPOPg=="; }; }; "mimic-response-1.0.1" = { @@ -3263,6 +3353,15 @@ let sha512 = "M2ufzIiINKCuDfBSAUr1vWQ+vuVcA9kqx8JJUsbQi6yf1uGRyb7HfpdfUr5qLXf3B/t8dPvcjhKMmlfnP47EzQ=="; }; }; + "nanoid-3.1.23" = { + name = "nanoid"; + packageName = "nanoid"; + version = "3.1.23"; + src = fetchurl { + url = "https://registry.npmjs.org/nanoid/-/nanoid-3.1.23.tgz"; + sha512 = "FiB0kzdP0FFVGDKlRLEQ1BgDzU87dy5NnzjeW9YZNt+/c3+q82EQDUwniSAUxp/F0gFNI1ZhKU1FqYsMuqZVnw=="; + }; + }; "natural-compare-1.4.0" = { name = "natural-compare"; packageName = "natural-compare"; @@ -3362,13 +3461,13 @@ let sha512 = "6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA=="; }; }; - "normalize-url-4.5.0" = { + "normalize-url-4.5.1" = { name = "normalize-url"; packageName = "normalize-url"; - version = "4.5.0"; + version = "4.5.1"; src = fetchurl { - url = "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.0.tgz"; - sha512 = "2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ=="; + url = "https://registry.npmjs.org/normalize-url/-/normalize-url-4.5.1.tgz"; + sha512 = "9UZCFRHQdNrfTpGg8+1INIg93B6zE0aXMVFkw1WFwvO4SlZywU6aLg5Of0Ap/PgcbSw4LNxvMWXMeugwMCX0AA=="; }; }; "nyc-14.1.1" = { @@ -3389,13 +3488,13 @@ let sha512 = "fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ=="; }; }; - "object-hash-2.1.1" = { + "object-hash-2.2.0" = { name = "object-hash"; packageName = "object-hash"; - version = "2.1.1"; + version = "2.2.0"; src = fetchurl { - url = "https://registry.npmjs.org/object-hash/-/object-hash-2.1.1.tgz"; - sha512 = "VOJmgmS+7wvXf8CjbQmimtCnEx3IAoLxI3fp2fbWehxrWBcAQFbk+vcwb6vzR0VZv/eNCJ/27j151ZTwqW/JeQ=="; + url = "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz"; + sha512 = "gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw=="; }; }; "object-inspect-1.10.3" = { @@ -3623,13 +3722,13 @@ let sha512 = "ojmeN0qd+y0jszEtoY48r0Peq5dwMEkIlCOu6Q5f41lfkswXuKtYrhgoTpLnyIcHm24Uhqx+5Tqm2InSwLhE6Q=="; }; }; - "path-parse-1.0.6" = { + "path-parse-1.0.7" = { name = "path-parse"; packageName = "path-parse"; - version = "1.0.6"; + version = "1.0.7"; src = fetchurl { - url = "https://registry.npmjs.org/path-parse/-/path-parse-1.0.6.tgz"; - sha512 = "GSmOT2EbHrINBf9SR7CDELwlJ8AENk3Qn7OikK4nFYAu3Ote2+JYNVvkpAEQm3/TLNEJFD/xZJjzyxg3KBWOzw=="; + url = "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz"; + sha512 = "LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw=="; }; }; "path-to-regexp-0.1.7" = { @@ -3731,13 +3830,13 @@ let sha512 = "YmuA56alyBq7M59vxVBfPJrGSozru8QAdoNlWuW3cz8l+UX3cWge0vTvjKhsSHSJpo3Bom8/Mm6hf0TR5GY0+w=="; }; }; - "picomatch-2.2.3" = { + "picomatch-2.3.0" = { name = "picomatch"; packageName = "picomatch"; - version = "2.2.3"; + version = "2.3.0"; src = fetchurl { - url = "https://registry.npmjs.org/picomatch/-/picomatch-2.2.3.tgz"; - sha512 = "KpELjfwcCDUb9PeigTs2mBJzXUPzAuP2oPcA989He8Rte0+YUAjw1JVedDhuTKPkHjSYzMN3npC9luThGYEKdg=="; + url = "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz"; + sha512 = "lY1Q/PiJGC2zOv/z391WOTD+Z02bCgsFfvxoXXf6h7kv9o+WmsmzYqrAwY63sNgOxE4xEdq0WyUnXfKeBrSvYw=="; }; }; "pify-3.0.0" = { @@ -3776,6 +3875,15 @@ let sha512 = "3QT8bBJeX/S5zKTTjTCIjRF3If4avAT6kqxcASlTWEtAFCb9NH0OUxNDfgZSWdP5fJnBYCMEWkIFfWeugjzYMg=="; }; }; + "postcss-8.3.0" = { + name = "postcss"; + packageName = "postcss"; + version = "8.3.0"; + src = fetchurl { + url = "https://registry.npmjs.org/postcss/-/postcss-8.3.0.tgz"; + sha512 = "+ogXpdAjWGa+fdYY5BQ96V/6tAo+TdSSIMP5huJBIygdWwKtVoB5JWZ7yUd4xZ8r+8Kvvx4nyg/PQ071H4UtcQ=="; + }; + }; "postgres-array-2.0.0" = { name = "postgres-array"; packageName = "postgres-array"; @@ -3857,13 +3965,13 @@ let sha512 = "jT9VccZCWrJWXdyEtQddCDszYsiuWj5T0ekrPszi/WEegj3IZy6Mm09iOOVM86A4IKMWq8hZkT2dD9MaSe+sng=="; }; }; - "proxy-addr-2.0.6" = { + "proxy-addr-2.0.7" = { name = "proxy-addr"; packageName = "proxy-addr"; - version = "2.0.6"; + version = "2.0.7"; src = fetchurl { - url = "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.6.tgz"; - sha512 = "dh/frvCBVmSsDYzw6n926jv974gddhkFPfiN8hPOi30Wax25QZyZEGveluCgliBnqmuM+UJmBErbAUFIoDbjOw=="; + url = "https://registry.npmjs.org/proxy-addr/-/proxy-addr-2.0.7.tgz"; + sha512 = "llQsMLSUDUPT44jdrU/O37qlnifitDP+ZwrmmZcoSKyLKvtZxpyV0n2/bD/N4tBAAZ/gJEdZU7KMraoK1+XYAg=="; }; }; "proxyquire-1.8.0" = { @@ -4271,6 +4379,15 @@ let sha512 = "M4M5iXDAUEcZKLXkmk90zSYWEtk5NH3JmojQxKxV371fnMh+x9t1rqdmXaGoyEHw3z/X/8vnFhKjGL5xFGOJ3A=="; }; }; + "sanitize-html-2.4.0" = { + name = "sanitize-html"; + packageName = "sanitize-html"; + version = "2.4.0"; + src = fetchurl { + url = "https://registry.npmjs.org/sanitize-html/-/sanitize-html-2.4.0.tgz"; + sha512 = "Y1OgkUiTPMqwZNRLPERSEi39iOebn2XJLbeiGOBhaJD/yLqtLGu6GE5w7evx177LeGgSE+4p4e107LMiydOf6A=="; + }; + }; "semver-5.7.1" = { name = "semver"; packageName = "semver"; @@ -4424,6 +4541,15 @@ let sha512 = "UjgapumWlbMhkBgzT7Ykc5YXUT46F0iKu8SGXq0bcwP5dz/h0Plj6enJqjz1Zbq2l5WaqYnrVbwWOWMyF3F47g=="; }; }; + "source-map-js-0.6.2" = { + name = "source-map-js"; + packageName = "source-map-js"; + version = "0.6.2"; + src = fetchurl { + url = "https://registry.npmjs.org/source-map-js/-/source-map-js-0.6.2.tgz"; + sha512 = "/3GptzWzu0+0MBQFrDKzw/DvvMTUORvgY6k6jd/VS6iCR4RDTKWH6v6WPwQoUO8667uQEf9Oe38DxAYWY5F/Ug=="; + }; + }; "spawn-wrap-1.4.3" = { name = "spawn-wrap"; packageName = "spawn-wrap"; @@ -4460,13 +4586,13 @@ let sha512 = "cbqHunsQWnJNE6KhVSMsMeH5H/L9EpymbzqTQ3uLwNCLZ1Q481oWaofqH7nO6V07xlXwY6PhQdQ2IedWx/ZK4Q=="; }; }; - "spdx-license-ids-3.0.7" = { + "spdx-license-ids-3.0.9" = { name = "spdx-license-ids"; packageName = "spdx-license-ids"; - version = "3.0.7"; + version = "3.0.9"; src = fetchurl { - url = "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.7.tgz"; - sha512 = "U+MTEOO0AiDzxwFvoa4JVnMV6mZlJKk2sBLt90s7G0Gd0Mlknc7kxEn3nuDPNZRta7O2uy8oLcZLVT+4sqNZHQ=="; + url = "https://registry.npmjs.org/spdx-license-ids/-/spdx-license-ids-3.0.9.tgz"; + sha512 = "Ki212dKK4ogX+xDo4CtOZBVIwhsKBEfsEEcwmJfLQzirgc2jIWdzg40Unxz/HzEUqM1WFzVlQSMF9kZZ2HboLQ=="; }; }; "split2-3.2.2" = { @@ -4640,13 +4766,13 @@ let sha512 = "qpCAvRl9stuOHveKsn7HncJRvv501qIacKzQlO/+Lwxc9+0q2wLyv4Dfvt80/DPn2pqOBsJdDiogXGR9+OvwRw=="; }; }; - "table-6.7.0" = { + "table-6.7.1" = { name = "table"; packageName = "table"; - version = "6.7.0"; + version = "6.7.1"; src = fetchurl { - url = "https://registry.npmjs.org/table/-/table-6.7.0.tgz"; - sha512 = "SAM+5p6V99gYiiy2gT5ArdzgM1dLDed0nkrWmG6Fry/bUS/m9x83BwpJUOf1Qj/x2qJd+thL6IkIx7qPGRxqBw=="; + url = "https://registry.npmjs.org/table/-/table-6.7.1.tgz"; + sha512 = "ZGum47Yi6KOOFDE8m223td53ath2enHcYLgOCjGr5ngu8bdIARQk6mN/wRMv4yMRcHnCSnHbCEha4sobQx5yWg=="; }; }; "tdigest-0.1.1" = { @@ -4838,13 +4964,13 @@ let sha512 = "zdu8XMNEDepKKR+XYOXAVPtWui0ly0NtohUscw+UmaHiAWT8hrV1rr//H6V+0DvJ3OQ19S979M0laLfX8rm82Q=="; }; }; - "typescript-4.2.4" = { + "typescript-4.3.2" = { name = "typescript"; packageName = "typescript"; - version = "4.2.4"; + version = "4.3.2"; src = fetchurl { - url = "https://registry.npmjs.org/typescript/-/typescript-4.2.4.tgz"; - sha512 = "V+evlYHZnQkaz8TRBuxTA92yZBPotr5H+WhQ7bD3hZUndx5tGOa1fuCgeSjxAzM1RiN5IzvadIXTVefuuwZCRg=="; + url = "https://registry.npmjs.org/typescript/-/typescript-4.3.2.tgz"; + sha512 = "zZ4hShnmnoVnAHpVHWpTcxdv7dWP60S2FsydQLV8V5PbS3FifjWFFRiHSWpDJahly88PRyV5teTSLoq4eG7mKw=="; }; }; "undefsafe-2.0.3" = { @@ -5183,18 +5309,18 @@ let }; in { - "matrix-appservice-irc-git+https://github.com/matrix-org/matrix-appservice-irc.git#0.26.0" = nodeEnv.buildNodePackage { + "matrix-appservice-irc-git+https://github.com/matrix-org/matrix-appservice-irc.git#0.26.1" = nodeEnv.buildNodePackage { name = "matrix-appservice-irc"; packageName = "matrix-appservice-irc"; - version = "0.26.0"; + version = "0.26.1"; src = fetchgit { url = "https://github.com/matrix-org/matrix-appservice-irc.git"; - rev = "6117f33202e616f6c9dffae0543c8044213100fb"; - sha256 = "98c049b895b1b4102fe43f5b5f5a0b2d650d56064e64b03f56defb55df3fbb96"; + rev = "4edab6f7b02e0f08e7c3b24f72441be25b30b5b8"; + sha256 = "3715ba3e80d79cea98ceb108e1df87b4d864d4f9149f147df0f3b78c691f00d6"; }; dependencies = [ sources."@babel/code-frame-7.12.11" - (sources."@babel/generator-7.14.2" // { + (sources."@babel/generator-7.14.3" // { dependencies = [ sources."source-map-0.5.7" ]; @@ -5214,7 +5340,7 @@ in sources."supports-color-5.5.0" ]; }) - sources."@babel/parser-7.14.2" + sources."@babel/parser-7.14.4" sources."@babel/runtime-7.14.0" (sources."@babel/template-7.12.13" // { dependencies = [ @@ -5227,18 +5353,17 @@ in sources."globals-11.12.0" ]; }) - sources."@babel/types-7.14.2" + sources."@babel/types-7.14.4" sources."@dabh/diagnostics-2.0.2" - (sources."@eslint/eslintrc-0.4.1" // { + (sources."@eslint/eslintrc-0.4.2" // { dependencies = [ - sources."globals-12.4.0" sources."ignore-4.0.6" sources."strip-json-comments-3.1.1" ]; }) - sources."@nodelib/fs.scandir-2.1.4" - sources."@nodelib/fs.stat-2.0.4" - sources."@nodelib/fs.walk-1.2.6" + sources."@nodelib/fs.scandir-2.1.5" + sources."@nodelib/fs.stat-2.0.5" + sources."@nodelib/fs.walk-1.2.7" sources."@sentry/core-5.30.0" sources."@sentry/hub-5.30.0" sources."@sentry/minimal-5.30.0" @@ -5248,42 +5373,47 @@ in sources."@sentry/utils-5.30.0" sources."@sindresorhus/is-0.14.0" sources."@szmarczak/http-timer-1.1.2" - sources."@types/bluebird-3.5.34" + sources."@types/bluebird-3.5.35" sources."@types/body-parser-1.19.0" sources."@types/connect-3.4.34" - sources."@types/express-4.17.11" - sources."@types/express-serve-static-core-4.17.19" + sources."@types/express-4.17.12" + sources."@types/express-serve-static-core-4.17.21" sources."@types/extend-3.0.1" sources."@types/he-1.1.1" sources."@types/json-schema-7.0.7" sources."@types/mime-1.3.2" sources."@types/nedb-1.8.11" - sources."@types/node-15.0.3" + sources."@types/node-15.12.2" sources."@types/nopt-3.0.29" - sources."@types/pg-7.14.11" + sources."@types/pg-8.6.0" sources."@types/qs-6.9.6" sources."@types/range-parser-1.2.3" - sources."@types/sanitize-html-1.27.2" + (sources."@types/sanitize-html-2.3.1" // { + dependencies = [ + sources."domhandler-4.2.0" + sources."htmlparser2-6.1.0" + ]; + }) sources."@types/serve-static-1.13.9" - (sources."@typescript-eslint/eslint-plugin-4.23.0" // { + (sources."@typescript-eslint/eslint-plugin-4.26.1" // { dependencies = [ sources."lru-cache-6.0.0" sources."semver-7.3.5" sources."yallist-4.0.0" ]; }) - sources."@typescript-eslint/experimental-utils-4.23.0" - sources."@typescript-eslint/parser-4.23.0" - sources."@typescript-eslint/scope-manager-4.23.0" - sources."@typescript-eslint/types-4.23.0" - (sources."@typescript-eslint/typescript-estree-4.23.0" // { + sources."@typescript-eslint/experimental-utils-4.26.1" + sources."@typescript-eslint/parser-4.26.1" + sources."@typescript-eslint/scope-manager-4.26.1" + sources."@typescript-eslint/types-4.26.1" + (sources."@typescript-eslint/typescript-estree-4.26.1" // { dependencies = [ sources."lru-cache-6.0.0" sources."semver-7.3.5" sources."yallist-4.0.0" ]; }) - sources."@typescript-eslint/visitor-keys-4.23.0" + sources."@typescript-eslint/visitor-keys-4.26.1" sources."abbrev-1.1.1" sources."accepts-1.3.7" sources."acorn-7.4.1" @@ -5355,6 +5485,7 @@ in sources."camelcase-5.3.1" sources."caseless-0.12.0" sources."chalk-4.1.1" + sources."chardet-1.3.0" sources."chokidar-3.5.1" sources."ci-info-2.0.0" sources."cli-boxes-2.2.1" @@ -5373,6 +5504,7 @@ in sources."color-convert-2.0.1" sources."color-name-1.1.4" sources."color-string-1.5.5" + sources."colorette-1.2.2" sources."colors-1.4.0" sources."colorspace-1.1.2" sources."combined-stream-1.0.8" @@ -5399,6 +5531,7 @@ in sources."decompress-response-3.3.0" sources."deep-extend-0.6.0" sources."deep-is-0.1.3" + sources."deepmerge-4.2.2" sources."default-require-extensions-2.0.0" sources."defer-to-connect-1.1.3" sources."delayed-stream-1.0.0" @@ -5406,14 +5539,14 @@ in sources."destroy-1.0.4" sources."dir-glob-3.0.1" sources."doctrine-3.0.0" - (sources."dom-serializer-1.3.1" // { + (sources."dom-serializer-1.3.2" // { dependencies = [ sources."domhandler-4.2.0" ]; }) sources."domelementtype-2.2.0" sources."domhandler-3.3.0" - (sources."domutils-2.6.0" // { + (sources."domutils-2.7.0" // { dependencies = [ sources."domhandler-4.2.0" ]; @@ -5437,9 +5570,15 @@ in sources."escape-goat-2.1.1" sources."escape-html-1.0.3" sources."escape-string-regexp-2.0.0" - (sources."eslint-7.26.0" // { + (sources."eslint-7.28.0" // { dependencies = [ sources."ansi-regex-5.0.0" + sources."escape-string-regexp-4.0.0" + (sources."eslint-utils-2.1.0" // { + dependencies = [ + sources."eslint-visitor-keys-1.3.0" + ]; + }) sources."ignore-4.0.6" sources."lru-cache-6.0.0" sources."semver-7.3.5" @@ -5449,11 +5588,7 @@ in ]; }) sources."eslint-scope-5.1.1" - (sources."eslint-utils-2.1.0" // { - dependencies = [ - sources."eslint-visitor-keys-1.3.0" - ]; - }) + sources."eslint-utils-3.0.0" sources."eslint-visitor-keys-2.1.0" (sources."espree-7.3.1" // { dependencies = [ @@ -5521,7 +5656,7 @@ in }) sources."forever-agent-0.6.1" sources."form-data-2.3.3" - sources."forwarded-0.1.2" + sources."forwarded-0.2.0" sources."fresh-0.5.2" sources."fs.realpath-1.0.0" sources."fsevents-2.3.2" @@ -5537,7 +5672,7 @@ in sources."glob-parent-5.1.2" sources."glob-to-regexp-0.4.1" sources."global-dirs-2.1.0" - (sources."globals-13.8.0" // { + (sources."globals-13.9.0" // { dependencies = [ sources."type-fest-0.20.2" ]; @@ -5595,6 +5730,7 @@ in sources."is-obj-2.0.0" sources."is-object-1.0.2" sources."is-path-inside-3.0.3" + sources."is-plain-object-5.0.0" sources."is-promise-2.2.2" sources."is-property-1.0.2" sources."is-stream-2.0.0" @@ -5641,6 +5777,7 @@ in sources."jsonpointer-4.1.0" sources."jsprim-1.4.1" sources."keyv-3.1.0" + sources."klona-2.0.4" sources."kuler-2.0.0" sources."latest-version-5.1.0" sources."levn-0.4.1" @@ -5651,6 +5788,7 @@ in sources."lodash-4.17.21" sources."lodash.clonedeep-4.5.0" sources."lodash.flattendeep-4.4.0" + sources."lodash.merge-4.6.2" sources."lodash.truncate-4.4.2" sources."logform-2.2.0" sources."loglevel-1.7.1" @@ -5664,7 +5802,7 @@ in ]; }) sources."matrix-appservice-0.8.0" - (sources."matrix-appservice-bridge-2.6.0" // { + (sources."matrix-appservice-bridge-2.6.1" // { dependencies = [ sources."argparse-2.0.1" sources."extend-3.0.2" @@ -5675,6 +5813,7 @@ in (sources."matrix-bot-sdk-0.4.0" // { dependencies = [ sources."chalk-3.0.0" + sources."sanitize-html-1.27.5" ]; }) (sources."matrix-js-sdk-9.11.0" // { @@ -5683,6 +5822,11 @@ in ]; }) sources."matrix-lastactive-0.1.5" + (sources."matrix-org-irc-1.0.0-alpha4" // { + dependencies = [ + sources."iconv-lite-0.6.3" + ]; + }) sources."media-typer-0.3.0" sources."merge-descriptors-1.0.1" sources."merge-source-map-1.1.0" @@ -5690,8 +5834,8 @@ in sources."methods-1.1.2" sources."micromatch-4.0.4" sources."mime-1.6.0" - sources."mime-db-1.47.0" - sources."mime-types-2.1.30" + sources."mime-db-1.48.0" + sources."mime-types-2.1.31" sources."mimic-response-1.0.1" sources."minimalistic-assert-1.0.1" sources."minimatch-3.0.4" @@ -5708,6 +5852,7 @@ in }) sources."ms-2.1.2" sources."nan-2.14.2" + sources."nanoid-3.1.23" sources."natural-compare-1.4.0" sources."nedb-1.8.0" sources."negotiator-0.6.2" @@ -5723,7 +5868,7 @@ in sources."nopt-3.0.6" sources."normalize-package-data-2.5.0" sources."normalize-path-3.0.0" - sources."normalize-url-4.5.0" + sources."normalize-url-4.5.1" (sources."nyc-14.1.1" // { dependencies = [ sources."make-dir-2.1.0" @@ -5732,7 +5877,7 @@ in ]; }) sources."oauth-sign-0.9.0" - sources."object-hash-2.1.1" + sources."object-hash-2.2.0" sources."object-inspect-1.10.3" sources."on-finished-2.3.0" sources."on-headers-1.0.2" @@ -5762,7 +5907,7 @@ in sources."path-exists-3.0.0" sources."path-is-absolute-1.0.1" sources."path-key-3.1.1" - sources."path-parse-1.0.6" + sources."path-parse-1.0.7" sources."path-to-regexp-0.1.7" sources."path-type-4.0.0" sources."performance-now-2.1.0" @@ -5773,7 +5918,7 @@ in sources."pg-protocol-1.5.0" sources."pg-types-2.2.0" sources."pgpass-1.0.4" - sources."picomatch-2.2.3" + sources."picomatch-2.3.0" sources."pify-3.0.0" sources."pkg-dir-3.0.0" (sources."postcss-7.0.35" // { @@ -5800,7 +5945,7 @@ in sources."process-nextick-args-2.0.1" sources."progress-2.0.3" sources."prom-client-13.1.0" - sources."proxy-addr-2.0.6" + sources."proxy-addr-2.0.7" (sources."proxyquire-1.8.0" // { dependencies = [ sources."resolve-1.1.7" @@ -5852,7 +5997,14 @@ in sources."run-parallel-1.2.0" sources."safe-buffer-5.1.2" sources."safer-buffer-2.1.2" - sources."sanitize-html-1.27.5" + (sources."sanitize-html-2.4.0" // { + dependencies = [ + sources."domhandler-4.2.0" + sources."escape-string-regexp-4.0.0" + sources."htmlparser2-6.1.0" + sources."postcss-8.3.0" + ]; + }) sources."semver-5.7.1" (sources."semver-diff-3.1.1" // { dependencies = [ @@ -5884,6 +6036,7 @@ in ]; }) sources."source-map-0.6.1" + sources."source-map-js-0.6.2" (sources."spawn-wrap-1.4.3" // { dependencies = [ sources."rimraf-2.7.1" @@ -5893,7 +6046,7 @@ in sources."spdx-correct-3.1.1" sources."spdx-exceptions-2.3.0" sources."spdx-expression-parse-3.0.1" - sources."spdx-license-ids-3.0.7" + sources."spdx-license-ids-3.0.9" sources."split2-3.2.2" sources."sprintf-js-1.0.3" sources."sshpk-1.16.1" @@ -5918,9 +6071,9 @@ in sources."strip-bom-3.0.0" sources."strip-json-comments-2.0.1" sources."supports-color-7.2.0" - (sources."table-6.7.0" // { + (sources."table-6.7.1" // { dependencies = [ - sources."ajv-8.3.0" + sources."ajv-8.6.0" sources."ansi-regex-5.0.0" sources."json-schema-traverse-1.0.0" sources."strip-ansi-6.0.0" @@ -5950,7 +6103,7 @@ in sources."type-fest-0.8.1" sources."type-is-1.6.18" sources."typedarray-to-buffer-3.1.5" - sources."typescript-4.2.4" + sources."typescript-4.3.2" (sources."undefsafe-2.0.3" // { dependencies = [ sources."debug-2.6.9" diff --git a/pkgs/servers/matrix-synapse/matrix-appservice-irc/package.json b/pkgs/servers/matrix-synapse/matrix-appservice-irc/package.json index 0e6da99fdfe..ae1326275a2 100644 --- a/pkgs/servers/matrix-synapse/matrix-appservice-irc/package.json +++ b/pkgs/servers/matrix-synapse/matrix-appservice-irc/package.json @@ -1,3 +1,3 @@ [ - {"matrix-appservice-irc": "git+https://github.com/matrix-org/matrix-appservice-irc.git#0.26.0" } + {"matrix-appservice-irc": "git+https://github.com/matrix-org/matrix-appservice-irc.git#0.26.1" } ] From a1446cc63db75aadf0bb1bb156b706d395163e06 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Mon, 31 May 2021 16:09:50 +0100 Subject: [PATCH 031/202] python3Packages.websockets: add patch for CVE-2021-33880 this is a reintroduction of CVE-2018-1000518 which i had been calling CVE-2018-1000518-redux before it got its own CVE assigned (cherry picked from commit aba83e7f878d6c48e781a3934a79f98b072bb659) (yes, a forward cherry-pick because i fully expected the websockets 9.1 to make it into 21.05) --- pkgs/development/python-modules/websockets/default.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/pkgs/development/python-modules/websockets/default.nix b/pkgs/development/python-modules/websockets/default.nix index eeb12bd5b75..c979b97be69 100644 --- a/pkgs/development/python-modules/websockets/default.nix +++ b/pkgs/development/python-modules/websockets/default.nix @@ -1,5 +1,6 @@ { lib , fetchFromGitHub +, fetchpatch , buildPythonPackage , pythonOlder , pytest @@ -17,6 +18,15 @@ buildPythonPackage rec { sha256 = "05jbqcbjg50ydwl0fijhdlqcq7fl6v99kjva66kmmzzza7vwa872"; }; + patches = [ + (fetchpatch { + name = "CVE-2021-33880.patch"; + url = "https://github.com/aaugustin/websockets/commit/547a26b685d08cac0aa64e5e65f7867ac0ea9bc0.patch"; + excludes = [ "docs/changelog.rst" ]; + sha256 = "1wgsvza53ga8ldrylb3rqc17yxcrchwsihbq6i6ldpycq83q5akq"; + }) + ]; + disabled = pythonOlder "3.3"; # Tests fail on Darwin with `OSError: AF_UNIX path too long` From 93b972e2bbc29f55852a8be09ffef247a7078512 Mon Sep 17 00:00:00 2001 From: Zane van Iperen Date: Wed, 9 Jun 2021 19:59:20 +1000 Subject: [PATCH 032/202] arc-theme: restore metacity theme Fixes theme usage on MATE. (cherry picked from commit 6aa70348df2073f117ac7de42fb7f957ad3443ab) --- pkgs/data/themes/arc/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/data/themes/arc/default.nix b/pkgs/data/themes/arc/default.nix index 630d928e602..ea2362c0529 100644 --- a/pkgs/data/themes/arc/default.nix +++ b/pkgs/data/themes/arc/default.nix @@ -46,7 +46,7 @@ stdenv.mkDerivation rec { ''; mesonFlags = [ - "-Dthemes=cinnamon,gnome-shell,gtk2,gtk3,plank,xfwm" + "-Dthemes=cinnamon,gnome-shell,gtk2,gtk3,plank,xfwm,metacity" "-Dvariants=light,darker,dark,lighter" "-Dcinnamon_version=${cinnamon.cinnamon-common.version}" "-Dgnome_shell_version=${gnome.gnome-shell.version}" From ed2781ec6020e04442c63e14d860115273d72818 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Thu, 10 Jun 2021 08:28:07 +0200 Subject: [PATCH 033/202] phpPackages.composer: 2.1.2 -> 2.1.3 https://github.com/composer/composer/releases/tag/2.1.3 (cherry picked from commit 2db2aa2b957dd121dbe9fdb743fdd2a6c0df8586) --- pkgs/development/php-packages/composer/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/php-packages/composer/default.nix b/pkgs/development/php-packages/composer/default.nix index 23efc987a38..ff7aead0f90 100644 --- a/pkgs/development/php-packages/composer/default.nix +++ b/pkgs/development/php-packages/composer/default.nix @@ -1,14 +1,14 @@ { mkDerivation, fetchurl, makeWrapper, unzip, lib, php }: let pname = "composer"; - version = "2.1.2"; + version = "2.1.3"; in mkDerivation { inherit pname version; src = fetchurl { url = "https://getcomposer.org/download/${version}/composer.phar"; - sha256 = "0gd4hxkxdds3nxpbcd38chrkijha31p6nygdq3f73mbb984h3v1d"; + sha256 = "04ad2zsnf8qi6hzs9sak6y8xxyx8l0f7crmcimnp7nn8vsc2x9zq"; }; dontUnpack = true; From 450dd077e4c140fb077d1496293ff0dfeb9e5c01 Mon Sep 17 00:00:00 2001 From: OPNA2608 Date: Thu, 10 Jun 2021 09:13:16 +0200 Subject: [PATCH 034/202] palemoon: 29.2.0 -> 29.2.1 (cherry picked from commit dc30d972bbaceb89fe3cd473f708e8071c70294c) --- .../networking/browsers/palemoon/default.nix | 22 ++++++++++++------- 1 file changed, 14 insertions(+), 8 deletions(-) diff --git a/pkgs/applications/networking/browsers/palemoon/default.nix b/pkgs/applications/networking/browsers/palemoon/default.nix index 63f1958f4a6..e1352c9f336 100644 --- a/pkgs/applications/networking/browsers/palemoon/default.nix +++ b/pkgs/applications/networking/browsers/palemoon/default.nix @@ -1,6 +1,3 @@ -# Compiler in stdenv MUST be a supported one for official branding -# See https://developer.palemoon.org/build/linux/ -# TODO assert if stdenv.cc is supported? { stdenv , lib , fetchFromGitHub @@ -37,6 +34,15 @@ , gtk3 }: +# Only specific GCC versions are supported with branding +# https://developer.palemoon.org/build/linux/ +assert stdenv.cc.isGNU; +assert with lib.strings; ( + versionAtLeast stdenv.cc.version "4.9" + && !hasPrefix "6" stdenv.cc.version + && versionOlder stdenv.cc.version "11" +); + let libPath = lib.makeLibraryPath [ ffmpeg @@ -46,14 +52,14 @@ let in stdenv.mkDerivation rec { pname = "palemoon"; - version = "29.2.0"; + version = "29.2.1"; src = fetchFromGitHub { githubBase = "repo.palemoon.org"; owner = "MoonchildProductions"; repo = "Pale-Moon"; rev = "${version}_Release"; - sha256 = "0pa9j41bbfarwi60a6hxi5vpn52mwgr4p05l98acv4fcs1ccb427"; + sha256 = "0djjl79jrnny16p32db5w7pwwv0a24dc8mg1s1bnavhlvmmk52vq"; fetchSubmodules = true; }; @@ -142,7 +148,6 @@ stdenv.mkDerivation rec { ac_add_options --enable-jemalloc ac_add_options --enable-strip ac_add_options --enable-devtools - # Missing from build instructions, https://forum.palemoon.org/viewtopic.php?f=5&t=25843#p214767 ac_add_options --enable-av1 ac_add_options --disable-eme @@ -188,7 +193,7 @@ stdenv.mkDerivation rec { ./mach install # Fix missing icon due to wrong WMClass - # TODO report upstream + # https://forum.palemoon.org/viewtopic.php?f=3&t=26746&p=214221#p214221 substituteInPlace ./palemoon/branding/official/palemoon.desktop \ --replace 'StartupWMClass="pale moon"' 'StartupWMClass=Pale moon' desktop-file-install --dir=$out/share/applications \ @@ -202,7 +207,7 @@ stdenv.mkDerivation rec { done # Remove unneeded SDK data from installation - # TODO: move to a separate output? + # https://forum.palemoon.org/viewtopic.php?f=37&t=26796&p=214676#p214729 rm -rf $out/{include,share/idl,lib/palemoon-devel-${version}} runHook postInstall @@ -231,6 +236,7 @@ stdenv.mkDerivation rec { extensions and themes to make the browser truly your own. ''; homepage = "https://www.palemoon.org/"; + changelog = "https://repo.palemoon.org/MoonchildProductions/Pale-Moon/releases/tag/${version}_Release"; license = licenses.mpl20; maintainers = with maintainers; [ AndersonTorres OPNA2608 ]; platforms = [ "i686-linux" "x86_64-linux" ]; From 313740d907cf6383f6f97543757f9fccf7ebb840 Mon Sep 17 00:00:00 2001 From: Stig Brautaset Date: Wed, 9 Jun 2021 10:03:12 +0100 Subject: [PATCH 035/202] aws-iam-authenticator: 0.5.2 -> 0.5.3 I had to work around inconsistent vendoring; see https://github.com/kubernetes-sigs/aws-iam-authenticator/issues/377 (cherry picked from commit 38e40a73fe3787728c4e2ded6bc2483fb81838df) --- pkgs/tools/security/aws-iam-authenticator/default.nix | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/pkgs/tools/security/aws-iam-authenticator/default.nix b/pkgs/tools/security/aws-iam-authenticator/default.nix index f0eda76821d..d9f4f4a0173 100644 --- a/pkgs/tools/security/aws-iam-authenticator/default.nix +++ b/pkgs/tools/security/aws-iam-authenticator/default.nix @@ -2,16 +2,18 @@ buildGoModule rec { pname = "aws-iam-authenticator"; - version = "0.5.2"; + version = "0.5.3"; src = fetchFromGitHub { owner = "kubernetes-sigs"; repo = pname; rev = "v${version}"; - sha256 = "1xfc3a0dik4930va30sbl6687v6i5irv96fwis9lrqh5rjqnblqp"; + sha256 = "0ga3vf5gn7533iqnxn7kchb6xg5wvk92livlqzkhi5qvqhl1sbw0"; }; - vendorSha256 = null; + # Upstream has inconsistent vendoring, see https://github.com/kubernetes-sigs/aws-iam-authenticator/issues/377 + deleteVendor = true; + vendorSha256 = "+Z8sENIMWXP29Piwb/W6i7UdNXVq6ZnO7AZbSaUYCME="; buildFlagsArray = [ "-ldflags=-s -w -X main.version=v${version}" ]; From 02dc0c404eb0c226481ce778cd428dbd6d037d5f Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sun, 23 May 2021 06:31:16 +0000 Subject: [PATCH 036/202] bemenu: 0.6.0 -> 0.6.1 (cherry picked from commit 4e8c42184f98731fbb564ade4184a4fdffe0f348) --- pkgs/applications/misc/bemenu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/bemenu/default.nix b/pkgs/applications/misc/bemenu/default.nix index c61b8b60101..eaad132de92 100644 --- a/pkgs/applications/misc/bemenu/default.nix +++ b/pkgs/applications/misc/bemenu/default.nix @@ -11,13 +11,13 @@ assert x11Support -> xorg != null; stdenv.mkDerivation rec { pname = "bemenu"; - version = "0.6.0"; + version = "0.6.1"; src = fetchFromGitHub { owner = "Cloudef"; repo = pname; rev = version; - sha256 = "sha256-yhUc1r7HulOUQvH7fLXaoJa0mKxJwyC3y59pnJcHUpk="; + sha256 = "sha256-UdsfIXlKfXmsrFwrerX1wfne4mdtd69WXnXu3EmxCBY="; }; nativeBuildInputs = [ pkg-config pcre ]; From cd90d41ea47f0c45cd171cc22a778f9876259420 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 9 Jun 2021 02:28:20 +0000 Subject: [PATCH 037/202] bemenu: 0.6.1 -> 0.6.2 (cherry picked from commit 11925bdc3244ae4f1c0d18e5a0b9ddc55d9ab562) --- pkgs/applications/misc/bemenu/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/misc/bemenu/default.nix b/pkgs/applications/misc/bemenu/default.nix index eaad132de92..371bb3a3ef9 100644 --- a/pkgs/applications/misc/bemenu/default.nix +++ b/pkgs/applications/misc/bemenu/default.nix @@ -11,13 +11,13 @@ assert x11Support -> xorg != null; stdenv.mkDerivation rec { pname = "bemenu"; - version = "0.6.1"; + version = "0.6.2"; src = fetchFromGitHub { owner = "Cloudef"; repo = pname; rev = version; - sha256 = "sha256-UdsfIXlKfXmsrFwrerX1wfne4mdtd69WXnXu3EmxCBY="; + sha256 = "sha256-2xmi/Mh5iU50yc2R1x1yzP8Xaz+mUgLnH73tAeLwxI8="; }; nativeBuildInputs = [ pkg-config pcre ]; From 98614ed9c6d82c4be82d8438778b433ea7a88f62 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Thu, 10 Jun 2021 04:20:00 +0000 Subject: [PATCH 038/202] tmux: 3.2 -> 3.2a (cherry picked from commit a192797f61e149864de36144541ce73f0f2d70a8) --- pkgs/tools/misc/tmux/default.nix | 14 ++------------ 1 file changed, 2 insertions(+), 12 deletions(-) diff --git a/pkgs/tools/misc/tmux/default.nix b/pkgs/tools/misc/tmux/default.nix index 629cf548c26..c76912e3c90 100644 --- a/pkgs/tools/misc/tmux/default.nix +++ b/pkgs/tools/misc/tmux/default.nix @@ -1,6 +1,5 @@ { lib, stdenv , fetchFromGitHub -, fetchpatch , autoreconfHook , pkg-config , bison @@ -21,7 +20,7 @@ in stdenv.mkDerivation rec { pname = "tmux"; - version = "3.2"; + version = "3.2a"; outputs = [ "out" "man" ]; @@ -29,18 +28,9 @@ stdenv.mkDerivation rec { owner = "tmux"; repo = "tmux"; rev = version; - sha256 = "0alq81h1rz1f0zsy8qb2dvsl47axpa86j4bplngwkph0ksqqgr3p"; + sha256 = "0143ylfk7zsl3xmiasb768238gr582cfhsgv3p0h0f13bp8d6q09"; }; - patches = [ - # Fix cross-compilation - # https://github.com/tmux/tmux/pull/2651 - (fetchpatch { - url = "https://github.com/tmux/tmux/commit/bb6242675ad0c7447daef148fffced882e5b4a61.patch"; - sha256 = "1acr3xv3gqpq7qa2f8hw7c4f42hi444lfm1bz6wqj8f3yi320zjr"; - }) - ]; - nativeBuildInputs = [ pkg-config autoreconfHook From 8b1de204e5b272e93e4b6c912ae6a21d61cd89ab Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Wed, 9 Jun 2021 10:42:09 +0200 Subject: [PATCH 039/202] vorta: 0.7.5 -> 0.7.6 ChangeLog: https://github.com/borgbase/vorta/releases/tag/v0.7.6 (cherry picked from commit 7e6776d373e613566f61eccc0be86b1a8f43af8c) --- pkgs/applications/backup/vorta/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/backup/vorta/default.nix b/pkgs/applications/backup/vorta/default.nix index fc56d6c5400..4cb21e5267d 100644 --- a/pkgs/applications/backup/vorta/default.nix +++ b/pkgs/applications/backup/vorta/default.nix @@ -7,13 +7,13 @@ python3.pkgs.buildPythonApplication rec { pname = "vorta"; - version = "0.7.5"; + version = "0.7.6"; src = fetchFromGitHub { owner = "borgbase"; repo = "vorta"; rev = "v${version}"; - sha256 = "sha256-qPO8qmXYDDFwV+8hAUyfF4Ins0vkwEJbw4JPguUSYOw="; + sha256 = "sha256-bzhabRVgl1eLTS4KtFkn4xw2KDTZJyFU6zCJdHW5IGE="; }; postPatch = '' From 180983e6efe180d08f13eab7702d1bc90ff657af Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 25 May 2021 11:21:14 +0200 Subject: [PATCH 040/202] chromiumBeta: 91.0.4472.69 -> 91.0.4472.77 (cherry picked from commit b6f54db787c056ead0d4bd46697d0251adb3141c) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index ab0afd9b54e..c810674fc9d 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -18,9 +18,9 @@ } }, "beta": { - "version": "91.0.4472.69", - "sha256": "0yqc7py5x48wqg5x90j57vp07qfc20w1j0f30rmyxbgl6v346s0z", - "sha256bin64": "1z82i6pq4wbx44d6ij32dkappywdpaxlfp23kl3p7x4x9hv1c0yq", + "version": "91.0.4472.77", + "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", + "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0", "deps": { "gn": { "version": "2021-04-06", From ddde2dd1d20c85159a2ec7adb265a9a28af65939 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 27 May 2021 11:45:06 +0200 Subject: [PATCH 041/202] chromiumDev: 92.0.4512.4 -> 92.0.4515.20 (cherry picked from commit 136addaa6e924e642669a925a323475a2d0c207e) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index c810674fc9d..995e4c9be61 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4512.4", - "sha256": "0ycwr11bz2hlzczs6cajxn5k32m44ndhmqh86iykcbi982dj7jq2", - "sha256bin64": "0wv29rghcbin725qbl8cq20j8w5mlcjmjaqdcr73m753dv3jv8rq", + "version": "92.0.4515.20", + "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac", + "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05", "deps": { "gn": { "version": "2021-05-07", From c92cc2463d59ce03157e64fc0f8e9ee4bc625fc0 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 2 Jun 2021 12:09:52 +0200 Subject: [PATCH 042/202] chromiumDev: 92.0.4515.20 -> 92.0.4515.40 (cherry picked from commit cf6496e72bb1c698c3a1516ab6b4ed0cde516cbc) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 995e4c9be61..51674fd7941 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4515.20", - "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac", - "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05", + "version": "92.0.4515.40", + "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", + "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx", "deps": { "gn": { "version": "2021-05-07", From b60b15b4101b3fed5b1acf8995f4c17cd3cdddbc Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 4 Jun 2021 11:51:01 +0200 Subject: [PATCH 043/202] chromiumBeta: 91.0.4472.77 -> 92.0.4515.40 (cherry picked from commit c6890330f5bb19cf561bf9e0dfc8119766be5aed) --- .../networking/browsers/chromium/upstream-info.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 51674fd7941..c66d89d4bb4 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -18,15 +18,15 @@ } }, "beta": { - "version": "91.0.4472.77", - "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", - "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0", + "version": "92.0.4515.40", + "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", + "sha256bin64": "0i3plysx51n2gsm5vbf9666rz73pqbbns7v09wznbbncvw9zngrf", "deps": { "gn": { - "version": "2021-04-06", + "version": "2021-05-07", "url": "https://gn.googlesource.com/gn", - "rev": "dba01723a441c358d843a575cb7720d54ddcdf92", - "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x" + "rev": "39a87c0b36310bdf06b692c098f199a0d97fc810", + "sha256": "0x63jr5hssm9dl6la4q5ahy669k4gxvbapqxi5w32vv107jrj8v4" } } }, From c15df2350d5e0d0b07339063bf040ab8d837189e Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 4 Jun 2021 11:51:10 +0200 Subject: [PATCH 044/202] chromiumDev: 92.0.4515.40 -> 93.0.4530.5 (cherry picked from commit 2c9e2b68753d89764e7ad9a47374ad541130ba84) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index c66d89d4bb4..9762bcbbe9d 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "92.0.4515.40", - "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p", - "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx", + "version": "93.0.4530.5", + "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5", + "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25", "deps": { "gn": { "version": "2021-05-07", From 146ff19f4f9dc3d645bd14f6411760c8a1c9e6ba Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 8 Jun 2021 20:32:02 +0200 Subject: [PATCH 045/202] chromiumDev: 93.0.4530.5 -> 93.0.4535.3 (cherry picked from commit 5915f689b452816381e9f4e8d9cbf32ece20f467) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 9762bcbbe9d..be7a84576b3 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -31,9 +31,9 @@ } }, "dev": { - "version": "93.0.4530.5", - "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5", - "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25", + "version": "93.0.4535.3", + "sha256": "19iy4p59n0pg9s39g614y4yxh5f6h86bcp471qdnm6fvzmzcxd18", + "sha256bin64": "16q9s8l20bmr2n0y3pi505l5hbhbmpi8kh47aylj5gzk1nr30a8r", "deps": { "gn": { "version": "2021-05-07", From b6a71637a94c85a319342830c1002e2f27e48b8a Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 8 Jun 2021 21:12:07 +0200 Subject: [PATCH 046/202] chromiumDev: Revert a patch to fix the build with LLVM 12 The build was failing with: clang++: error: unknown argument: '-fsanitize-ignorelist=../../tools/cfi/ignores.txt' (cherry picked from commit 950b321244d541e3c4d05bb163912d53c6c063df) --- .../networking/browsers/chromium/common.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index 7e95da747d1..57cac091912 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -54,9 +54,9 @@ let # source tree. extraAttrs = buildFun base; - githubPatch = commit: sha256: fetchpatch { + githubPatch = { commit, sha256, revert ? false }: fetchpatch { url = "https://github.com/chromium/chromium/commit/${commit}.patch"; - inherit sha256; + inherit sha256 revert; }; mkGnFlags = @@ -166,6 +166,14 @@ let # Fix the build by adding a missing dependency (s. https://crbug.com/1197837): ./patches/fix-missing-atspi2-dependency.patch ./patches/closure_compiler-Use-the-Java-binary-from-the-system.patch + ] ++ lib.optionals (chromiumVersionAtLeast "93") [ + # We need to revert this patch to build M93 with LLVM 12. + (githubPatch { + # Reland "Replace 'blacklist' with 'ignorelist' in ./tools/msan/." + commit = "9d080c0934b848ee4a05013c78641e612fcc1e03"; + sha256 = "1bxdhxmiy6h4acq26lq43x2mxx6rawmfmlgsh5j7w8kyhkw5af0c"; + revert = true; + }) ]; postPatch = '' From ede696c79d4b08469c4b8382aaf3cf66f43a9e9e Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 10 Jun 2021 08:43:28 +0200 Subject: [PATCH 047/202] chromium: 91.0.4472.77 -> 91.0.4472.101 https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html This update includes 14 security fixes. Google is aware that an exploit for CVE-2021-30551 exists in the wild. CVEs: CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547 CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551 CVE-2021-30552 CVE-2021-30553 (cherry picked from commit 053f1dc49028f8f438506b187739d80d83984c16) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index be7a84576b3..5d888fc0649 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -1,8 +1,8 @@ { "stable": { - "version": "91.0.4472.77", - "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", - "sha256bin64": "0caf47xam5igdnbhipal1iyicnxxvadhi61k199rwysrvyv5sdad", + "version": "91.0.4472.101", + "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q", + "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1", "deps": { "gn": { "version": "2021-04-06", From 06924553df21db17af0dfcf92e4d3f48fccd2802 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Thu, 10 Jun 2021 12:00:34 +0200 Subject: [PATCH 048/202] chromium: get-commit-message.py: Support a new 0-day sentence The current stable release announcement [0] uses a slightly different message/structure. [0]: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html (cherry picked from commit c02ac479ba55d802d6232cdb743f5228984e2ff9) --- .../networking/browsers/chromium/get-commit-message.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/chromium/get-commit-message.py b/pkgs/applications/networking/browsers/chromium/get-commit-message.py index e14e3642643..2768e31bd03 100755 --- a/pkgs/applications/networking/browsers/chromium/get-commit-message.py +++ b/pkgs/applications/networking/browsers/chromium/get-commit-message.py @@ -27,7 +27,7 @@ for entry in feed.entries: print('\n' + url) if fixes := re.search(r'This update includes .+ security fixes\.', content): fixes = html_tags.sub('', fixes.group(0)) - zero_days = re.search(r'Google is aware of reports that .+ in the wild\.', content) + zero_days = re.search(r'Google is aware( of reports)? that .+ in the wild\.', content) if zero_days: fixes += " " + zero_days.group(0) print('\n' + '\n'.join(textwrap.wrap(fixes, width=72))) From 0312d6fcf77da218db48b202a0de6f7390f7eb31 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 9 Jun 2021 11:53:22 +0200 Subject: [PATCH 049/202] chromiumDev: Install crashpad_handler This executable is required to fix a startup error: [990:990:0609/092114.482805:FATAL:double_fork_and_exec.cc(131)] execv /nix/store/k02xhxzn6sn2cihaal68wwsyk8cg9pkg-chromium-unwrapped-93.0.4535.3/libexec/chromium/crashpad_handler: No such file or directory (2) Unfortunately Chromium M93 still segfaults in the VM test: machine # [0610/100626.225850:ERROR:process_memory_range.cc(75)] read out of range machine # [0610/100626.227312:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2) machine # [0610/100626.240410:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2) machine # [ 19.810981] systemd-coredump[1015]: Process 987 (chromium) of user 1000 dumped core. (cherry picked from commit 1d6a0d3cf24f2edcf6755fd4db1901f9e1db1ac6) --- pkgs/applications/networking/browsers/chromium/browser.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix index dcac873b849..cc443764447 100644 --- a/pkgs/applications/networking/browsers/chromium/browser.nix +++ b/pkgs/applications/networking/browsers/chromium/browser.nix @@ -62,6 +62,8 @@ mkChromiumDerivation (base: rec { -e '/\[Desktop Entry\]/a\' \ -e 'StartupWMClass=chromium-browser' \ $out/share/applications/chromium-browser.desktop + '' + lib.optionalString (channel == "dev") '' + cp -v "$buildPath/crashpad_handler" "$libExecPath/" ''; passthru = { inherit sandboxExecutableName; }; From e7928186d996d4427e83ce313930d4cf58b7a5f5 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Wed, 9 Jun 2021 04:00:20 +0000 Subject: [PATCH 050/202] deno: 1.10.3 -> 1.11.0 (cherry picked from commit c374fd03ffd37d400c6bad69a4cd386749df803b) --- pkgs/development/web/deno/default.nix | 6 +++--- pkgs/development/web/deno/librusty_v8.nix | 10 +++++----- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/pkgs/development/web/deno/default.nix b/pkgs/development/web/deno/default.nix index 08c69dde399..dee8ad0c9b8 100644 --- a/pkgs/development/web/deno/default.nix +++ b/pkgs/development/web/deno/default.nix @@ -17,15 +17,15 @@ rustPlatform.buildRustPackage rec { pname = "deno"; - version = "1.10.3"; + version = "1.11.0"; src = fetchFromGitHub { owner = "denoland"; repo = pname; rev = "v${version}"; - sha256 = "sha256-25FfxGtPZ+KQCmXur6pwrb1l/xjCWgw69CMLPihnhAU="; + sha256 = "sha256-rsQ9MdMgYPqnLzMfW4rwDpx5QKVDm6TMCCHqJzvTpjw="; }; - cargoSha256 = "sha256-CopfdjafWAhpbrdYSHJjKHKCLw94TSaiSAH4CVFOHi8="; + cargoSha256 = "sha256-nKbc73bEKb0XzuBZApu21E1OzkgU9sqbCaaWhUMiWdQ="; # Install completions post-install nativeBuildInputs = [ installShellFiles ]; diff --git a/pkgs/development/web/deno/librusty_v8.nix b/pkgs/development/web/deno/librusty_v8.nix index 8ae163f2c90..6ae0de15c77 100644 --- a/pkgs/development/web/deno/librusty_v8.nix +++ b/pkgs/development/web/deno/librusty_v8.nix @@ -11,11 +11,11 @@ let }; in fetch_librusty_v8 { - version = "0.22.2"; + version = "0.22.3"; shas = { - x86_64-linux = "sha256-bLGSt9a+drzXMy64iiERFHfdDsIR2YqwwNlkpzIM07Q="; - aarch64-linux = "sha256-MtCB7XaFho+a64fidPO88URIq7X9HvGqN5a9hzuCX4s="; - x86_64-darwin = "sha256-aLeZ0cIdmQHDxSGPx6IBwweZWwDI/m/1kFQTC7dQ3bs="; - aarch64-darwin = "sha256-SZGx/kRvp88mfMqDX+d4GNDs4t+P383kjnNPqwkqkHI="; + x86_64-linux = "sha256-RS1fUuTm6zhln67ank6Sit9nhGyKij1UsJ77ezffCh8="; + aarch64-linux = "sha256-E7SSFYODO8diPmEvpJyzAcltrh7YUXhWlqsRytFRmtA="; + x86_64-darwin = "sha256-29XTC7RoUDNJq46WkLCQT1vCuv4dzBrp8no6vVCsQ2g="; + aarch64-darwin = "sha256-UZHhKUjWQGklH26z2Kc2J7VwlV83LWl5n3YZt5ryKrY="; }; } From c764b9f94611c90f96bb29ded52b50d9a6b3f272 Mon Sep 17 00:00:00 2001 From: Chuck Date: Thu, 10 Jun 2021 10:27:14 -0700 Subject: [PATCH 051/202] nixos-rebuild: Pass flakes flags when doing local flakes build (cherry picked from commit 1c80856545fd1234ba84b8981d26ca8e786376c2) --- pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 087afb5b6a6..2b94f18f538 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -216,7 +216,7 @@ nixBuild() { nixFlakeBuild() { if [ -z "$buildHost" ]; then - nix build "$@" --out-link "${tmpDir}/result" + nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result" readlink -f "${tmpDir}/result" else local attr="$1" From 8d292bd4f7a2ec9b0a18b7fba72258ae2fcf9ef9 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Wed, 9 Jun 2021 23:52:22 +0000 Subject: [PATCH 052/202] apacheHttpd: 2.4.47 -> 2.4.48 (cherry picked from commit 8da3370dbd62379bbc14fc57ba04a10f7456690f) --- pkgs/servers/http/apache-httpd/2.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/http/apache-httpd/2.4.nix b/pkgs/servers/http/apache-httpd/2.4.nix index 3fff2ac9fce..a8caf1da17b 100644 --- a/pkgs/servers/http/apache-httpd/2.4.nix +++ b/pkgs/servers/http/apache-httpd/2.4.nix @@ -17,12 +17,12 @@ assert ldapSupport -> aprutil.ldapSupport && openldap != null; assert http2Support -> nghttp2 != null; stdenv.mkDerivation rec { - version = "2.4.47"; + version = "2.4.48"; pname = "apache-httpd"; src = fetchurl { url = "mirror://apache/httpd/httpd-${version}.tar.bz2"; - sha256 = "sha256-I9AG28jleBFqETj6RX7qgkBIRY6JyECHIZ8DcogMA8o="; + sha256 = "0v4npxnvih5mlxx6dywwhhfs8xvgcckc0hxzwk3hi0g8nbkjdj0v"; }; # FIXME: -dev depends on -doc From 6d9d295e388a78fbafc514cfad1b8a6dc812943f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= Date: Thu, 10 Jun 2021 06:49:33 +0200 Subject: [PATCH 053/202] [Backport release-21.05] x2goclient: unstable-2019-07-24 -> 4.1.2.2, fix #78907 Co-authored-by: Sandro (cherry picked from commit c4100d81bdbfb28f63f326204a4ee19133233a7b) --- .../networking/remote/x2goclient/default.nix | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/pkgs/applications/networking/remote/x2goclient/default.nix b/pkgs/applications/networking/remote/x2goclient/default.nix index 4156c82f91b..d40d8032c29 100644 --- a/pkgs/applications/networking/remote/x2goclient/default.nix +++ b/pkgs/applications/networking/remote/x2goclient/default.nix @@ -1,20 +1,20 @@ -{ lib, fetchgit, cups, libssh, libXpm, nx-libs, openldap, openssh +{ lib, fetchurl, cups, libssh, libXpm, nx-libs, openldap, openssh , mkDerivation, qtbase, qtsvg, qtx11extras, qttools, phonon, pkg-config }: -mkDerivation { +mkDerivation rec { pname = "x2goclient"; - version = "unstable-2019-07-24"; + version = "4.1.2.2"; - src = fetchgit { - url = "git://code.x2go.org/x2goclient.git"; - rev = "704c4ab92d20070dd160824c9b66a6d1c56dcc49"; - sha256 = "1pndp3lfzwifyxqq0gps3p1bwakw06clbk6n8viv020l4bsfmq5f"; + src = fetchurl { + url = "https://code.x2go.org/releases/source/${pname}/${pname}-${version}.tar.gz"; + sha256 = "yZUyZ8QPpnEZrZanO6yx8mYZbaIFnwzc0bjVGZQh0So="; }; buildInputs = [ cups libssh libXpm nx-libs openldap openssh qtbase qtsvg qtx11extras qttools phonon pkg-config ]; postPatch = '' + substituteInPlace src/onmainwindow.cpp --replace "/usr/sbin/sshd" "${openssh}/bin/sshd" substituteInPlace Makefile \ --replace "SHELL=/bin/bash" "SHELL=$SHELL" \ --replace "lrelease-qt4" "${qttools.dev}/bin/lrelease" \ @@ -33,6 +33,7 @@ mkDerivation { meta = with lib; { description = "Graphical NoMachine NX3 remote desktop client"; homepage = "http://x2go.org/"; + maintainers = with maintainers; [ mkg20001 ]; license = licenses.gpl2; platforms = platforms.linux; }; From 40c83d56e0acf2936aff32c89f98a8547618ded3 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:25 +0000 Subject: [PATCH 054/202] linux: 4.14.235 -> 4.14.236 (cherry picked from commit a6d113ad1b17b731972a0550ee14fa333bac2644) --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 7c986259dff..9f40429f0ad 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.235"; + version = "4.14.236"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "03k793hj294zf7jncs1h8zh5dh6xagkfvnydd9jadxvq2z8vvl8f"; + sha256 = "0albmgxj3cb1dvjagj54l0ffa7kwi8brh7bqwj6gvzpylsby5sp4"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_14 ]; From 2cfe71a2434492b33d88fecc7a5fdf556f590d4b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:31 +0000 Subject: [PATCH 055/202] linux: 4.19.193 -> 4.19.194 (cherry picked from commit 89a533e7df2274b173dfa145eb2f224cffc2b606) --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index 3a31ad473cf..e42a1646791 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.193"; + version = "4.19.194"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "17ci49ak5iw01kfkn3fcgncg9hm4j188417bxi3bnsq9il5ymhl4"; + sha256 = "15l80psfgffa756vpjxmjkwjqif2gpx441hpzr473xwryp6bvbma"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_19 ]; From 52f177d27c9eb8c93ff188542b87ab62595403b1 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:38 +0000 Subject: [PATCH 056/202] linux: 4.4.271 -> 4.4.272 (cherry picked from commit a31fb792707b189b3ec4c87e9cf7afdb410db72e) --- pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 9bc01eeff49..4fc2985b586 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.271"; + version = "4.4.272"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0n5h2lv1p542a45pas3pi0vkhgrk096vwrps79a7v3a6c1q2dxx6"; + sha256 = "1ar468ymk96v2pq9x209z2z4wbypppb91jpw8g22aa30pr9aagyi"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_4 ]; From 134c38917ebd47014fef8a41ef0ea4f0cc6b63eb Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:44 +0000 Subject: [PATCH 057/202] linux: 4.9.271 -> 4.9.272 (cherry picked from commit 2961093d9b231fb085d74696d09334b7a1bedbc6) --- pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index 4be4b6fb222..d0cb868f172 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.271"; + version = "4.9.272"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1480miixphkf0b8w00m753ar7yp1rnl3zyr9wp4inngi2f90553r"; + sha256 = "0n0hrszaijdpnbdvd8bvz15m7g268is0zw84w4vaf37418whrgzq"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_9 ]; From a5bfe124f94f966285797d41c32d5020b1ee1626 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:52 +0000 Subject: [PATCH 058/202] linux: 5.10.42 -> 5.10.43 (cherry picked from commit 121dbb96538e04b1e54559a7728a5e4653a52e82) --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index ec7b16f9f3f..50ef93c04b9 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.42"; + version = "5.10.43"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "1r86v6q7ml7zv001f25w3h667nqqy39439s94vnqsyyn7g3jg84b"; + sha256 = "00yl1g6irpwy3sy0d43qvlk7x1gfk4v1dyv460afxy527d1ixf43"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ]; From e7a8f48d6b6e2238e9e062db166774a7904a3a72 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:53:59 +0000 Subject: [PATCH 059/202] linux: 5.12.9 -> 5.12.10 (cherry picked from commit fd44ed986cad429e42cb985a78e847895438e89d) --- pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix index 85a69f0c5ad..6ae39a84891 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.12.9"; + version = "5.12.10"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0vg71h8r90fl01a8khyf1776y76rgqisxafky89cswa2fpsvxyn7"; + sha256 = "03v3wzpbxb78gf4wsnc5wv6683g439cm2bzcjj4q657dagy9km68"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ]; From 0bfc50ac949bc53a918b5c48a3decab7f1b47e47 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:06 +0000 Subject: [PATCH 060/202] linux: 5.4.124 -> 5.4.125 (cherry picked from commit 7cf65d0f4a9a1200bdc2dd2d63b572dfb8350db6) --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 4cf7c2bfafd..94d5f6bd3ff 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.124"; + version = "5.4.125"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "10kxa1ng9w9xd2d5xh48fbhp1kri650p90nihrcpnb845gd9vwpp"; + sha256 = "0g73xfkmj4sahrk7gx72hm2i4m98gqghswqyf8yqh77b9857bvhp"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ]; From 2eff1ca451f508c22c9d71cd661bf377ea6b170b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:19 +0000 Subject: [PATCH 061/202] linux/hardened/patches/4.14: 4.14.235-hardened1 -> 4.14.236-hardened1 (cherry picked from commit e77f16cbcb80456b3874b649ddf35bd6183e4b43) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index bb668a6e904..f89b85df169 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,9 +1,9 @@ { "4.14": { "extra": "-hardened1", - "name": "linux-hardened-4.14.235-hardened1.patch", - "sha256": "0m49pg27pnp6kwkbawg0fw3lzm5nchqjhqkfgprckwgb9v5bgbcc", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.235-hardened1/linux-hardened-4.14.235-hardened1.patch" + "name": "linux-hardened-4.14.236-hardened1.patch", + "sha256": "08wnc1acx8fnnrpaz5hxw9gakgk7qxf3kq1pycljl7396dnsy6xg", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.236-hardened1/linux-hardened-4.14.236-hardened1.patch" }, "4.19": { "extra": "-hardened1", From e08fc97b070835629a55fddc29238207f7e15ab8 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:21 +0000 Subject: [PATCH 062/202] linux/hardened/patches/4.19: 4.19.193-hardened1 -> 4.19.194-hardened1 (cherry picked from commit 940bf55cab197e373102be460d6d7fd737fbd8e3) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f89b85df169..e979734646f 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -7,9 +7,9 @@ }, "4.19": { "extra": "-hardened1", - "name": "linux-hardened-4.19.193-hardened1.patch", - "sha256": "0r2rxl08x2l1yimaqksrc79s36rnp77xm5in9cvp7ff24y9r9g0j", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.193-hardened1/linux-hardened-4.19.193-hardened1.patch" + "name": "linux-hardened-4.19.194-hardened1.patch", + "sha256": "102w5algxybffy5176zzgz7knafpdc0lp9y5wjdrf6yr65l4j5rj", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.194-hardened1/linux-hardened-4.19.194-hardened1.patch" }, "5.10": { "extra": "-hardened1", From 6d28511e7ff6873be890741c787a216a16833763 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:22 +0000 Subject: [PATCH 063/202] linux/hardened/patches/5.10: 5.10.42-hardened1 -> 5.10.43-hardened1 (cherry picked from commit 0879f36d2b5269d1ca097761601c5b7f26c2e3d7) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index e979734646f..47239feac4d 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -13,9 +13,9 @@ }, "5.10": { "extra": "-hardened1", - "name": "linux-hardened-5.10.42-hardened1.patch", - "sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch" + "name": "linux-hardened-5.10.43-hardened1.patch", + "sha256": "0hx2g4brpk32phiin96w4kgsbibrcb69a22p0rsqcanxl76v48sz", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.43-hardened1/linux-hardened-5.10.43-hardened1.patch" }, "5.12": { "extra": "-hardened1", From a4b317973223dbae2119a9dae5aac066d9733e9b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:23 +0000 Subject: [PATCH 064/202] linux/hardened/patches/5.12: 5.12.9-hardened1 -> 5.12.10-hardened1 (cherry picked from commit 889319446ce58456ad06165748bf7d302181c3cc) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 47239feac4d..7ef8a027f5f 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -19,9 +19,9 @@ }, "5.12": { "extra": "-hardened1", - "name": "linux-hardened-5.12.9-hardened1.patch", - "sha256": "08ijifhl8sl858ik32ny47h7pq0r160sv55a07igkbhrh60arfqa", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.9-hardened1/linux-hardened-5.12.9-hardened1.patch" + "name": "linux-hardened-5.12.10-hardened1.patch", + "sha256": "0wyw33kg3xih2j19hsff9mapxjll8ad38il74gkcbnhwci0ys1mc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.10-hardened1/linux-hardened-5.12.10-hardened1.patch" }, "5.4": { "extra": "-hardened1", From 01f05483e31a17c41895a810752da88148eed85a Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 10 Jun 2021 20:54:24 +0000 Subject: [PATCH 065/202] linux/hardened/patches/5.4: 5.4.124-hardened1 -> 5.4.125-hardened1 (cherry picked from commit c22128ed44db5b8c2fa0c66ed8a33e1660421739) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 7ef8a027f5f..f9c25f12368 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -25,8 +25,8 @@ }, "5.4": { "extra": "-hardened1", - "name": "linux-hardened-5.4.124-hardened1.patch", - "sha256": "1bn7fa09kzgv6v9d3gl66l8wg6z23chjhk6g219cqb7mfd4m5ykl", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.124-hardened1/linux-hardened-5.4.124-hardened1.patch" + "name": "linux-hardened-5.4.125-hardened1.patch", + "sha256": "1vc6jgiglc4i5my9iw24yw16wi0x1lxkvyb6i619z3k3zh39gm04", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.125-hardened1/linux-hardened-5.4.125-hardened1.patch" } } From c2628780fc5b9836565b41cc104cc9d63ef27720 Mon Sep 17 00:00:00 2001 From: Jan Solanti Date: Wed, 2 Jun 2021 03:16:43 +0300 Subject: [PATCH 066/202] pipewire: 0.3.27 -> 0.3.30 (cherry picked from commit c702cc43213dce2573adb924ab9c67522616aea6) --- .../desktops/pipewire/pipewire.conf.json | 13 +++++- .../pipewire/0080-pipewire-config-dir.patch | 24 +++++----- .../0090-pipewire-config-template-paths.patch | 28 ++++++++++++ .../libraries/pipewire/default.nix | 44 ++++++++++++++----- 4 files changed, 86 insertions(+), 23 deletions(-) create mode 100644 pkgs/development/libraries/pipewire/0090-pipewire-config-template-paths.patch diff --git a/nixos/modules/services/desktops/pipewire/pipewire.conf.json b/nixos/modules/services/desktops/pipewire/pipewire.conf.json index a9330f54f4f..a923ab4db23 100644 --- a/nixos/modules/services/desktops/pipewire/pipewire.conf.json +++ b/nixos/modules/services/desktops/pipewire/pipewire.conf.json @@ -74,7 +74,18 @@ "args": { "factory.name": "support.node.driver", "node.name": "Dummy-Driver", - "priority.driver": 8000 + "node.group": "pipewire.dummy", + "priority.driver": 20000 + } + }, + { + "factory": "spa-node-factory", + "args": { + "factory.name": "support.node.driver", + "node.name": "Freewheel-Driver", + "priority.driver": 19000, + "node.group": "pipewire.freewheel", + "node.freewheel": true } } ], diff --git a/pkgs/development/libraries/pipewire/0080-pipewire-config-dir.patch b/pkgs/development/libraries/pipewire/0080-pipewire-config-dir.patch index b92e2818ea0..b8d8fcb0f90 100644 --- a/pkgs/development/libraries/pipewire/0080-pipewire-config-dir.patch +++ b/pkgs/development/libraries/pipewire/0080-pipewire-config-dir.patch @@ -1,30 +1,30 @@ diff --git a/meson.build b/meson.build -index a27569bd..fcf18344 100644 +index b6b4553b..f21c29d8 100644 --- a/meson.build +++ b/meson.build -@@ -36,7 +36,10 @@ pipewire_libexecdir = prefix / get_option('libexecdir') - pipewire_localedir = prefix / get_option('localedir') +@@ -37,7 +37,10 @@ pipewire_localedir = prefix / get_option('localedir') pipewire_sysconfdir = prefix / get_option('sysconfdir') --pipewire_configdir = pipewire_sysconfdir / 'pipewire' -+pipewire_configdir = get_option('pipewire_config_dir') -+if pipewire_configdir == '' -+ pipewire_configdir = pipewire_sysconfdir / 'pipewire' + pipewire_configdir = pipewire_sysconfdir / 'pipewire' +-pipewire_confdatadir = pipewire_datadir / 'pipewire' ++pipewire_confdatadir = get_option('pipewire_confdata_dir') ++if pipewire_confdatadir == '' ++ pipewire_confdatadir = pipewire_datadir / 'pipewire' +endif modules_install_dir = pipewire_libdir / pipewire_name if host_machine.system() == 'linux' diff --git a/meson_options.txt b/meson_options.txt -index 85beb86a..372e8faa 100644 +index 9bc33fcd..e4bd2dc1 100644 --- a/meson_options.txt +++ b/meson_options.txt -@@ -67,6 +67,9 @@ option('jack-devel', +@@ -61,6 +61,9 @@ option('jack-devel', option('libjack-path', description: 'Where to install the libjack.so library', type: 'string') -+option('pipewire_config_dir', -+ type : 'string', -+ description : 'Directory for pipewire configuration (defaults to /etc/pipewire)') ++option('pipewire_confdata_dir', ++ type: 'string', ++ description: 'Directory for pipewire default configuration (defaults to /usr/share/pipewire)') option('spa-plugins', description: 'Enable spa plugins integration', type: 'feature', diff --git a/pkgs/development/libraries/pipewire/0090-pipewire-config-template-paths.patch b/pkgs/development/libraries/pipewire/0090-pipewire-config-template-paths.patch new file mode 100644 index 00000000000..966cb957977 --- /dev/null +++ b/pkgs/development/libraries/pipewire/0090-pipewire-config-template-paths.patch @@ -0,0 +1,28 @@ +diff --git a/src/daemon/pipewire.conf.in b/src/daemon/pipewire.conf.in +index bbafa134..227d3e06 100644 +--- a/src/daemon/pipewire.conf.in ++++ b/src/daemon/pipewire.conf.in +@@ -116,7 +116,7 @@ context.modules = [ + # access.allowed to list an array of paths of allowed + # apps. + #access.allowed = [ +- # @media_session_path@ ++ # + #] + + # An array of rejected paths. +@@ -220,12 +220,12 @@ context.exec = [ + # but it is better to start it as a systemd service. + # Run the session manager with -h for options. + # +- @comment@{ path = "@media_session_path@" args = "" } ++ @comment@{ path = "" args = "" } + # + # You can optionally start the pulseaudio-server here as well + # but it is better to start it as a systemd service. + # It can be interesting to start another daemon here that listens + # on another address with the -a option (eg. -a tcp:4713). + # +- @comment@{ path = "@pipewire_path@" args = "-c pipewire-pulse.conf" } ++ @comment@{ path = "" args = "-c pipewire-pulse.conf" } + ] diff --git a/pkgs/development/libraries/pipewire/default.nix b/pkgs/development/libraries/pipewire/default.nix index b3e740f39c4..b8fb216e358 100644 --- a/pkgs/development/libraries/pipewire/default.nix +++ b/pkgs/development/libraries/pipewire/default.nix @@ -2,6 +2,7 @@ , lib , fetchFromGitLab , removeReferencesTo +, python3 , meson , ninja , systemd @@ -19,6 +20,7 @@ , SDL2 , vulkan-headers , vulkan-loader +, webrtc-audio-processing , ncurses , makeFontsConf , callPackage @@ -31,6 +33,8 @@ , nativeHfpSupport ? true , ofonoSupport ? true , hsphfpdSupport ? true +, pulseTunnelSupport ? true, libpulseaudio ? null +, zeroconfSupport ? true, avahi ? null }: let @@ -42,7 +46,7 @@ let self = stdenv.mkDerivation rec { pname = "pipewire"; - version = "0.3.27"; + version = "0.3.30"; outputs = [ "out" @@ -60,7 +64,7 @@ let owner = "pipewire"; repo = "pipewire"; rev = version; - sha256 = "sha256-GfcMODQWtcahBvXnZ98/PKIm4pkqLaz09oOy7zQR4IA="; + sha256 = "sha256-DnaPvZoDaegjtJNKBmCJEAZe5FQBnSER79FPnxiWQUE="; }; patches = [ @@ -72,8 +76,10 @@ let ./0055-pipewire-media-session-path.patch # Move installed tests into their own output. ./0070-installed-tests-path.patch - # Add flag to specify configuration directory (different from the installation directory). + # Add option for changing the config install directory ./0080-pipewire-config-dir.patch + # Remove output paths from the comments in the config templates to break dependency cycles + ./0090-pipewire-config-template-paths.patch ]; nativeBuildInputs = [ @@ -82,6 +88,7 @@ let meson ninja pkg-config + python3 ]; buildInputs = [ @@ -94,12 +101,15 @@ let udev vulkan-headers vulkan-loader + webrtc-audio-processing valgrind SDL2 systemd ] ++ lib.optionals gstreamerSupport [ gst_all_1.gst-plugins-base gst_all_1.gstreamer ] ++ lib.optional ffmpegSupport ffmpeg - ++ lib.optionals bluezSupport [ bluez libopenaptx ldacbt sbc fdk_aac ]; + ++ lib.optionals bluezSupport [ bluez libopenaptx ldacbt sbc fdk_aac ] + ++ lib.optional pulseTunnelSupport libpulseaudio + ++ lib.optional zeroconfSupport avahi; mesonFlags = [ "-Ddocs=enabled" @@ -112,6 +122,8 @@ let "-Dmedia-session-prefix=${placeholder "mediaSession"}" "-Dlibjack-path=${placeholder "jack"}/lib" "-Dlibcamera=disabled" + "-Dlibpulse=${mesonEnable pulseTunnelSupport}" + "-Davahi=${mesonEnable zeroconfSupport}" "-Dgstreamer=${mesonEnable gstreamerSupport}" "-Dffmpeg=${mesonEnable ffmpegSupport}" "-Dbluez5=${mesonEnable bluezSupport}" @@ -119,24 +131,35 @@ let "-Dbluez5-backend-hfp-native=${mesonEnable nativeHfpSupport}" "-Dbluez5-backend-ofono=${mesonEnable ofonoSupport}" "-Dbluez5-backend-hsphfpd=${mesonEnable hsphfpdSupport}" - "-Dpipewire_config_dir=/etc/pipewire" + "-Dsysconfdir=/etc" + "-Dpipewire_confdata_dir=${placeholder "lib"}/share/pipewire" ]; FONTCONFIG_FILE = fontsConf; # Fontconfig error: Cannot load default config file doCheck = true; + postUnpack = '' + patchShebangs source/doc/strip-static.sh + patchShebangs source/spa/tests/gen-cpp-test.py + ''; + postInstall = '' - pushd . - cd $out + pushd $lib/share mkdir -p $out/nix-support/etc/pipewire - for f in etc/pipewire/*.conf; do bin/spa-json-dump "$f" > "$out/nix-support/$f.json"; done + for f in pipewire/*.conf; do + echo "Generating JSON from $f" + $out/bin/spa-json-dump "$f" > "$out/nix-support/etc/$f.json" + done mkdir -p $mediaSession/nix-support/etc/pipewire/media-session.d - for f in etc/pipewire/media-session.d/*.conf; do bin/spa-json-dump "$f" > "$mediaSession/nix-support/$f.json"; done + for f in pipewire/media-session.d/*.conf; do + echo "Generating JSON from $f" + $out/bin/spa-json-dump "$f" > "$mediaSession/nix-support/etc/$f.json" + done popd - moveToOutput "etc/pipewire/media-session.d/*.conf" "$mediaSession" + moveToOutput "share/pipewire/media-session.d/*.conf" "$mediaSession" moveToOutput "share/systemd/user/pipewire-media-session.*" "$mediaSession" moveToOutput "lib/systemd/user/pipewire-media-session.*" "$mediaSession" moveToOutput "bin/pipewire-media-session" "$mediaSession" @@ -155,6 +178,7 @@ let test-paths = callPackage ./test-paths.nix { paths-out = [ "share/alsa/alsa.conf.d/50-pipewire.conf" + "nix-support/etc/pipewire/client-rt.conf.json" "nix-support/etc/pipewire/client.conf.json" "nix-support/etc/pipewire/jack.conf.json" "nix-support/etc/pipewire/pipewire.conf.json" From 30457b3fbd28007e9faca38ccf64f0daacbeefbb Mon Sep 17 00:00:00 2001 From: Kerstin Humm Date: Mon, 31 May 2021 21:24:17 +0200 Subject: [PATCH 067/202] imagemagick: 6.9.12-12 -> 6.9.12-14 (cherry picked from commit 99f12af681ebd3369a72580cccddc317841765c5) --- pkgs/applications/graphics/ImageMagick/6.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/graphics/ImageMagick/6.x.nix b/pkgs/applications/graphics/ImageMagick/6.x.nix index 79fdacfaadb..7d345e8dba1 100644 --- a/pkgs/applications/graphics/ImageMagick/6.x.nix +++ b/pkgs/applications/graphics/ImageMagick/6.x.nix @@ -16,13 +16,13 @@ in stdenv.mkDerivation rec { pname = "imagemagick"; - version = "6.9.12-12"; + version = "6.9.12-14"; src = fetchFromGitHub { owner = "ImageMagick"; repo = "ImageMagick6"; rev = version; - sha256 = "sha256-yqMYuayQjPlTqi3+CtwP5CdsAGud/fHR0I2LwUPIq00="; + sha256 = "sha256-RK6N4koHVAqol16QXLFWUgI6N5Rph2QCIHxmDFs3Jfk="; }; outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big From af3e82ab87c6486b58da653c856cb691a64db04c Mon Sep 17 00:00:00 2001 From: Dmitry Kalinkin Date: Thu, 3 Jun 2021 03:08:10 -0400 Subject: [PATCH 068/202] llvmPackages_12.compiler-rt: fix build on darwin ``` /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:617:7: error: use of undeclared identifier 'TARGET_OS_IOS' if (TARGET_OS_IOS || TARGET_OS_TV) return 6; ^ /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:617:24: error: use of undeclared identifier 'TARGET_OS_TV' if (TARGET_OS_IOS || TARGET_OS_TV) return 6; ^ /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:618:7: error: use of undeclared identifier 'TARGET_OS_WATCH' if (TARGET_OS_WATCH) return 13; ^ /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:687:7: error: use of undeclared identifier 'TARGET_OS_IOS' if (TARGET_OS_IOS || TARGET_OS_TV) ^ /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:687:24: error: use of undeclared identifier 'TARGET_OS_TV' if (TARGET_OS_IOS || TARGET_OS_TV) ^ /tmp/nix-build-compiler-rt-libc-12.0.0.drv-0/compiler-rt-12.0.0.src/lib/sanitizer_common/sanitizer_mac.cpp:689:12: error: use of undeclared identifier 'TARGET_OS_WATCH' else if (TARGET_OS_WATCH) ^ 6 errors generated. ``` (cherry picked from commit cf4e1b9e62ab987552eb676f7618ea085f12a751) --- .../darwin-targetconditionals.patch | 71 +++++++++++++++++++ .../compilers/llvm/12/compiler-rt/default.nix | 2 + 2 files changed, 73 insertions(+) create mode 100644 pkgs/development/compilers/llvm/12/compiler-rt/darwin-targetconditionals.patch diff --git a/pkgs/development/compilers/llvm/12/compiler-rt/darwin-targetconditionals.patch b/pkgs/development/compilers/llvm/12/compiler-rt/darwin-targetconditionals.patch new file mode 100644 index 00000000000..425dc2af01e --- /dev/null +++ b/pkgs/development/compilers/llvm/12/compiler-rt/darwin-targetconditionals.patch @@ -0,0 +1,71 @@ +diff --git a/lib/sanitizer_common/sanitizer_mac.cpp b/lib/sanitizer_common/sanitizer_mac.cpp +--- a/lib/sanitizer_common/sanitizer_mac.cpp ++++ b/lib/sanitizer_common/sanitizer_mac.cpp +@@ -613,9 +613,15 @@ HandleSignalMode GetHandleSignalMode(int signum) { + // Offset example: + // XNU 17 -- macOS 10.13 -- iOS 11 -- tvOS 11 -- watchOS 4 + constexpr u16 GetOSMajorKernelOffset() { +- if (TARGET_OS_OSX) return 4; +- if (TARGET_OS_IOS || TARGET_OS_TV) return 6; +- if (TARGET_OS_WATCH) return 13; ++#if TARGET_OS_OSX ++ return 4; ++#endif ++#if TARGET_OS_IOS || TARGET_OS_TV ++ return 6; ++#endif ++#if TARGET_OS_WATCH ++ return 13; ++#endif + } + + using VersStr = char[64]; +@@ -627,13 +633,13 @@ static uptr ApproximateOSVersionViaKernelVersion(VersStr vers) { + u16 os_major = kernel_major - offset; + + const char *format = "%d.0"; +- if (TARGET_OS_OSX) { +- if (os_major >= 16) { // macOS 11+ +- os_major -= 5; +- } else { // macOS 10.15 and below +- format = "10.%d"; +- } ++#if TARGET_OS_OSX ++ if (os_major >= 16) { // macOS 11+ ++ os_major -= 5; ++ } else { // macOS 10.15 and below ++ format = "10.%d"; + } ++#endif + return internal_snprintf(vers, sizeof(VersStr), format, os_major); + } + +@@ -681,15 +687,14 @@ void ParseVersion(const char *vers, u16 *major, u16 *minor) { + // Aligned versions example: + // macOS 10.15 -- iOS 13 -- tvOS 13 -- watchOS 6 + static void MapToMacos(u16 *major, u16 *minor) { +- if (TARGET_OS_OSX) +- return; +- +- if (TARGET_OS_IOS || TARGET_OS_TV) ++#if !TARGET_OS_OSX ++#if TARGET_OS_IOS || TARGET_OS_TV + *major += 2; +- else if (TARGET_OS_WATCH) ++#elif TARGET_OS_WATCH + *major += 9; +- else ++#else + UNREACHABLE("unsupported platform"); ++#endif + + if (*major >= 16) { // macOS 11+ + *major -= 5; +@@ -697,6 +702,7 @@ static void MapToMacos(u16 *major, u16 *minor) { + *minor = *major; + *major = 10; + } ++#endif + } + + static MacosVersion GetMacosAlignedVersionInternal() { diff --git a/pkgs/development/compilers/llvm/12/compiler-rt/default.nix b/pkgs/development/compilers/llvm/12/compiler-rt/default.nix index 895af8f2f02..cde1317ca35 100644 --- a/pkgs/development/compilers/llvm/12/compiler-rt/default.nix +++ b/pkgs/development/compilers/llvm/12/compiler-rt/default.nix @@ -59,6 +59,8 @@ stdenv.mkDerivation { # extra `/`. ./normalize-var.patch ]# ++ lib.optional stdenv.hostPlatform.isMusl ./sanitizers-nongnu.patch + # Prevent a compilation error on darwin + ++ lib.optional stdenv.hostPlatform.isDarwin ./darwin-targetconditionals.patch ++ lib.optional stdenv.hostPlatform.isAarch32 ./armv7l.patch; # TSAN requires XPC on Darwin, which we have no public/free source files for. We can depend on the Apple frameworks From a0fc6a786114f8f1743360d18824feb4c9ff3516 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sun, 9 May 2021 11:48:31 +0200 Subject: [PATCH 069/202] nixos/jenkins-job-builder: add support for folder jobs Add support for folder jobs (https://plugins.jenkins.io/cloudbees-folder/) by reworking the service to support nested jobs. This also fixes this deprecation warning (as a happy side effect): WARNING:jenkins_jobs.cli.subcommand.test:(Deprecated) The default output behavior of `jenkins-jobs test` when given the --output flag will change in JJB 3.0. Instead of writing jobs to OUTPUT/jobname; they will be written to OUTPUT/jobname/config.xml. The new behavior can be enabled by the passing `--config-xml` parameter (cherry picked from commit 4bcb22e17aa8677c6b3fc4625732d4da791a576f) --- .../jenkins/job-builder.nix | 64 +++++++++++++++---- 1 file changed, 50 insertions(+), 14 deletions(-) diff --git a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix index 5d1bfe4ec40..536d394b3fd 100644 --- a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix +++ b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix @@ -165,6 +165,42 @@ in { ''; in '' + joinByString() + { + local separator="$1" + shift + local first="$1" + shift + printf "%s" "$first" "''${@/#/$separator}" + } + + # Map a relative directory path in the output from + # jenkins-job-builder (jobname) to the layout expected by jenkins: + # each directory level gets prepended "jobs/". + getJenkinsJobDir() + { + IFS='/' read -ra input_dirs <<< "$1" + printf "jobs/" + joinByString "/jobs/" "''${input_dirs[@]}" + } + + # The inverse of getJenkinsJobDir (remove the "jobs/" prefixes) + getJobname() + { + IFS='/' read -ra input_dirs <<< "$1" + local i=0 + local nelem=''${#input_dirs[@]} + for e in "''${input_dirs[@]}"; do + if [ $((i % 2)) -eq 1 ]; then + printf "$e" + if [ $i -lt $(( nelem - 1 )) ]; then + printf "/" + fi + fi + i=$((i + 1)) + done + } + rm -rf ${jobBuilderOutputDir} cur_decl_jobs=/run/jenkins-job-builder/declarative-jobs rm -f "$cur_decl_jobs" @@ -172,27 +208,27 @@ in { # Create / update jobs mkdir -p ${jobBuilderOutputDir} for inputFile in ${yamlJobsFile} ${concatStringsSep " " jsonJobsFiles}; do - HOME="${jenkinsCfg.home}" "${pkgs.jenkins-job-builder}/bin/jenkins-jobs" --ignore-cache test -o "${jobBuilderOutputDir}" "$inputFile" + HOME="${jenkinsCfg.home}" "${pkgs.jenkins-job-builder}/bin/jenkins-jobs" --ignore-cache test --config-xml -o "${jobBuilderOutputDir}" "$inputFile" done - for file in "${jobBuilderOutputDir}/"*; do - test -f "$file" || continue - jobname="$(basename $file)" - jobdir="${jenkinsCfg.home}/jobs/$jobname" + find "${jobBuilderOutputDir}" -type f -name config.xml | while read -r f; do echo "$(dirname "$f")"; done | sort | while read -r dir; do + jobname="$(realpath --relative-to="${jobBuilderOutputDir}" "$dir")" + jenkinsjobname=$(getJenkinsJobDir "$jobname") + jenkinsjobdir="${jenkinsCfg.home}/$jenkinsjobname" echo "Creating / updating job \"$jobname\"" - mkdir -p "$jobdir" - touch "$jobdir/${ownerStamp}" - cp "$file" "$jobdir/config.xml" - echo "$jobname" >> "$cur_decl_jobs" + mkdir -p "$jenkinsjobdir" + touch "$jenkinsjobdir/${ownerStamp}" + cp "$dir"/config.xml "$jenkinsjobdir/config.xml" + echo "$jenkinsjobname" >> "$cur_decl_jobs" done # Remove stale jobs - for file in "${jenkinsCfg.home}"/jobs/*/${ownerStamp}; do - test -f "$file" || continue - jobdir="$(dirname $file)" - jobname="$(basename "$jobdir")" - grep --quiet --line-regexp "$jobname" "$cur_decl_jobs" 2>/dev/null && continue + find "${jenkinsCfg.home}" -type f -name "${ownerStamp}" | while read -r f; do echo "$(dirname "$f")"; done | sort --reverse | while read -r dir; do + jenkinsjobname="$(realpath --relative-to="${jenkinsCfg.home}" "$dir")" + grep --quiet --line-regexp "$jenkinsjobname" "$cur_decl_jobs" 2>/dev/null && continue + jobname=$(getJobname "$jenkinsjobname") echo "Deleting stale job \"$jobname\"" + jobdir="${jenkinsCfg.home}/$jenkinsjobname" rm -rf "$jobdir" done '' + (if cfg.accessUser != "" then reloadScript else ""); From 0d417a343cff0090c69c92ecfc9208245d4d5b6f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sat, 29 May 2021 18:17:36 +0200 Subject: [PATCH 070/202] nixos/jenkins: test declarative jobs (cherry picked from commit a655b712015f1a37466371234620b8958887e9bf) --- nixos/tests/jenkins.nix | 85 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 83 insertions(+), 2 deletions(-) diff --git a/nixos/tests/jenkins.nix b/nixos/tests/jenkins.nix index 5898adab759..cb4207c6e77 100644 --- a/nixos/tests/jenkins.nix +++ b/nixos/tests/jenkins.nix @@ -2,6 +2,7 @@ # 1. jenkins service starts on master node # 2. jenkins user can be extended on both master and slave # 3. jenkins service not started on slave node +# 4. declarative jobs can be added and removed import ./make-test-python.nix ({ pkgs, ...} : { name = "jenkins"; @@ -13,7 +14,45 @@ import ./make-test-python.nix ({ pkgs, ...} : { master = { ... }: - { services.jenkins.enable = true; + { services.jenkins = { + enable = true; + jobBuilder = { + enable = true; + nixJobs = [ + { job = { + name = "job-1"; + builders = [ + { shell = '' + echo "Running job-1" + ''; + } + ]; + }; + } + + { job = { + name = "folder-1"; + project-type = "folder"; + }; + } + + { job = { + name = "folder-1/job-2"; + builders = [ + { shell = '' + echo "Running job-2" + ''; + } + ]; + }; + } + ]; + }; + }; + + specialisation.noJenkinsJobs.configuration = { + services.jenkins.jobBuilder.nixJobs = pkgs.lib.mkForce []; + }; # should have no effect services.jenkinsSlave.enable = true; @@ -32,7 +71,12 @@ import ./make-test-python.nix ({ pkgs, ...} : { }; - testScript = '' + testScript = { nodes, ... }: + let + configWithoutJobs = "${nodes.master.config.system.build.toplevel}/specialisation/noJenkinsJobs"; + jenkinsPort = nodes.master.config.services.jenkins.port; + jenkinsUrl = "http://localhost:${toString jenkinsPort}"; + in '' start_all() master.wait_for_unit("jenkins") @@ -45,5 +89,42 @@ import ./make-test-python.nix ({ pkgs, ...} : { assert "users" in groups slave.fail("systemctl is-enabled jenkins.service") + + with subtest("jobs are declarative"): + # Check that jobs are created on disk. + master.wait_for_unit("jenkins-job-builder") + master.wait_until_fails("systemctl is-active jenkins-job-builder") + master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/job-1/config.xml") + master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/config.xml") + master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml") + + # Wait until jenkins is ready, reload configuration and verify it also + # sees the jobs. + master.succeed("curl --fail ${jenkinsUrl}/cli") + master.succeed("curl ${jenkinsUrl}/jnlpJars/jenkins-cli.jar -O") + master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) reload-configuration") + out = master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) list-jobs") + jobs = [x.strip() for x in out.splitlines()] + # Seeing jobs inside folders requires the Folders plugin + # (https://plugins.jenkins.io/cloudbees-folder/), which we don't have + # in this vanilla jenkins install, so limit ourself to non-folder jobs. + assert jobs == ['job-1'], f"jobs != ['job-1']: {jobs}" + + master.succeed( + "${configWithoutJobs}/bin/switch-to-configuration test >&2" + ) + + # Check that jobs are removed from disk. + master.wait_for_unit("jenkins-job-builder") + master.wait_until_fails("systemctl is-active jenkins-job-builder") + master.wait_until_fails("test -f /var/lib/jenkins/jobs/job-1/config.xml") + master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/config.xml") + master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml") + + # Reload jenkins' configuration and verify it also sees the jobs as removed. + master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) reload-configuration") + out = master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) list-jobs") + jobs = [x.strip() for x in out.splitlines()] + assert jobs == [], f"jobs != []: {jobs}" ''; }) From bfff2cbbcd14d4e614dff9c344d634e669a4a017 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Wed, 9 Jun 2021 21:01:16 +0200 Subject: [PATCH 071/202] qcachegrind: fix fatal Could not find the Qt platform plugin "xcb" in "" (cherry picked from commit 16cbc80a9370b13db95a75b74d20e1d2beb578b3) --- pkgs/development/tools/analysis/qcachegrind/default.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/analysis/qcachegrind/default.nix b/pkgs/development/tools/analysis/qcachegrind/default.nix index 75729d1eea4..195596d3c19 100644 --- a/pkgs/development/tools/analysis/qcachegrind/default.nix +++ b/pkgs/development/tools/analysis/qcachegrind/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, qmake, qtbase, perl, python, php, kcachegrind }: +{ lib, stdenv, qmake, qtbase, perl, python, php, kcachegrind, wrapQtAppsHook }: let name = lib.replaceStrings ["kcachegrind"] ["qcachegrind"] kcachegrind.name; @@ -10,7 +10,7 @@ in stdenv.mkDerivation { buildInputs = [ qtbase perl python php ]; - nativeBuildInputs = [ qmake ]; + nativeBuildInputs = [ qmake wrapQtAppsHook ]; dontWrapQtApps = true; @@ -33,6 +33,10 @@ in stdenv.mkDerivation { install -Dm644 kcachegrind/48-apps-kcachegrind.png "$out/share/icons/hicolor/48x48/apps/kcachegrind.png" ''); + preFixup = '' + wrapQtApp "$out/bin/qcachegrind" + ''; + meta = with lib; { description = "A Qt GUI to visualize profiling data"; license = licenses.gpl2; From c3094b06ce98bd6e195decc4f730adba2b745c48 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Thu, 10 Jun 2021 07:20:50 +0200 Subject: [PATCH 072/202] qcachegrind: license gpl2 -> gpl2Plus According to https://apps.kde.org/kcachegrind/. (cherry picked from commit 1b1f196fe6f46e6f713946e5c423bbbc90771328) --- pkgs/development/tools/analysis/qcachegrind/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/tools/analysis/qcachegrind/default.nix b/pkgs/development/tools/analysis/qcachegrind/default.nix index 195596d3c19..1f7c6641b1c 100644 --- a/pkgs/development/tools/analysis/qcachegrind/default.nix +++ b/pkgs/development/tools/analysis/qcachegrind/default.nix @@ -39,7 +39,7 @@ in stdenv.mkDerivation { meta = with lib; { description = "A Qt GUI to visualize profiling data"; - license = licenses.gpl2; + license = licenses.gpl2Plus; platforms = platforms.unix; maintainers = with maintainers; [ periklis ]; }; From b76c86678de6513b1d69157062c42fa406abbe5c Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Fri, 11 Jun 2021 14:15:20 +0100 Subject: [PATCH 073/202] bosh-cli: init at 6.4.3 (cherry picked from commit 8f3bf74e1c1689e8c04f83a2c4cf58b38c17ab33) --- .../networking/cluster/bosh-cli/default.nix | 43 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 45 insertions(+) create mode 100644 pkgs/applications/networking/cluster/bosh-cli/default.nix diff --git a/pkgs/applications/networking/cluster/bosh-cli/default.nix b/pkgs/applications/networking/cluster/bosh-cli/default.nix new file mode 100644 index 00000000000..070af87f9c4 --- /dev/null +++ b/pkgs/applications/networking/cluster/bosh-cli/default.nix @@ -0,0 +1,43 @@ +{ lib +, fetchFromGitHub +, buildGoModule +, makeWrapper +, openssh +}: + +buildGoModule rec { + pname = "bosh-cli"; + + version = "6.4.3"; + + src = fetchFromGitHub { + owner = "cloudfoundry"; + repo = pname; + rev = "v${version}"; + sha256 = "1glxwk0fv52rjim7ihcxkjx19fsn9k7gzg9zmwxgx8wpsjrdcq3f"; + }; + vendorSha256 = null; + + postPatch = '' + substituteInPlace cmd/version.go --replace '[DEV BUILD]' '${version}' + ''; + + nativeBuildInputs = [ makeWrapper ]; + + subPackages = [ "." ]; + + doCheck = false; + + postInstall = '' + mv $out/bin/bosh-cli $out/bin/bosh + wrapProgram $out/bin/bosh --prefix PATH : '${lib.makeBinPath [ openssh ]}' + ''; + + meta = with lib; { + description = "A command line interface to CloudFoundry BOSH"; + homepage = "https://bosh.io"; + changelog = "https://github.com/cloudfoundry/bosh-cli/releases/tag/v${version}"; + license = licenses.asl20; + maintainers = with maintainers; [ ris ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 2ce87c6e10c..152b28844a0 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14281,6 +14281,8 @@ in boost_process = callPackage ../development/libraries/boost-process { }; + bosh-cli = callPackage ../applications/networking/cluster/bosh-cli { }; + botan = callPackage ../development/libraries/botan { openssl = openssl_1_0_2; inherit (darwin.apple_sdk.frameworks) CoreServices Security; From 20fb5871648830ba1d96929042b99d1ba09baf5d Mon Sep 17 00:00:00 2001 From: Timothy Klim Date: Tue, 1 Jun 2021 23:12:57 +0700 Subject: [PATCH 074/202] sbt: 1.5.1 -> 1.5.3 (cherry picked from commit 7c74293590f5ff12920d9a46da84983b6c156e04) --- pkgs/development/tools/build-managers/sbt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/build-managers/sbt/default.nix b/pkgs/development/tools/build-managers/sbt/default.nix index 7b9c6bca7e2..89628b81fbc 100644 --- a/pkgs/development/tools/build-managers/sbt/default.nix +++ b/pkgs/development/tools/build-managers/sbt/default.nix @@ -8,11 +8,11 @@ stdenv.mkDerivation rec { pname = "sbt"; - version = "1.5.1"; + version = "1.5.3"; src = fetchurl { url = "https://github.com/sbt/sbt/releases/download/v${version}/sbt-${version}.tgz"; - sha256 = "0dsbqipr549awv584fyl227s1gknlpsf5krp990w7w3bbxl3avb7"; + sha256 = "10kIQNy+3V1SD4uEZs/BJ4E6bTCRV3wjBN8gw9jr9VQ="; }; postPatch = '' From c5811ce005abcf2c4cebec0ea43bbd335ae115b0 Mon Sep 17 00:00:00 2001 From: Guillaume Girol Date: Tue, 8 Jun 2021 12:00:00 +0000 Subject: [PATCH 075/202] tt-rss-plugin-tumblr-gdpr: 2.1 -> 2.2 fixes adding a new feed to ttrss. the release only contains the fix, so it's low risk. It's not a backport because the plugin has become unnecessary so we are simply removing it from unstable. --- pkgs/servers/tt-rss/plugin-tumblr-gdpr/default.nix | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/tt-rss/plugin-tumblr-gdpr/default.nix b/pkgs/servers/tt-rss/plugin-tumblr-gdpr/default.nix index 7df8b717593..d09598a241f 100644 --- a/pkgs/servers/tt-rss/plugin-tumblr-gdpr/default.nix +++ b/pkgs/servers/tt-rss/plugin-tumblr-gdpr/default.nix @@ -2,19 +2,22 @@ stdenv.mkDerivation rec { pname = "tt-rss-plugin-tumblr-gdpr"; - version = "2.1"; + version = "2.2"; src = fetchFromGitHub { owner = "GregThib"; repo = "ttrss-tumblr-gdpr"; rev = "v${version}"; - sha256 = "09cbghi5b6ww4i5677i39qc9rhpq70xmygp0d7x30239r3i23rpq"; + sha256 = "sha256-oCdpgfOvXNui2KaS48WeyVy8Of6IlPOxQR6gmPiyH0s="; }; installPhase = '' - mkdir -p $out/tumblr_gdpr + runHook preInstall + mkdir -p $out/tumblr_gdpr cp init.php $out/tumblr_gdpr + + runHook postInstall ''; meta = with lib; { @@ -24,7 +27,7 @@ stdenv.mkDerivation rec { The name of the plugin in TT-RSS is 'tumblr_gdpr'. ''; - license = licenses.gpl3; + license = licenses.gpl3Only; homepage = "https://github.com/GregThib/ttrss-tumblr-gdpr"; maintainers = with maintainers; [ das_j ]; platforms = platforms.all; From 1ba7a494bfc244ad151cca92efb254f879506d81 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Sat, 12 Jun 2021 07:10:04 +0200 Subject: [PATCH 076/202] Merge #126619: knot-resolver: skip tests on aarch64-darwin (cherry picked from commit 9affc60b0cd7575c075a7be13d500928b0909fd1) It looks good on nixpkgs master (and other platforms don't even rebuild): https://hydra.nixos.org/build/145261694 --- pkgs/servers/dns/knot-resolver/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/dns/knot-resolver/default.nix b/pkgs/servers/dns/knot-resolver/default.nix index 791de67e52d..b0f9dfd6c91 100644 --- a/pkgs/servers/dns/knot-resolver/default.nix +++ b/pkgs/servers/dns/knot-resolver/default.nix @@ -79,7 +79,8 @@ unwrapped = stdenv.mkDerivation rec { rm -r "$out"/lib/sysusers.d/ # ATM more likely to harm than help ''; - doInstallCheck = with stdenv; hostPlatform == buildPlatform; + doInstallCheck = with stdenv; hostPlatform == buildPlatform + && !(isDarwin && isAarch64); # avoid luarocks, as it's broken ATM on the platform installCheckInputs = [ cmocka which cacert lua.cqueues lua.basexx lua.http ]; installCheckPhase = '' meson test --print-errorlogs From dd24b1bc0aa41b318fc163a5d36c1ad926091a00 Mon Sep 17 00:00:00 2001 From: Robert Scott Date: Sat, 12 Jun 2021 22:59:29 +0100 Subject: [PATCH 077/202] envoy: 1.16.2 -> 1.16.4 resolving CVE-2021-29258 --- pkgs/servers/http/envoy/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/http/envoy/default.nix b/pkgs/servers/http/envoy/default.nix index 57c0e22d8af..1b9d103d6a4 100644 --- a/pkgs/servers/http/envoy/default.nix +++ b/pkgs/servers/http/envoy/default.nix @@ -15,8 +15,8 @@ let # However, the version string is more useful for end-users. # These are contained in a attrset of their own to make it obvious that # people should update both. - version = "1.16.2"; - commit = "e98e41a8e168af7acae8079fc0cd68155f699aa3"; + version = "1.16.4"; + commit = "bf5d0eb44b781ac26ff1513700bcb114b7cf4300"; }; in buildBazelPackage rec { @@ -26,7 +26,7 @@ buildBazelPackage rec { owner = "envoyproxy"; repo = "envoy"; rev = srcVer.commit; - hash = "sha256-aWVMRKFCZzf9/96NRPCP4jiW38DJhXyi0gEqW7uIpnQ="; + sha256 = "0zabb9w4x3lai4ly4qq85dfslpm95ag9dyvl7y0bh4r9prbvqh7w"; extraPostFetch = '' chmod -R +w $out From 889a9b7c11e210de9fa8c88a5fda686d2824c19d Mon Sep 17 00:00:00 2001 From: Matthieu Coudron Date: Wed, 9 Jun 2021 23:56:48 +0200 Subject: [PATCH 078/202] pythonPackages: set mainProgram to pname by default Calling `nix run poetry` or another python package usually fails because of the "pythonX" prefix in name. Adjust mainProgram to ignore that prefix. (cherry picked from commit b59875ef23dabddceda3673a7559ebbede9ab6aa) --- pkgs/development/interpreters/python/mk-python-derivation.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/development/interpreters/python/mk-python-derivation.nix b/pkgs/development/interpreters/python/mk-python-derivation.nix index 4917b167046..963073df620 100644 --- a/pkgs/development/interpreters/python/mk-python-derivation.nix +++ b/pkgs/development/interpreters/python/mk-python-derivation.nix @@ -176,6 +176,8 @@ let # default to python's platforms platforms = python.meta.platforms; isBuildPythonPackage = python.meta.platforms; + } // lib.optionalAttrs (attrs?pname) { + mainProgram = attrs.pname; } // meta; } // lib.optionalAttrs (attrs?checkPhase) { # If given use the specified checkPhase, otherwise use the setup hook. From ac93a00745e81f9fe7d17481f69410fc66030ffe Mon Sep 17 00:00:00 2001 From: Robert Gerus Date: Mon, 24 May 2021 16:38:18 +0200 Subject: [PATCH 079/202] weechatScripts.weechat-matrix: fix matrix_sso_helper path server.py tries to launch a matrix_sso_helper binary when connecting to a homeserver that uses some SSO mechanism instead of plain login and password, but doesn't have $out/bin in $PATH. Using substituteInPlace to patch server.py so that the helper process is started by using its actual filesystem location instead of relying on $PATH. Fixes: https://github.com/NixOS/nixpkgs/issues/124186 (cherry picked from commit f7ccc5f35d0e1fe11a7e01e3dddd1ff28566ba1d) --- .../networking/irc/weechat/scripts/weechat-matrix/default.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/pkgs/applications/networking/irc/weechat/scripts/weechat-matrix/default.nix b/pkgs/applications/networking/irc/weechat/scripts/weechat-matrix/default.nix index c42fe55169e..c82fb9ca739 100644 --- a/pkgs/applications/networking/irc/weechat/scripts/weechat-matrix/default.nix +++ b/pkgs/applications/networking/irc/weechat/scripts/weechat-matrix/default.nix @@ -73,6 +73,7 @@ in buildPythonPackage { postFixup = '' addToSearchPath program_PYTHONPATH $out/${python.sitePackages} patchPythonScript $out/share/matrix.py + substituteInPlace $out/${python.sitePackages}/matrix/server.py --replace \"matrix_sso_helper\" \"$out/bin/matrix_sso_helper\" ''; meta = with lib; { From 39762d234240f598c1cdf02bfc5bcde644260f5a Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Sat, 12 Jun 2021 13:27:14 +0200 Subject: [PATCH 080/202] ungoogled-chromium: 91.0.4472.77 -> 91.0.4472.101 (cherry picked from commit 3952d191751df8313e0ba0e17ea4818ded20e027) --- .../networking/browsers/chromium/upstream-info.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 5d888fc0649..4ba65e560a9 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -44,9 +44,9 @@ } }, "ungoogled-chromium": { - "version": "91.0.4472.77", - "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5", - "sha256bin64": "0caf47xam5igdnbhipal1iyicnxxvadhi61k199rwysrvyv5sdad", + "version": "91.0.4472.101", + "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q", + "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1", "deps": { "gn": { "version": "2021-04-06", @@ -55,8 +55,8 @@ "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x" }, "ungoogled-patches": { - "rev": "91.0.4472.77-1", - "sha256": "1jfmmkw1y4rcjfgsm7b4v2lrgd3sks5qpajvq0djflbhkpsqxfk0" + "rev": "91.0.4472.101-1", + "sha256": "1ca8gjxz3w730446qns253ibs9lx22iysxq5sphb3pw2w0069q8r" } } } From 37d81fb867e2d3bae95b7ca058ac56b1a4c22392 Mon Sep 17 00:00:00 2001 From: Michael Livshin Date: Sun, 13 Jun 2021 16:07:49 +0300 Subject: [PATCH 081/202] clang-tools: fix clangd Whatever change has necessitated https://github.com/NixOS/nixpkgs/pull/122044, it also broke clangd -- /resource-root/include is no longer automagically searched for includes, which kills pretty much any indexing since that directory contains vital stuff like stddef.h etc. Fix by appending the directory to CPATH & CPLUS_INCLUDE_PATH in the clangd wrapper. (cherry picked from commit 8e06a39574aeb6500ad233e3b529e0e43fb80788) --- pkgs/development/tools/clang-tools/wrapper | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/clang-tools/wrapper b/pkgs/development/tools/clang-tools/wrapper index eebc152d11b..1008023fdc0 100755 --- a/pkgs/development/tools/clang-tools/wrapper +++ b/pkgs/development/tools/clang-tools/wrapper @@ -19,9 +19,9 @@ buildcpath() { } export CPATH=${CPATH}${CPATH:+':'}$(buildcpath ${NIX_CFLAGS_COMPILE} \ - $(<@clang@/nix-support/libc-cflags)) + $(<@clang@/nix-support/libc-cflags)):@clang@/resource-root/include export CPLUS_INCLUDE_PATH=${CPLUS_INCLUDE_PATH}${CPLUS_INCLUDE_PATH:+':'}$(buildcpath ${NIX_CFLAGS_COMPILE} \ $(<@clang@/nix-support/libcxx-cxxflags) \ - $(<@clang@/nix-support/libc-cflags)) + $(<@clang@/nix-support/libc-cflags)):@clang@/resource-root/include exec -a "$0" @unwrapped@/bin/$(basename $0) "$@" From f822238b76df9fbc9cfa0b66432380360ae8bbf8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 13 Jun 2021 17:44:24 +0200 Subject: [PATCH 082/202] imagemagick6: 6.9.12-14 -> 6.9.12-15 (cherry picked from commit 929ddc6fa567c99bfaeada7927f6e52ef4de5025) --- pkgs/applications/graphics/ImageMagick/6.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/graphics/ImageMagick/6.x.nix b/pkgs/applications/graphics/ImageMagick/6.x.nix index 7d345e8dba1..e89aded1ce4 100644 --- a/pkgs/applications/graphics/ImageMagick/6.x.nix +++ b/pkgs/applications/graphics/ImageMagick/6.x.nix @@ -16,13 +16,13 @@ in stdenv.mkDerivation rec { pname = "imagemagick"; - version = "6.9.12-14"; + version = "6.9.12-15"; src = fetchFromGitHub { owner = "ImageMagick"; repo = "ImageMagick6"; rev = version; - sha256 = "sha256-RK6N4koHVAqol16QXLFWUgI6N5Rph2QCIHxmDFs3Jfk="; + sha256 = "sha256-bel4p45eQfQPIp5/sawhTYTfyuYRQ5nFuGh4qqt1zDs="; }; outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big From 162c4e4e16205589b27fdd42540754fdc7f84f0b Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Fri, 28 May 2021 11:59:34 +0200 Subject: [PATCH 083/202] ocamlPackages.ppx_import: disable checks (cherry picked from commit ecf820740a0b576361dac53778a4e6e2e6338287) --- pkgs/development/ocaml-modules/ppx_import/default.nix | 4 ---- pkgs/top-level/ocaml-packages.nix | 10 +--------- 2 files changed, 1 insertion(+), 13 deletions(-) diff --git a/pkgs/development/ocaml-modules/ppx_import/default.nix b/pkgs/development/ocaml-modules/ppx_import/default.nix index 4ad26ff0862..6588d6db7f4 100644 --- a/pkgs/development/ocaml-modules/ppx_import/default.nix +++ b/pkgs/development/ocaml-modules/ppx_import/default.nix @@ -1,7 +1,6 @@ { lib, fetchurl, buildDunePackage , ppx_tools_versioned , ocaml-migrate-parsetree -, ounit, ppx_deriving, ppxlib }: buildDunePackage rec { @@ -21,9 +20,6 @@ buildDunePackage rec { ppx_tools_versioned ocaml-migrate-parsetree ]; - doCheck = true; - checkInputs = [ ounit ppx_deriving ppxlib ]; - meta = { description = "A syntax extension that allows to pull in types or signatures from other compiled interface files"; license = lib.licenses.mit; diff --git a/pkgs/top-level/ocaml-packages.nix b/pkgs/top-level/ocaml-packages.nix index b58fe1f4294..618cde4220d 100644 --- a/pkgs/top-level/ocaml-packages.nix +++ b/pkgs/top-level/ocaml-packages.nix @@ -1081,15 +1081,7 @@ let ppx_gen_rec = callPackage ../development/ocaml-modules/ppx_gen_rec {}; - ppx_import = callPackage ../development/ocaml-modules/ppx_import ( - let ppxlib_0_15 = if lib.versionAtLeast ppxlib.version "0.15" - then ppxlib.override { version = "0.15.0"; } - else ppxlib; in - { - ppx_deriving = ppx_deriving.override { ppxlib = ppxlib_0_15; }; - ppxlib = ppxlib_0_15; - } - ); + ppx_import = callPackage ../development/ocaml-modules/ppx_import {}; ppx_irmin = callPackage ../development/ocaml-modules/irmin/ppx.nix { }; From 13d6008df18cfccbc742b8a53382abd2c16c14c6 Mon Sep 17 00:00:00 2001 From: Artturin Date: Sat, 12 Jun 2021 01:46:17 +0300 Subject: [PATCH 084/202] opencv: update cuda_opt_flow.patch (cherry picked from commit e3ec283df10cbe5e87c240d28afd81c72f8226b2) --- pkgs/development/libraries/opencv/4.x.nix | 2 +- .../libraries/opencv/cuda_opt_flow.patch | 49 ++++++++++--------- 2 files changed, 26 insertions(+), 25 deletions(-) diff --git a/pkgs/development/libraries/opencv/4.x.nix b/pkgs/development/libraries/opencv/4.x.nix index 58609a9186d..a33eff4faa5 100644 --- a/pkgs/development/libraries/opencv/4.x.nix +++ b/pkgs/development/libraries/opencv/4.x.nix @@ -301,7 +301,7 @@ stdenv.mkDerivation { "-DCUDA_FAST_MATH=ON" "-DCUDA_HOST_COMPILER=${cudatoolkit.cc}/bin/cc" "-DCUDA_NVCC_FLAGS=--expt-relaxed-constexpr" - "-DNVIDIA_OPTICAL_FLOW_1_0_HEADERS_PATH=${nvidia-optical-flow-sdk}" + "-DNVIDIA_OPTICAL_FLOW_2_0_HEADERS_PATH=${nvidia-optical-flow-sdk}" ] ++ lib.optionals stdenv.isDarwin [ "-DWITH_OPENCL=OFF" "-DWITH_LAPACK=OFF" diff --git a/pkgs/development/libraries/opencv/cuda_opt_flow.patch b/pkgs/development/libraries/opencv/cuda_opt_flow.patch index cb96721fb53..2f97abd51bb 100644 --- a/pkgs/development/libraries/opencv/cuda_opt_flow.patch +++ b/pkgs/development/libraries/opencv/cuda_opt_flow.patch @@ -1,26 +1,27 @@ -diff --git a/opencv_contrib/cudaoptflow/CMakeLists.txt b/opencv_contrib/cudaoptflow/CMakeLists.txt -index e5b823ab4a..a728060d0b 100644 ---- a/opencv_contrib/cudaoptflow/CMakeLists.txt -+++ b/opencv_contrib/cudaoptflow/CMakeLists.txt -@@ -11,18 +11,6 @@ ocv_define_module(cudaoptflow opencv_video opencv_optflow opencv_cudaarithm open - set(NVIDIA_OPTICAL_FLOW_1_0_HEADERS_COMMIT "79c6cee80a2df9a196f20afd6b598a9810964c32") - set(NVIDIA_OPTICAL_FLOW_1_0_HEADERS_MD5 "ca5acedee6cb45d0ec610a6732de5c15") - set(NVIDIA_OPTICAL_FLOW_1_0_HEADERS_PATH "${OpenCV_BINARY_DIR}/3rdparty/NVIDIAOpticalFlowSDK_1_0_Headers") --ocv_download(FILENAME "${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_COMMIT}.zip" -- HASH ${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_MD5} -- URL -- "https://github.com/NVIDIA/NVIDIAOpticalFlowSDK/archive/" -- DESTINATION_DIR "${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_PATH}" -- STATUS NVIDIA_OPTICAL_FLOW_1_0_HEADERS_DOWNLOAD_SUCCESS -- ID "NVIDIA_OPTICAL_FLOW" -- UNPACK RELATIVE_URL) - --if(NOT NVIDIA_OPTICAL_FLOW_1_0_HEADERS_DOWNLOAD_SUCCESS) -- message(STATUS "Failed to download NVIDIA_Optical_Flow_1_0 Headers") --else() -- add_definitions(-DHAVE_NVIDIA_OPTFLOW=1) -- ocv_include_directories(SYSTEM "${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_PATH}/NVIDIAOpticalFlowSDK-${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_COMMIT}") +diff --unified --recursive --text a/opencv_contrib/cudaoptflow/CMakeLists.txt b/opencv_contrib/cudaoptflow/CMakeLists.txt +--- a/opencv_contrib/cudaoptflow/CMakeLists.txt 2021-06-12 01:35:47.536395972 +0300 ++++ b/opencv_contrib/cudaoptflow/CMakeLists.txt 2021-06-12 01:36:02.029498597 +0300 +@@ -12,19 +12,6 @@ + set(NVIDIA_OPTICAL_FLOW_2_0_HEADERS_COMMIT "edb50da3cf849840d680249aa6dbef248ebce2ca") + set(NVIDIA_OPTICAL_FLOW_2_0_HEADERS_MD5 "a73cd48b18dcc0cc8933b30796074191") + set(NVIDIA_OPTICAL_FLOW_2_0_HEADERS_PATH "${OpenCV_BINARY_DIR}/3rdparty/NVIDIAOpticalFlowSDK_2_0_Headers") +- ocv_download(FILENAME "${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_COMMIT}.zip" +- HASH ${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_MD5} +- URL "https://github.com/NVIDIA/NVIDIAOpticalFlowSDK/archive/" +- DESTINATION_DIR "${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_PATH}" +- STATUS NVIDIA_OPTICAL_FLOW_2_0_HEADERS_DOWNLOAD_SUCCESS +- ID "NVIDIA_OPTICAL_FLOW" +- UNPACK RELATIVE_URL) +- +- if(NOT NVIDIA_OPTICAL_FLOW_2_0_HEADERS_DOWNLOAD_SUCCESS) +- message(STATUS "Failed to download NVIDIA_Optical_Flow_2_0 Headers") +- else() +- message(STATUS "Building with NVIDIA Optical Flow API 2.0") +- add_definitions(-DHAVE_NVIDIA_OPTFLOW=2) +- ocv_include_directories(SYSTEM "${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_PATH}/NVIDIAOpticalFlowSDK-${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_COMMIT}") +- endif() -endif() \ No newline at end of file -+add_definitions(-DHAVE_NVIDIA_OPTFLOW=1) -+ocv_include_directories(SYSTEM "${NVIDIA_OPTICAL_FLOW_1_0_HEADERS_PATH}") ++ add_definitions(-DHAVE_NVIDIA_OPTFLOW=2) ++ ocv_include_directories(SYSTEM "${NVIDIA_OPTICAL_FLOW_2_0_HEADERS_PATH}") ++endif() From 641efce99baf170776a821717f412122e2eb4b1c Mon Sep 17 00:00:00 2001 From: Artturin Date: Sat, 12 Jun 2021 03:04:45 +0300 Subject: [PATCH 085/202] nvidia-optical-flow-sdk: 1.0 -> 2.0 (cherry picked from commit 04e8ab8fdf8c8009741a8ebb26e4cd8e2cb6bd61) --- .../libraries/nvidia-optical-flow-sdk/default.nix | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/pkgs/development/libraries/nvidia-optical-flow-sdk/default.nix b/pkgs/development/libraries/nvidia-optical-flow-sdk/default.nix index f9c2547d424..a82fa9068c6 100644 --- a/pkgs/development/libraries/nvidia-optical-flow-sdk/default.nix +++ b/pkgs/development/libraries/nvidia-optical-flow-sdk/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation { pname = "nvidia-optical-flow-sdk"; - version = "1.0"; + version = "2.0"; src = fetchFromGitHub { owner = "NVIDIA"; repo = "NVIDIAOpticalFlowSDK"; - rev = "79c6cee80a2df9a196f20afd6b598a9810964c32"; - sha256 = "1y6igwv75v1ynqm7j6la3ky0f15mgnj1jyyak82yvhcsx1aax0a1"; + rev = "edb50da3cf849840d680249aa6dbef248ebce2ca"; + sha256 = "0hv0m0k9wl2wjhhl886j7ymngnf2xz7851nfh57s1gy5bv9lgdgz"; }; # # We only need the header files. The library files are @@ -25,4 +25,3 @@ stdenv.mkDerivation { platforms = platforms.all; }; } - From 39889643872581172bfafe300f1362f2e8301b59 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Mon, 14 Jun 2021 08:29:20 +0200 Subject: [PATCH 086/202] sqlite tools: fix download hash after update Clearly a copy&paste error in commit 14a274763e. Now it builds. (cherry picked from commit 34c88a4d5c6e530ac2516b8e54b016696fd8995e) --- pkgs/development/libraries/sqlite/tools.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/development/libraries/sqlite/tools.nix b/pkgs/development/libraries/sqlite/tools.nix index 298e87516fe..6c89a8496e8 100644 --- a/pkgs/development/libraries/sqlite/tools.nix +++ b/pkgs/development/libraries/sqlite/tools.nix @@ -8,7 +8,7 @@ let src = assert version == sqlite.version; fetchurl { url = "https://sqlite.org/2021/sqlite-src-${archiveVersion version}.zip"; - sha256 = "9StypcMZw+UW7XqS4SMTmm6Hrwii3EPXdXck9hMubbA="; + sha256 = "049vdpk50sba786345ibmlxnkzk5zp4xj859658ancswb6jyrgpl"; }; nativeBuildInputs = [ unzip ]; From 852f6f8f7d4a7113916e587eff69ae1663e54132 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milan=20P=C3=A4ssler?= Date: Mon, 14 Jun 2021 08:04:31 +0200 Subject: [PATCH 087/202] gitlab: 13.12.2 -> 13.12.3 (cherry picked from commit d62aac819bc3140514098f646cdca8999938b194) --- .../version-management/gitlab/data.json | 10 +++++----- .../version-management/gitlab/gitaly/default.nix | 4 ++-- .../gitlab/gitlab-workhorse/default.nix | 2 +- .../version-management/gitlab/rubyEnv/Gemfile | 6 +++--- .../gitlab/rubyEnv/Gemfile.lock | 15 +++++++-------- .../version-management/gitlab/rubyEnv/gemset.nix | 13 ++++++------- 6 files changed, 24 insertions(+), 26 deletions(-) diff --git a/pkgs/applications/version-management/gitlab/data.json b/pkgs/applications/version-management/gitlab/data.json index 40af0656fe6..d7e6261a932 100644 --- a/pkgs/applications/version-management/gitlab/data.json +++ b/pkgs/applications/version-management/gitlab/data.json @@ -1,13 +1,13 @@ { - "version": "13.12.2", - "repo_hash": "1wzbjw21pan5cfiz1jd03c3w9sgyvmn35f6dm2sr2k54acsw034p", + "version": "13.12.3", + "repo_hash": "0kpdl1gwcxy13lwyl96nsia62wysrnxdygil6sz6s72hg0y2fsgr", "owner": "gitlab-org", "repo": "gitlab", - "rev": "v13.12.2-ee", + "rev": "v13.12.3-ee", "passthru": { - "GITALY_SERVER_VERSION": "13.12.2", + "GITALY_SERVER_VERSION": "13.12.3", "GITLAB_PAGES_VERSION": "1.39.0", "GITLAB_SHELL_VERSION": "13.18.0", - "GITLAB_WORKHORSE_VERSION": "13.12.2" + "GITLAB_WORKHORSE_VERSION": "13.12.3" } } diff --git a/pkgs/applications/version-management/gitlab/gitaly/default.nix b/pkgs/applications/version-management/gitlab/gitaly/default.nix index 994683c2e2b..6276dd75eaf 100644 --- a/pkgs/applications/version-management/gitlab/gitaly/default.nix +++ b/pkgs/applications/version-management/gitlab/gitaly/default.nix @@ -21,14 +21,14 @@ let }; }; in buildGoModule rec { - version = "13.12.2"; + version = "13.12.3"; pname = "gitaly"; src = fetchFromGitLab { owner = "gitlab-org"; repo = "gitaly"; rev = "v${version}"; - sha256 = "sha256-jZg/OlecYlGjDxlxsayAuqzptil1OPtyPjOe1WYT0HY="; + sha256 = "sha256-qqLVYNCE8rKPBY5tj6AAoWcyIEtQZkO980NVPg0WO18="; }; vendorSha256 = "sha256-drS0L0olEFHYJVC0VYwEZeNYa8fjwrfxlhrEQa4pqzY="; diff --git a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix index c6302be8d18..e900a6522eb 100644 --- a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix +++ b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix @@ -5,7 +5,7 @@ in buildGoModule rec { pname = "gitlab-workhorse"; - version = "13.12.2"; + version = "13.12.3"; src = fetchFromGitLab { owner = data.owner; diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile index bb95233c6eb..14dcc7ab4b1 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile +++ b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile @@ -309,12 +309,12 @@ gem 'rack-attack', '~> 6.3.0' gem 'sentry-raven', '~> 3.0' # PostgreSQL query parsing -gem 'pg_query', '~> 2.0.3' +gem 'pg_query', '~> 1.3.0' gem 'premailer-rails', '~> 1.10.3' # LabKit: Tracing and Correlation -gem 'gitlab-labkit', '~> 0.17.1' +gem 'gitlab-labkit', '~> 0.16.2' # Thrift is a dependency of gitlab-labkit, we want a version higher than 0.14.0 # because of https://gitlab.com/gitlab-org/gitlab/-/issues/321900 gem 'thrift', '>= 0.14.0' @@ -485,7 +485,7 @@ gem 'gitaly', '~> 13.12.0.pre.rc1' gem 'grpc', '~> 1.30.2' -gem 'google-protobuf', '~> 3.15.8' +gem 'google-protobuf', '~> 3.14.0' gem 'toml-rb', '~> 1.0.0' diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock index 6f40a15a64b..31f362c9f9b 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock +++ b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock @@ -460,13 +460,13 @@ GEM fog-xml (~> 0.1.0) google-api-client (>= 0.44.2, < 0.51) google-cloud-env (~> 1.2) - gitlab-labkit (0.17.1) + gitlab-labkit (0.16.2) actionpack (>= 5.0.0, < 7.0.0) activesupport (>= 5.0.0, < 7.0.0) grpc (~> 1.19) jaeger-client (~> 1.1) opentracing (~> 0.4) - pg_query (~> 2.0) + pg_query (~> 1.3) redis (> 3.0.0, < 5.0.0) gitlab-license (1.5.0) gitlab-mail_room (0.0.9) @@ -509,7 +509,7 @@ GEM signet (~> 0.12) google-cloud-env (1.4.0) faraday (>= 0.17.3, < 2.0) - google-protobuf (3.15.8) + google-protobuf (3.14.0) googleapis-common-protos-types (1.0.6) google-protobuf (~> 3.14) googleauth (0.14.0) @@ -896,8 +896,7 @@ GEM peek (1.1.0) railties (>= 4.0.0) pg (1.2.3) - pg_query (2.0.3) - google-protobuf (~> 3.15.5) + pg_query (1.3.0) plist (3.6.0) png_quantizator (0.2.1) po_to_json (1.0.1) @@ -1473,7 +1472,7 @@ DEPENDENCIES gitlab-experiment (~> 0.5.4) gitlab-fog-azure-rm (~> 1.0.1) gitlab-fog-google (~> 1.13) - gitlab-labkit (~> 0.17.1) + gitlab-labkit (~> 0.16.2) gitlab-license (~> 1.5) gitlab-mail_room (~> 0.0.9) gitlab-markup (~> 1.7.1) @@ -1485,7 +1484,7 @@ DEPENDENCIES gitlab_omniauth-ldap (~> 2.1.1) gon (~> 6.4.0) google-api-client (~> 0.33) - google-protobuf (~> 3.15.8) + google-protobuf (~> 3.14.0) gpgme (~> 2.0.19) grape (~> 1.5.2) grape-entity (~> 0.9.0) @@ -1565,7 +1564,7 @@ DEPENDENCIES parslet (~> 1.8) peek (~> 1.1) pg (~> 1.1) - pg_query (~> 2.0.3) + pg_query (~> 1.3.0) png_quantizator (~> 0.2.1) premailer-rails (~> 1.10.3) prometheus-client-mmap (~> 0.12.0) diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix b/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix index 9500febc856..f9b174c43f1 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix +++ b/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix @@ -1978,10 +1978,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1y1sk3xmxj14nzx7v2zgq4q4d5lh4v1pvhs03n03j3kp4fbrj469"; + sha256 = "0184rq6sal3xz4f0w5iaa5zf3q55i4dh0rlvr25l1g0s2imwr3fa"; type = "gem"; }; - version = "0.17.1"; + version = "0.16.2"; }; gitlab-license = { groups = ["default"]; @@ -2127,10 +2127,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "0d9ayd4c69iag9nny7yydjx6dw4ymd52x1kv917ngv3vmsdkv51x"; + sha256 = "0pbm2kjhxvazx9d5c071bxcjx5cbip6d2y36dii2a4558nqjd12p"; type = "gem"; }; - version = "3.15.8"; + version = "3.14.0"; }; googleapis-common-protos-types = { dependencies = ["google-protobuf"]; @@ -3811,15 +3811,14 @@ version = "1.2.3"; }; pg_query = { - dependencies = ["google-protobuf"]; groups = ["default"]; platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1mii63kgppy2zil2qn54c94z93b6ama6x7gq6rbv4xxlfk8ncrag"; + sha256 = "1i9l3y502ddm2lq3ajhxhqq17vs9hgxkxm443yw221ccibcfh6qf"; type = "gem"; }; - version = "2.0.3"; + version = "1.3.0"; }; plist = { groups = ["default"]; From 3437fe775d92173f40385ce9dbcab8b1c84d4a99 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Sun, 13 Jun 2021 23:07:33 +0200 Subject: [PATCH 088/202] linuxPackages_5_4.wireguard: 1.0.20210424 -> 1.0.20210606 ChangeLog: https://lists.zx2c4.com/pipermail/wireguard/2021-June/006781.html (cherry picked from commit 96c89ab82ab2e3c14bd3d23cb22ae2c591b92f1c) --- pkgs/os-specific/linux/wireguard/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/wireguard/default.nix b/pkgs/os-specific/linux/wireguard/default.nix index 2578d09fc1e..e183b4ac5d4 100644 --- a/pkgs/os-specific/linux/wireguard/default.nix +++ b/pkgs/os-specific/linux/wireguard/default.nix @@ -7,11 +7,11 @@ assert lib.versionOlder kernel.version "5.6"; stdenv.mkDerivation rec { pname = "wireguard"; - version = "1.0.20210424"; + version = "1.0.20210606"; src = fetchzip { url = "https://git.zx2c4.com/wireguard-linux-compat/snapshot/wireguard-linux-compat-${version}.tar.xz"; - sha256 = "sha256-VLtIxYh308X28c9EOeHx0eA7HP2aRlekPXRt015/qAg="; + sha256 = "sha256-ha7x6+41oPRRhuRwEb1ojRWLF1dlEMoJtqXrzRKQ408="; }; hardeningDisable = [ "pic" ]; From e4fe0a62ae98098345697f8323aac99d674e7c56 Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Wed, 9 Jun 2021 14:16:23 +0200 Subject: [PATCH 089/202] symfony-cli: init at 4.25.2 (cherry picked from commit f1bbe0c2cacba75b96311ea0ffea8cd1222ed1ed) --- .../development/tools/symfony-cli/default.nix | 29 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 ++ 2 files changed, 31 insertions(+) create mode 100644 pkgs/development/tools/symfony-cli/default.nix diff --git a/pkgs/development/tools/symfony-cli/default.nix b/pkgs/development/tools/symfony-cli/default.nix new file mode 100644 index 00000000000..eb12f9e1dcd --- /dev/null +++ b/pkgs/development/tools/symfony-cli/default.nix @@ -0,0 +1,29 @@ +{ stdenvNoCC, fetchurl, lib }: + +stdenvNoCC.mkDerivation rec { + pname = "symfony-cli"; + version = "4.25.2"; + + src = fetchurl { + url = "https://github.com/symfony/cli/releases/download/v${version}/symfony_linux_amd64.gz"; + sha256 = "8bfa53c1479883e9b48d2e4e5d3f6f7a511df73d65fe5c7b07a4890ee2c75c7e"; + }; + + dontBuild = true; + + unpackPhase = '' + gunzip <$src >symfony + ''; + + installPhase = '' + install -D -t $out/bin symfony + ''; + + meta = with lib; { + description = "Symfony CLI"; + homepage = "https://symfony.com/download"; + license = licenses.unfree; + maintainers = with maintainers; [ drupol ]; + platforms = [ "x86_64-linux" ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index a161dee933f..dbbba6bf4bf 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -13877,6 +13877,8 @@ in swiftformat = callPackage ../development/tools/swiftformat { }; + symfony-cli = callPackage ../development/tools/symfony-cli { }; + swiftshader = callPackage ../development/libraries/swiftshader { }; systemfd = callPackage ../development/tools/systemfd { }; From b2ecbc070fe28d3de936e5706e0ec909f797f34a Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Wed, 9 Jun 2021 16:20:59 +0200 Subject: [PATCH 090/202] maintainers: add drupol (cherry picked from commit 4e1dcacc306a1b2a3a2bfa38717b8fd0b3576a3f) --- maintainers/maintainer-list.nix | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/maintainers/maintainer-list.nix b/maintainers/maintainer-list.nix index e979e9efcf5..eb42ca53cd2 100644 --- a/maintainers/maintainer-list.nix +++ b/maintainers/maintainer-list.nix @@ -2649,6 +2649,16 @@ githubId = 10198051; name = "Drew Risinger"; }; + drupol = { + name = "Pol Dellaiera"; + email = "pol.dellaiera@protonmail.com"; + github = "drupol"; + githubId = 252042; + keys = [{ + longkeyid = "ed25519/0x0AAF2901E8040715"; + fingerprint = "85F3 72DF 4AF3 EF13 ED34 72A3 0AAF 2901 E804 0715"; + }]; + }; dschrempf = { name = "Dominik Schrempf"; email = "dominik.schrempf@gmail.com"; From cc7a4e53122d480f1dd46fdd5e4ca31d92ea2d75 Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Mon, 14 Jun 2021 15:36:03 +0000 Subject: [PATCH 091/202] openssl: fix Darwin cross infinite recursion stdenv depends on openssl, and isGNU depends on stdenv. Thanks-to: sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> Fixes: https://github.com/NixOS/nixpkgs/issues/126829 (cherry picked from commit 502de3c377ec6a20673c395062b484a1a99c21fd) --- pkgs/development/libraries/openssl/default.nix | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/pkgs/development/libraries/openssl/default.nix b/pkgs/development/libraries/openssl/default.nix index 2a586f9e9ef..77a6b513ee6 100644 --- a/pkgs/development/libraries/openssl/default.nix +++ b/pkgs/development/libraries/openssl/default.nix @@ -54,7 +54,10 @@ let outputs = [ "bin" "dev" "out" "man" ] ++ optional withDocs "doc"; setOutputFlags = false; - separateDebugInfo = !(stdenv.hostPlatform.useLLVM or false) && stdenv.cc.isGNU; + separateDebugInfo = + !stdenv.hostPlatform.isDarwin && + !(stdenv.hostPlatform.useLLVM or false) && + stdenv.cc.isGNU; nativeBuildInputs = [ perl ]; buildInputs = lib.optional withCryptodev cryptodev From 9d0a88e91fb35c73055275a7aa0c42a07e1176f4 Mon Sep 17 00:00:00 2001 From: Simon Thoby Date: Sun, 23 May 2021 19:31:21 +0200 Subject: [PATCH 092/202] nixos/services/torrent/transmission.nix: add the web UI files to apparmor allowed paths (cherry picked from commit f02264af8244de928c9c72bba3bbd35d2ccb0de4) --- pkgs/applications/networking/p2p/transmission/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/networking/p2p/transmission/default.nix b/pkgs/applications/networking/p2p/transmission/default.nix index cfccff689fe..1efa9ec76da 100644 --- a/pkgs/applications/networking/p2p/transmission/default.nix +++ b/pkgs/applications/networking/p2p/transmission/default.nix @@ -98,6 +98,8 @@ in stdenv.mkDerivation { rwk /tmp/tr_session_id_*, r /run/systemd/resolve/stub-resolv.conf, + r $out/share/transmission/web/**, + include } EOF From f47f0e58dcf9b63064cf051668b5a87cf6f0c6c2 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Tue, 15 Jun 2021 11:58:00 +0200 Subject: [PATCH 093/202] chromium: 91.0.4472.101 -> 91.0.4472.106 https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop_14.html (cherry picked from commit 8540133fb7db4ad988ea2844c429b8b547dde370) --- .../networking/browsers/chromium/upstream-info.json | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 4ba65e560a9..c18b25b5147 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -1,8 +1,8 @@ { "stable": { - "version": "91.0.4472.101", - "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q", - "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1", + "version": "91.0.4472.106", + "sha256": "1fxy1l2dl0f6v8566lykcng18ma6fv4nlwxmdb0hh06fgp6khpjl", + "sha256bin64": "11l88fqrl1r7b02j78zgrr6kajayl8kw8mb8b91ard18w5kz1xvd", "deps": { "gn": { "version": "2021-04-06", @@ -12,9 +12,9 @@ } }, "chromedriver": { - "version": "91.0.4472.19", - "sha256_linux": "0pg9y55644i87qxa0983lvfizbmfiak9bg9249xhifl5kykghrb2", - "sha256_darwin": "07v5k07100vrzsbm6r59xg8j80ffzs3gnnf2kcfgqrzprx284gf2" + "version": "91.0.4472.101", + "sha256_linux": "0dzx565z2rd0y4i57rv5kd7dsm69sffza96y3c773hqaghm4y1ng", + "sha256_darwin": "0nff1jmmrn6a4clfvhyzrhfp8hx85z72563jwk28apflqmnm0k68" } }, "beta": { From b0b44c1c1dbab34991d8b03cae59e94cf87078c3 Mon Sep 17 00:00:00 2001 From: Stig Palmquist Date: Tue, 15 Jun 2021 14:54:05 +0200 Subject: [PATCH 094/202] perlPackages.MojoliciousPluginWebpack: 0.14 -> 1.01 (cherry picked from commit f09f0be1834c14bc1b7dbffeacf20d3801267741) --- pkgs/top-level/perl-packages.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/top-level/perl-packages.nix b/pkgs/top-level/perl-packages.nix index 7b0c8b5fe9a..d34d4f48980 100644 --- a/pkgs/top-level/perl-packages.nix +++ b/pkgs/top-level/perl-packages.nix @@ -13803,12 +13803,12 @@ let MojoliciousPluginWebpack = buildPerlPackage { pname = "Mojolicious-Plugin-Webpack"; - version = "0.14"; + version = "1.01"; src = fetchurl { - url = "mirror://cpan/authors/id/J/JH/JHTHORSEN/Mojolicious-Plugin-Webpack-0.14.tar.gz"; - sha256 = "0b1a9rm5rlpqj6skgic4qzy4b1p35r2dhkh3rwaaypf9ha70i9gc"; + url = "mirror://cpan/authors/id/J/JH/JHTHORSEN/Mojolicious-Plugin-Webpack-1.01.tar.gz"; + sha256 = "1w6dr7yb8lvvx5z2xsmshp2cf4b7dynv05yhq0rk7zwif5v6gsvm"; }; - propagatedBuildInputs = [ Mojolicious ]; + propagatedBuildInputs = [ Mojolicious Filechdir ]; meta = { homepage = "https://github.com/jhthorsen/mojolicious-plugin-webpack"; description = "Mojolicious <3 Webpack"; From f13ce435a401f8d0973dc0d4fb72230083fc385c Mon Sep 17 00:00:00 2001 From: Stig Palmquist Date: Tue, 15 Jun 2021 15:00:06 +0200 Subject: [PATCH 095/202] convos: 6.11 -> 6.24 (cherry picked from commit 09b17967b3b59bd2dffa3cbf76092aa88e112abc) --- pkgs/applications/networking/irc/convos/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/irc/convos/default.nix b/pkgs/applications/networking/irc/convos/default.nix index ba1837ee96f..8ff5c50b8a7 100644 --- a/pkgs/applications/networking/irc/convos/default.nix +++ b/pkgs/applications/networking/irc/convos/default.nix @@ -6,13 +6,13 @@ with lib; perlPackages.buildPerlPackage rec { pname = "convos"; - version = "6.11"; + version = "6.24"; src = fetchFromGitHub { owner = "convos-chat"; repo = pname; rev = "v${version}"; - sha256 = "19nzm7f3glvj34nj9pvnp0h9xx6baq58c11ddkqfmq7w3sci49hi"; + sha256 = "0hrz74fybypkjf9hraknylxrhnz7bhk00pk6wla2wfg8s2798zlx"; }; nativeBuildInputs = [ makeWrapper ] From 9ec98998e2857a1e292b77c6850a48de5440f8c8 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sun, 13 Jun 2021 12:12:28 +0200 Subject: [PATCH 096/202] sogo: 5.0.1 -> 5.1.1 Fixes CVE-2021-33054. https://github.com/inverse-inc/sogo/blob/SOGo-5.1.1/CHANGELOG.md (cherry picked from commit f528b1e43ee53751cd09207d13a300e93daf02cc) --- pkgs/servers/web-apps/sogo/default.nix | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/web-apps/sogo/default.nix b/pkgs/servers/web-apps/sogo/default.nix index 4a73c5770d2..20fc0f6f0c0 100644 --- a/pkgs/servers/web-apps/sogo/default.nix +++ b/pkgs/servers/web-apps/sogo/default.nix @@ -1,14 +1,14 @@ { gnustep, lib, fetchFromGitHub, fetchpatch, makeWrapper, python3, lndir -, openssl_1_1, openldap, sope, libmemcached, curl, libsodium, libzip, pkg-config }: +, openssl_1_1, openldap, sope, libmemcached, curl, libsodium, libzip, pkg-config, nixosTests }: with lib; gnustep.stdenv.mkDerivation rec { pname = "SOGo"; - version = "5.0.1"; + version = "5.1.1"; src = fetchFromGitHub { owner = "inverse-inc"; repo = pname; rev = "SOGo-${version}"; - sha256 = "145hdlwnqds5zmpxbh4yainsbv5vy99ji93d6pl7xkbqwncfi80i"; + sha256 = "19qkznk20fi47zxvg24hqnim5bpjlawk76w04jgd93yqakidl8ax"; }; nativeBuildInputs = [ gnustep.make makeWrapper python3 ]; @@ -66,9 +66,11 @@ with lib; gnustep.stdenv.mkDerivation rec { done ''; + passthru.tests.sogo = nixosTests.sogo; + meta = { description = "A very fast and scalable modern collaboration suite (groupware)"; - license = with licenses; [ gpl2 lgpl21 ]; + license = with licenses; [ gpl2Only lgpl21Only ]; homepage = "https://sogo.nu/"; platforms = platforms.linux; maintainers = with maintainers; [ ajs124 das_j ]; From df5b0a3a8eeeb135c53cdbed5ab10d8e42840a66 Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Tue, 15 Jun 2021 11:17:02 +0200 Subject: [PATCH 097/202] sope: 5.0.1 -> 5.1.1 (cherry picked from commit 2e10f973b51c970b6b2aa3f59f8f9501abff80e2) --- pkgs/development/libraries/sope/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/libraries/sope/default.nix b/pkgs/development/libraries/sope/default.nix index b956967ee88..25c65d82632 100644 --- a/pkgs/development/libraries/sope/default.nix +++ b/pkgs/development/libraries/sope/default.nix @@ -4,13 +4,13 @@ with lib; gnustep.stdenv.mkDerivation rec { pname = "sope"; - version = "5.0.1"; + version = "5.1.1"; src = fetchFromGitHub { owner = "inverse-inc"; repo = pname; rev = "SOPE-${version}"; - sha256 = "031m8ydr4jhh29332mfbsw0i5d0cjfqfyfs55jm832dlmv4447gb"; + sha256 = "0pap7c38kgadyp1a6qkmf9xhk69ybpmhfd4kc2n5nafhdbvks985"; }; hardeningDisable = [ "format" ]; From fe67150321dfea1426b11096894f6cf4a3f45f9e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 15 Jun 2021 10:12:28 -0400 Subject: [PATCH 098/202] prometheus-node-exporter: fix version info (#126722) Closes #126359 (cherry picked from commit ad5830098f6add9a4fae2b0fe01afcd374292eaa) Co-authored-by: Maximilian Bosch --- pkgs/servers/monitoring/prometheus/node-exporter.nix | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/monitoring/prometheus/node-exporter.nix b/pkgs/servers/monitoring/prometheus/node-exporter.nix index ea351db83f4..f97485f9478 100644 --- a/pkgs/servers/monitoring/prometheus/node-exporter.nix +++ b/pkgs/servers/monitoring/prometheus/node-exporter.nix @@ -23,8 +23,12 @@ buildGoModule rec { goPackagePath = "github.com/prometheus/node_exporter"; in '' -ldflags= - -X ${goPackagePath}/vendor/github.com/prometheus/common/version.Version=${version} - -X ${goPackagePath}/vendor/github.com/prometheus/common/version.Revision=${rev} + -s -w + -X github.com/prometheus/common/version.Version=${version} + -X github.com/prometheus/common/version.Revision=${rev} + -X github.com/prometheus/common/version.Branch=unknown + -X github.com/prometheus/common/version.BuildUser=nix@nixpkgs + -X github.com/prometheus/common/version.BuildDate=unknown ''; passthru.tests = { inherit (nixosTests.prometheus-exporters) node; }; From bcdb378e198abeae927139ecd8ad133e29f34be0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milan=20P=C3=A4ssler?= Date: Tue, 15 Jun 2021 00:03:56 +0200 Subject: [PATCH 099/202] gitlab: 13.12.3 -> 13.12.4 https://about.gitlab.com/releases/2021/06/14/gitlab-13-12-4-released/ (cherry picked from commit 5c04139da22d64f59b0f97a7672d875d82bdb7a5) --- pkgs/applications/version-management/gitlab/data.json | 10 +++++----- .../version-management/gitlab/gitaly/default.nix | 4 ++-- .../gitlab/gitlab-workhorse/default.nix | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/pkgs/applications/version-management/gitlab/data.json b/pkgs/applications/version-management/gitlab/data.json index d7e6261a932..60596eee4a9 100644 --- a/pkgs/applications/version-management/gitlab/data.json +++ b/pkgs/applications/version-management/gitlab/data.json @@ -1,13 +1,13 @@ { - "version": "13.12.3", - "repo_hash": "0kpdl1gwcxy13lwyl96nsia62wysrnxdygil6sz6s72hg0y2fsgr", + "version": "13.12.4", + "repo_hash": "1jp97vwwfnh3iqkh58y0zqcx6lsvqcpnxy8ipd4j9hbmag1jr36i", "owner": "gitlab-org", "repo": "gitlab", - "rev": "v13.12.3-ee", + "rev": "v13.12.4-ee", "passthru": { - "GITALY_SERVER_VERSION": "13.12.3", + "GITALY_SERVER_VERSION": "13.12.4", "GITLAB_PAGES_VERSION": "1.39.0", "GITLAB_SHELL_VERSION": "13.18.0", - "GITLAB_WORKHORSE_VERSION": "13.12.3" + "GITLAB_WORKHORSE_VERSION": "13.12.4" } } diff --git a/pkgs/applications/version-management/gitlab/gitaly/default.nix b/pkgs/applications/version-management/gitlab/gitaly/default.nix index 6276dd75eaf..8f189338e61 100644 --- a/pkgs/applications/version-management/gitlab/gitaly/default.nix +++ b/pkgs/applications/version-management/gitlab/gitaly/default.nix @@ -21,14 +21,14 @@ let }; }; in buildGoModule rec { - version = "13.12.3"; + version = "13.12.4"; pname = "gitaly"; src = fetchFromGitLab { owner = "gitlab-org"; repo = "gitaly"; rev = "v${version}"; - sha256 = "sha256-qqLVYNCE8rKPBY5tj6AAoWcyIEtQZkO980NVPg0WO18="; + sha256 = "sha256-5I06tzeOfVdtblgqI7neKBgwzXuU9hI/0V3gYEPMJJ0="; }; vendorSha256 = "sha256-drS0L0olEFHYJVC0VYwEZeNYa8fjwrfxlhrEQa4pqzY="; diff --git a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix index e900a6522eb..2eb1d14d0a4 100644 --- a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix +++ b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix @@ -5,7 +5,7 @@ in buildGoModule rec { pname = "gitlab-workhorse"; - version = "13.12.3"; + version = "13.12.4"; src = fetchFromGitLab { owner = data.owner; From d3d1674b3fce9d2d47323dd33448676dff4f9c65 Mon Sep 17 00:00:00 2001 From: talyz Date: Wed, 9 Jun 2021 17:50:45 +0200 Subject: [PATCH 100/202] gitlab: Make sure the FOSS version isn't identified as EE (cherry picked from commit 8f16b1629155ad0022bb7830739081532d1bae50) --- nixos/modules/services/misc/gitlab.nix | 2 +- pkgs/applications/version-management/gitlab/default.nix | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/misc/gitlab.nix b/nixos/modules/services/misc/gitlab.nix index 253d87537cf..b4fc4bf4b2c 100644 --- a/nixos/modules/services/misc/gitlab.nix +++ b/nixos/modules/services/misc/gitlab.nix @@ -145,7 +145,7 @@ let }; }; - gitlabEnv = { + gitlabEnv = cfg.packages.gitlab.gitlabEnv // { HOME = "${cfg.statePath}/home"; PUMA_PATH = "${cfg.statePath}/"; GITLAB_PATH = "${cfg.packages.gitlab}/share/gitlab/"; diff --git a/pkgs/applications/version-management/gitlab/default.nix b/pkgs/applications/version-management/gitlab/default.nix index 0e6aaa5912c..225b9f6c0cb 100644 --- a/pkgs/applications/version-management/gitlab/default.nix +++ b/pkgs/applications/version-management/gitlab/default.nix @@ -131,6 +131,7 @@ stdenv.mkDerivation { ${lib.optionalString (!gitlabEnterprise) '' # Remove all proprietary components rm -rf ee + sed -i 's/-ee//' ./VERSION ''} # For reasons I don't understand "bundle exec" ignores the @@ -181,6 +182,7 @@ stdenv.mkDerivation { GITLAB_PAGES_VERSION = data.passthru.GITLAB_PAGES_VERSION; GITLAB_SHELL_VERSION = data.passthru.GITLAB_SHELL_VERSION; GITLAB_WORKHORSE_VERSION = data.passthru.GITLAB_WORKHORSE_VERSION; + gitlabEnv.FOSS_ONLY = lib.boolToString (!gitlabEnterprise); tests = { nixos-test-passes = nixosTests.gitlab; }; From 123ba7a68bbbda9b2e089f59fc9932271f7a7960 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Tue, 15 Jun 2021 18:01:30 +0200 Subject: [PATCH 101/202] mautrix-whatsapp: 0.1.6 -> unstable-2021-06-15 On `master` there are a few more bugfixes. Most notably, each message sent by me was marked as "not sent" by WhatsApp for the last four days until you hit a "Resend" in WhatsApp. As the update to the latest `master` has solved the issue and being able to correctly send messages is one of the core features of this package, I decided to update the package in `nixpkgs` as well. (cherry picked from commit 5c7156faf1c766166d663a68e666678992ca2b2a) --- pkgs/servers/mautrix-whatsapp/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/mautrix-whatsapp/default.nix b/pkgs/servers/mautrix-whatsapp/default.nix index 934ce797d50..b1395873934 100644 --- a/pkgs/servers/mautrix-whatsapp/default.nix +++ b/pkgs/servers/mautrix-whatsapp/default.nix @@ -2,18 +2,18 @@ buildGoModule rec { pname = "mautrix-whatsapp"; - version = "0.1.6"; + version = "unstable-2021-06-15"; src = fetchFromGitHub { owner = "tulir"; repo = "mautrix-whatsapp"; - rev = "v${version}"; - sha256 = "sha256-0nwE3+GkJAvz5s8G23TvLVO8ykQK0ZIwEWAaTWHHOuU="; + rev = "d3b9f4f63744398cd2282c1927d02cb5bdb8c474"; + sha256 = "sha256-ueqAvfgQDTcNIad9fRCKiRpR0vGUJZbf3EmcJpQ2Y/g="; }; buildInputs = [ olm ]; - vendorSha256 = "sha256-FRXG0HmYfum9G/LYm6oWLLx1ZYQ3Jq7qV/mq6ofN9f5="; + vendorSha256 = "sha256-Iscojrn6wVnweOQV1GvhZ4QjUdTfDLOsCP1hVR4u/b4="; doCheck = false; From 89ecb51a6ae94e010d812e42ab49150485b45457 Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 15 Jun 2021 11:49:19 +0200 Subject: [PATCH 102/202] nixos/ssh: Add an example of verbatim keys This confused someone on SO. (cherry picked from commit 8352cc9a23a5fea11d467a5b8341b24cd162c62a) --- nixos/modules/services/networking/ssh/sshd.nix | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index 3cc77e4cb93..fd5da97cd10 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -41,6 +41,10 @@ let Warning: If you are using NixOps then don't use this option since it will replace the key required for deployment via ssh. ''; + example = [ + "ssh-rsa AAAAB3NzaC1yc2etc/etc/etcjwrsh8e596z6J0l7 example@host" + "ssh-ed25519 AAAAC3NzaCetcetera/etceteraJZMfk3QPfQ foo@bar" + ]; }; keyFiles = mkOption { From 91d03cd360571711227ba40d582a4a788d3af1fc Mon Sep 17 00:00:00 2001 From: Robert Hensing Date: Tue, 15 Jun 2021 12:23:09 +0200 Subject: [PATCH 103/202] nixos/ssh: Document authorizedKeysFiles properly (cherry picked from commit dab747106e20268e6d3a7c1a758185bc75507bef) --- nixos/modules/services/networking/ssh/sshd.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/nixos/modules/services/networking/ssh/sshd.nix b/nixos/modules/services/networking/ssh/sshd.nix index fd5da97cd10..7ac0952defe 100644 --- a/nixos/modules/services/networking/ssh/sshd.nix +++ b/nixos/modules/services/networking/ssh/sshd.nix @@ -247,7 +247,17 @@ in authorizedKeysFiles = mkOption { type = types.listOf types.str; default = []; - description = "Files from which authorized keys are read."; + description = '' + Specify the rules for which files to read on the host. + + This is an advanced option. If you're looking to configure user + keys, you can generally use + or . + + These are paths relative to the host root file system or home + directories and they are subject to certain token expansion rules. + See AuthorizedKeysFile in man sshd_config for details. + ''; }; authorizedKeysCommand = mkOption { From a7797852a3366c72d026ec6b89151c9795439e5d Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Mon, 1 Feb 2021 15:24:14 +0100 Subject: [PATCH 104/202] mfc9140cdnlpr: init at 1.1.2-1 (cherry picked from commit f52c8862c9b1fc524bd1401185944de6274db43b) --- .../cups/drivers/mfc9140cdnlpr/default.nix | 73 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 2 + 2 files changed, 75 insertions(+) create mode 100644 pkgs/misc/cups/drivers/mfc9140cdnlpr/default.nix diff --git a/pkgs/misc/cups/drivers/mfc9140cdnlpr/default.nix b/pkgs/misc/cups/drivers/mfc9140cdnlpr/default.nix new file mode 100644 index 00000000000..4128123d643 --- /dev/null +++ b/pkgs/misc/cups/drivers/mfc9140cdnlpr/default.nix @@ -0,0 +1,73 @@ +{ stdenv +, lib +, fetchurl +, dpkg +, makeWrapper +, coreutils +, file +, gawk +, ghostscript +, gnused +, pkgsi686Linux +}: + +stdenv.mkDerivation rec { + pname = "mfc9140cdnlpr"; + version = "1.1.2-1"; + + src = fetchurl { + url = "https://download.brother.com/welcome/dlf100405/${pname}-${version}.i386.deb"; + sha256 = "1wqx8njrv078fc3vlq90qyrfg3cw9kr9m6f3qvfnkhq1f95fbslh"; + }; + + unpackPhase = '' + dpkg-deb -x $src $out + ''; + + nativeBuildInputs = [ + dpkg + makeWrapper + ]; + + dontBuild = true; + + installPhase = '' + dir=$out/opt/brother/Printers/mfc9140cdn + + patchelf --set-interpreter ${pkgsi686Linux.glibc.out}/lib/ld-linux.so.2 $dir/lpd/brmfc9140cdnfilter + + wrapProgram $dir/inf/setupPrintcapij \ + --prefix PATH : ${lib.makeBinPath [ + coreutils + ]} + + substituteInPlace $dir/lpd/filtermfc9140cdn \ + --replace "BR_CFG_PATH=" "BR_CFG_PATH=\"$dir/\" #" \ + --replace "BR_LPD_PATH=" "BR_LPD_PATH=\"$dir/\" #" + + wrapProgram $dir/lpd/filtermfc9140cdn \ + --prefix PATH : ${lib.makeBinPath [ + coreutils + file + ghostscript + gnused + ]} + + substituteInPlace $dir/lpd/psconvertij2 \ + --replace '`which gs`' "${ghostscript}/bin/gs" + + wrapProgram $dir/lpd/psconvertij2 \ + --prefix PATH : ${lib.makeBinPath [ + gnused + gawk + ]} + ''; + + meta = with lib; { + description = "Brother MFC-9140CDN LPR printer driver"; + homepage = "http://www.brother.com/"; + license = licenses.unfree; + maintainers = with maintainers; [ hexa ]; + platforms = [ "i686-linux" "x86_64-linux" ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 7b75269360b..f19ad700b55 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -30847,6 +30847,8 @@ in mfcl8690cdwcupswrapper = callPackage ../misc/cups/drivers/mfcl8690cdwcupswrapper { }; mfcl8690cdwlpr = callPackage ../misc/cups/drivers/mfcl8690cdwlpr { }; + mfc9140cdnlpr = callPackage ../misc/cups/drivers/mfc9140cdnlpr { }; + samsung-unified-linux-driver_1_00_36 = callPackage ../misc/cups/drivers/samsung/1.00.36/default.nix { }; samsung-unified-linux-driver_1_00_37 = callPackage ../misc/cups/drivers/samsung/1.00.37.nix { }; samsung-unified-linux-driver_4_00_39 = callPackage ../misc/cups/drivers/samsung/4.00.39 { }; From 3fb4c3765f84fd3bb87c6384c06928037f814b4f Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Mon, 1 Feb 2021 15:27:32 +0100 Subject: [PATCH 105/202] mfc9140cdncupswrapper: init at 1.1.4-0 (cherry picked from commit 76f168a4f1005c3b0afb99a511b808f56e68db54) --- .../drivers/mfc9140cdncupswrapper/default.nix | 68 +++++++++++++++++++ pkgs/top-level/all-packages.nix | 1 + 2 files changed, 69 insertions(+) create mode 100644 pkgs/misc/cups/drivers/mfc9140cdncupswrapper/default.nix diff --git a/pkgs/misc/cups/drivers/mfc9140cdncupswrapper/default.nix b/pkgs/misc/cups/drivers/mfc9140cdncupswrapper/default.nix new file mode 100644 index 00000000000..0542b2ab303 --- /dev/null +++ b/pkgs/misc/cups/drivers/mfc9140cdncupswrapper/default.nix @@ -0,0 +1,68 @@ +{ lib +, stdenv +, fetchurl +, dpkg +, makeWrapper +, coreutils +, gnugrep +, gnused +, mfc9140cdnlpr +, pkgsi686Linux +, psutils +}: + +stdenv.mkDerivation rec { + pname = "mfc9140cdncupswrapper"; + version = "1.1.4-0"; + + src = fetchurl { + url = "https://download.brother.com/welcome/dlf100407/${pname}-${version}.i386.deb"; + sha256 = "18aramgqgra1shdhsa75i0090hk9i267gvabildwsk52kq2b96c6"; + }; + + unpackPhase = '' + dpkg-deb -x $src $out + ''; + + nativeBuildInputs = [ + dpkg + makeWrapper + ]; + + dontBuild = true; + + installPhase = '' + lpr=${mfc9140cdnlpr}/opt/brother/Printers/mfc9140cdn + dir=$out/opt/brother/Printers/mfc9140cdn + + interpreter=${pkgsi686Linux.glibc.out}/lib/ld-linux.so.2 + patchelf --set-interpreter "$interpreter" "$dir/cupswrapper/brcupsconfpt1" + + substituteInPlace $dir/cupswrapper/cupswrappermfc9140cdn \ + --replace "mkdir -p /usr" ": # mkdir -p /usr" \ + --replace '/opt/brother/''${device_model}/''${printer_model}/lpd/filter''${printer_model}' "$lpr/lpd/filtermfc9140cdn" \ + --replace '/usr/share/ppd/Brother/brother_''${printer_model}_printer_en.ppd' "$dir/cupswrapper/brother_mfc9140cdn_printer_en.ppd" \ + --replace '/usr/share/cups/model/Brother/brother_''${printer_model}_printer_en.ppd' "$dir/cupswrapper/brother_mfc9140cdn_printer_en.ppd" \ + --replace '/opt/brother/Printers/''${printer_model}/' "$lpr/" \ + --replace 'nup="psnup' "nup=\"${psutils}/bin/psnup" \ + --replace '/usr/bin/psnup' "${psutils}/bin/psnup" + + mkdir -p $out/lib/cups/filter + mkdir -p $out/share/cups/model + + ln $dir/cupswrapper/cupswrappermfc9140cdn $out/lib/cups/filter + ln $dir/cupswrapper/brother_mfc9140cdn_printer_en.ppd $out/share/cups/model + + sed -n '/!ENDOFWFILTER!/,/!ENDOFWFILTER!/p' "$dir/cupswrapper/cupswrappermfc9140cdn" | sed '1 br; b; :r s/.*/printer_model=mfc9140cdn; cat < $out/lib/cups/filter/brother_lpdwrapper_mfc9140cdn + sed -i "/#! \/bin\/sh/a PATH=${lib.makeBinPath [ coreutils gnused gnugrep ]}:\$PATH" $out/lib/cups/filter/brother_lpdwrapper_mfc9140cdn + chmod +x $out/lib/cups/filter/brother_lpdwrapper_mfc9140cdn + ''; + + meta = with lib; { + description = "Brother MFC-9140CDN CUPS wrapper driver"; + homepage = "http://www.brother.com/"; + license = licenses.gpl2Plus; + platforms = platforms.linux; + maintainers = with maintainers; [ hexa ]; + }; +} diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index f19ad700b55..20daf163363 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -30847,6 +30847,7 @@ in mfcl8690cdwcupswrapper = callPackage ../misc/cups/drivers/mfcl8690cdwcupswrapper { }; mfcl8690cdwlpr = callPackage ../misc/cups/drivers/mfcl8690cdwlpr { }; + mfc9140cdncupswrapper = callPackage ../misc/cups/drivers/mfc9140cdncupswrapper { }; mfc9140cdnlpr = callPackage ../misc/cups/drivers/mfc9140cdnlpr { }; samsung-unified-linux-driver_1_00_36 = callPackage ../misc/cups/drivers/samsung/1.00.36/default.nix { }; From f5c9fcff450fcdbd75be53fa3bcbbc55cd081b1d Mon Sep 17 00:00:00 2001 From: Christine Dodrill Date: Sun, 30 May 2021 20:27:08 -0400 Subject: [PATCH 106/202] solanum: fix MOTD Previously this defaulted to the default MOTD in the solanum source tree, and I don't want my friends to laugh at me. Includes a patch to the tests to ensure that the MOTD is actually set. This replicates the fix done in #109705 (solanum is a fork of charybdis, so they share fundamental logic for this). Signed-off-by: Christine Dodrill (cherry picked from commit b1fe9fab6fcfa4cdefe7370ba264b281e48de0f8) --- nixos/tests/solanum.nix | 8 ++++++++ pkgs/servers/irc/solanum/default.nix | 4 ++++ 2 files changed, 12 insertions(+) diff --git a/nixos/tests/solanum.nix b/nixos/tests/solanum.nix index aabfb906aa8..1ecf91bce40 100644 --- a/nixos/tests/solanum.nix +++ b/nixos/tests/solanum.nix @@ -16,6 +16,10 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { networking.firewall.allowedTCPPorts = [ ircPort ]; services.solanum = { enable = true; + motd = '' + The default MOTD doesn't contain the word "nixos" in it. + This one does. + ''; }; }; } // lib.listToAttrs (builtins.map (client: lib.nameValuePair client { @@ -48,6 +52,10 @@ import ./make-test-python.nix ({ pkgs, lib, ... }: { ${client}.wait_for_unit("ii") ${client}.wait_for_file("${iiDir}/${server}/out") '' + # look for the custom text in the MOTD. + '' + ${client}.wait_until_succeeds("grep 'nixos' ${iiDir}/${server}/out") + '' # wait until first PING from server arrives before joining, # so we don't try it too early '' diff --git a/pkgs/servers/irc/solanum/default.nix b/pkgs/servers/irc/solanum/default.nix index 2d9035259a6..2fa85072854 100644 --- a/pkgs/servers/irc/solanum/default.nix +++ b/pkgs/servers/irc/solanum/default.nix @@ -26,6 +26,10 @@ stdenv.mkDerivation rec { ./bandb.patch # https://github.com/solanum-ircd/solanum/issues/156 ]; + postPatch = '' + substituteInPlace include/defaults.h --replace 'ETCPATH "' '"/etc/solanum' + ''; + configureFlags = [ "--enable-epoll" "--enable-ipv6" From 4eec52ae4ec574dda63a7bf981d9fa608bebc14e Mon Sep 17 00:00:00 2001 From: talyz Date: Tue, 15 Jun 2021 18:19:59 +0200 Subject: [PATCH 107/202] discourse: 2.7.0 -> 2.7.4 (cherry picked from commit f7fb0d20a624c4d7fa12ba8a6e6d551655106a29) --- pkgs/servers/web-apps/discourse/default.nix | 4 ++-- pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock | 2 +- pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/servers/web-apps/discourse/default.nix b/pkgs/servers/web-apps/discourse/default.nix index 12ae858ea3a..5e7c4d5368a 100644 --- a/pkgs/servers/web-apps/discourse/default.nix +++ b/pkgs/servers/web-apps/discourse/default.nix @@ -6,13 +6,13 @@ }: let - version = "2.7.0"; + version = "2.7.4"; src = fetchFromGitHub { owner = "discourse"; repo = "discourse"; rev = "v${version}"; - sha256 = "sha256-w26pwGDL2j7qbporUzZATgw7E//E6xwahCbXv35QNnc="; + sha256 = "sha256-3cvrdWBXRM5F8qFEqbe8ru1U0wBqCkRxK7GAV0beJNk="; }; runtimeDeps = [ diff --git a/pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock b/pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock index d3f999d34f4..af968cdf331 100644 --- a/pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock +++ b/pkgs/servers/web-apps/discourse/rubyEnv/Gemfile.lock @@ -232,7 +232,7 @@ GEM multipart-post (2.1.1) mustache (1.1.1) nio4r (2.5.7) - nokogiri (1.11.3) + nokogiri (1.11.5) mini_portile2 (~> 2.5.0) racc (~> 1.4) nokogumbo (2.0.5) diff --git a/pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix b/pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix index 4b3ce8ce219..974df1ed4ea 100644 --- a/pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix +++ b/pkgs/servers/web-apps/discourse/rubyEnv/gemset.nix @@ -1284,10 +1284,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "19d78mdg2lbz9jb4ph6nk783c9jbsdm8rnllwhga6pd53xffp6x0"; + sha256 = "1i80ny61maqzqr1fq5wgpkijmh5j8abisrmhn16kv7mzmxqg5w0m"; type = "gem"; }; - version = "1.11.3"; + version = "1.11.5"; }; nokogumbo = { dependencies = ["nokogiri"]; From 0a8684caddccb10f7f8e1470d8d7b5b952c837d7 Mon Sep 17 00:00:00 2001 From: lassulus Date: Mon, 24 May 2021 15:49:57 +0200 Subject: [PATCH 108/202] solanum: remove obsolete BANDB settings/patches (cherry picked from commit 8eb5701aaf0eb7ad842a67f09e2f80826ac1ce80) --- nixos/modules/services/networking/solanum.nix | 3 --- pkgs/servers/irc/solanum/bandb.patch | 12 ------------ pkgs/servers/irc/solanum/default.nix | 1 - 3 files changed, 16 deletions(-) delete mode 100644 pkgs/servers/irc/solanum/bandb.patch diff --git a/nixos/modules/services/networking/solanum.nix b/nixos/modules/services/networking/solanum.nix index 989621b204c..b6496fb8b35 100644 --- a/nixos/modules/services/networking/solanum.nix +++ b/nixos/modules/services/networking/solanum.nix @@ -82,9 +82,6 @@ in description = "Solanum IRC daemon"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; - environment = { - BANDB_DBPATH = "/var/lib/solanum/ban.db"; - }; serviceConfig = { ExecStart = "${solanum}/bin/solanum -foreground -logfile /dev/stdout -configfile ${configFile} -pidfile /run/solanum/ircd.pid"; DynamicUser = true; diff --git a/pkgs/servers/irc/solanum/bandb.patch b/pkgs/servers/irc/solanum/bandb.patch deleted file mode 100644 index 7d204398b99..00000000000 --- a/pkgs/servers/irc/solanum/bandb.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff --git a/ircd/bandbi.c b/ircd/bandbi.c -index 29a3bfa2..16a40f17 100644 ---- a/ircd/bandbi.c -+++ b/ircd/bandbi.c -@@ -83,7 +83,6 @@ start_bandb(void) - const char *suffix = ""; - #endif - -- rb_setenv("BANDB_DBPATH", ircd_paths[IRCD_PATH_BANDB], 1); - if(bandb_path == NULL) - { - snprintf(fullpath, sizeof(fullpath), "%s%cbandb%s", ircd_paths[IRCD_PATH_LIBEXEC], RB_PATH_SEPARATOR, suffix); diff --git a/pkgs/servers/irc/solanum/default.nix b/pkgs/servers/irc/solanum/default.nix index 2fa85072854..b6678271c31 100644 --- a/pkgs/servers/irc/solanum/default.nix +++ b/pkgs/servers/irc/solanum/default.nix @@ -23,7 +23,6 @@ stdenv.mkDerivation rec { patches = [ ./dont-create-logdir.patch - ./bandb.patch # https://github.com/solanum-ircd/solanum/issues/156 ]; postPatch = '' From 6ee61426da640dfb9813c3791cd245dc0bc4b6de Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Mon, 31 May 2021 03:21:51 +0200 Subject: [PATCH 109/202] nixos/solanum: implement reload and allow config changes Reload only works with a static configuration path as there is no way to pass the dynamically generated config path to a running solanum instance, therefore we symlink the configuration to /etc/solanum/ircd.conf. But that will prevent reloads of the ircd, because the systemd unit wouldn't change when the configuration changes. That is why we add the actual location of the config file to restartTriggers and enable reloadIfChanged, so changes will not restart, but reload on changes. (cherry picked from commit 60c62214f5a3c7db6aa30d8a8e02c863b6abcf0a) --- nixos/modules/services/networking/solanum.nix | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/nixos/modules/services/networking/solanum.nix b/nixos/modules/services/networking/solanum.nix index b6496fb8b35..dc066a24549 100644 --- a/nixos/modules/services/networking/solanum.nix +++ b/nixos/modules/services/networking/solanum.nix @@ -2,7 +2,7 @@ let inherit (lib) mkEnableOption mkIf mkOption types; - inherit (pkgs) solanum; + inherit (pkgs) solanum util-linux; cfg = config.services.solanum; configFile = pkgs.writeText "solanum.conf" cfg.config; @@ -78,12 +78,20 @@ in config = mkIf cfg.enable (lib.mkMerge [ { + + environment.etc."solanum/ircd.conf".source = configFile; + systemd.services.solanum = { description = "Solanum IRC daemon"; after = [ "network.target" ]; wantedBy = [ "multi-user.target" ]; + reloadIfChanged = true; + restartTriggers = [ + configFile + ]; serviceConfig = { - ExecStart = "${solanum}/bin/solanum -foreground -logfile /dev/stdout -configfile ${configFile} -pidfile /run/solanum/ircd.pid"; + ExecStart = "${solanum}/bin/solanum -foreground -logfile /dev/stdout -configfile /etc/solanum/ircd.conf -pidfile /run/solanum/ircd.pid"; + ExecReload = "${util-linux}/bin/kill -HUP $MAINPID"; DynamicUser = true; User = "solanum"; StateDirectory = "solanum"; From b36d51733c81bd14db59b2ba1a042e4241f3d3da Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 2 Jun 2021 02:41:53 +0200 Subject: [PATCH 110/202] solanum: clarify license to be gpl2 or later (cherry picked from commit 2441e82399ad349bac570cbbe72cfe1b3158cc59) --- pkgs/servers/irc/solanum/default.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/servers/irc/solanum/default.nix b/pkgs/servers/irc/solanum/default.nix index b6678271c31..d5e70799cf5 100644 --- a/pkgs/servers/irc/solanum/default.nix +++ b/pkgs/servers/irc/solanum/default.nix @@ -61,7 +61,7 @@ stdenv.mkDerivation rec { meta = with lib; { description = "An IRCd for unified networks"; homepage = "https://github.com/solanum-ircd/solanum"; - license = licenses.gpl2Only; + license = licenses.gpl2Plus; maintainers = with maintainers; [ hexa ]; platforms = platforms.unix; }; From f6ed1a99f4071be546f1ff7b5a82de66bc893a13 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Tue, 15 Jun 2021 22:09:08 +0200 Subject: [PATCH 111/202] mautrix-whatsapp: unstable-2021-06-15 -> 0.1.7 ChangeLog: https://github.com/tulir/mautrix-whatsapp/releases/tag/v0.1.7 Not a functional change as I already included all the fixes in my previous bump, but I think it's better to use a stable tag by default to build :) (cherry picked from commit 6e4ce705350a2adf5a14bc2a9a830d87f03c1ee5) --- pkgs/servers/mautrix-whatsapp/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/mautrix-whatsapp/default.nix b/pkgs/servers/mautrix-whatsapp/default.nix index b1395873934..a5b2f14e9d5 100644 --- a/pkgs/servers/mautrix-whatsapp/default.nix +++ b/pkgs/servers/mautrix-whatsapp/default.nix @@ -2,13 +2,13 @@ buildGoModule rec { pname = "mautrix-whatsapp"; - version = "unstable-2021-06-15"; + version = "0.1.7"; src = fetchFromGitHub { owner = "tulir"; repo = "mautrix-whatsapp"; - rev = "d3b9f4f63744398cd2282c1927d02cb5bdb8c474"; - sha256 = "sha256-ueqAvfgQDTcNIad9fRCKiRpR0vGUJZbf3EmcJpQ2Y/g="; + rev = "v${version}"; + sha256 = "sha256-PXahSrA+jBWreFhqCp1Ar9yYfIJGJfU2xH88Ax3fdkE="; }; buildInputs = [ olm ]; From 17c0585cd15523974510827a47f142b6105fb27c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Wed, 16 Jun 2021 09:33:33 +0200 Subject: [PATCH 112/202] [Backport release-21.05] texlive: allow substitutes for texlive packages (#126866) * texlive: allow substitutes for texlive packages (cherry picked from commit 0f1e7e09b56cc8d98c5d02b87dd2626be9456d9c) (cherry picked from commit 54cd3b840d4043322da7cfefd3a7d8ee80d68bc4) Co-authored-by: Vincenzo Mantova --- pkgs/tools/typesetting/tex/texlive/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/tools/typesetting/tex/texlive/default.nix b/pkgs/tools/typesetting/tex/texlive/default.nix index 4ba42cbce57..f7bd02d8af5 100644 --- a/pkgs/tools/typesetting/tex/texlive/default.nix +++ b/pkgs/tools/typesetting/tex/texlive/default.nix @@ -131,6 +131,7 @@ let in if sha512 == "" then # hash stripped from pkgs.nix to save space -> fetch&unpack in a single step + # currently unused as we prefer to keep the sha512 hashes for reproducibility fetchurl { inherit urls; sha1 = if fixedHash == null then throw "TeX Live package ${tlName} is missing hash!" @@ -144,8 +145,7 @@ let // passthru else runCommand "texlive-${tlName}" - ( { # lots of derivations, not meant to be cached - preferLocalBuild = true; allowSubstitutes = false; + ( { inherit passthru; } // lib.optionalAttrs (fixedHash != null) { outputHash = fixedHash; From c46cf1c4e6b58870c2531f13ddb1334d1a818946 Mon Sep 17 00:00:00 2001 From: Serhii Zhuravel <1804871+dxops@users.noreply.github.com> Date: Wed, 2 Jun 2021 20:25:59 +0300 Subject: [PATCH 113/202] Allow to extend PHP_INI_SCAN_DIR Fixes #109383 Master 9fb4d19c2ec8d86439457e4cc10bc12becdc7268 --- pkgs/development/interpreters/php/generic.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/interpreters/php/generic.nix b/pkgs/development/interpreters/php/generic.nix index 13fd811c4ea..46ca2e6ebda 100644 --- a/pkgs/development/interpreters/php/generic.nix +++ b/pkgs/development/interpreters/php/generic.nix @@ -125,15 +125,15 @@ let ln -s ${extraInit} $out/lib/php.ini if test -e $out/bin/php; then - wrapProgram $out/bin/php --set PHP_INI_SCAN_DIR $out/lib + wrapProgram $out/bin/php --prefix PHP_INI_SCAN_DIR : $out/lib fi if test -e $out/bin/php-fpm; then - wrapProgram $out/bin/php-fpm --set PHP_INI_SCAN_DIR $out/lib + wrapProgram $out/bin/php-fpm --prefix PHP_INI_SCAN_DIR : $out/lib fi if test -e $out/bin/phpdbg; then - wrapProgram $out/bin/phpdbg --set PHP_INI_SCAN_DIR $out/lib + wrapProgram $out/bin/phpdbg --prefix PHP_INI_SCAN_DIR : $out/lib fi ''; }; From 3840b4082c99dd34bc8960e505b755753e156861 Mon Sep 17 00:00:00 2001 From: Sumner Evans Date: Fri, 11 Jun 2021 09:20:26 -0600 Subject: [PATCH 114/202] matrix-synapse: 1.35.1 -> 1.36.0 (cherry picked from commit 3acb9eb23f4e7f8557fd1bf5b0fad98568a1ceac) --- pkgs/servers/matrix-synapse/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/matrix-synapse/default.nix b/pkgs/servers/matrix-synapse/default.nix index 0fce9981967..c6562731143 100644 --- a/pkgs/servers/matrix-synapse/default.nix +++ b/pkgs/servers/matrix-synapse/default.nix @@ -12,11 +12,11 @@ let in buildPythonApplication rec { pname = "matrix-synapse"; - version = "1.35.1"; + version = "1.36.0"; src = fetchPypi { inherit pname version; - sha256 = "sha256-MJ3RG60rWbcfQxhj34k99AFg8TsPd3ECEw/x2+xU1js="; + sha256 = "sha256-OMbSd64mD2+6GVUxGL4lvQlKAiBuen0PjvyVdk/ePbI="; }; patches = [ From 26febe6bdcfcc19d208e61be32d0ae42c03d7413 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 16 Jun 2021 08:34:17 +0200 Subject: [PATCH 115/202] knot-dns: 3.0.6 -> 3.0.7 Fixes various bugs and introduces a few requested features. https://gitlab.nic.cz/knot/knot-dns/-/tags/v3.0.7 (cherry picked from commit 28dd3b6177dae61005cfdaebac405e8dbf70b2dc) --- pkgs/servers/dns/knot-dns/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix index 11adceb0f74..0ded992dcee 100644 --- a/pkgs/servers/dns/knot-dns/default.nix +++ b/pkgs/servers/dns/knot-dns/default.nix @@ -7,11 +7,11 @@ let inherit (lib) optional optionals; in stdenv.mkDerivation rec { pname = "knot-dns"; - version = "3.0.6"; + version = "3.0.7"; src = fetchurl { url = "https://secure.nic.cz/files/knot-dns/knot-${version}.tar.xz"; - sha256 = "63756ac5a00c3e4a066ed231a287faef5963a9183d77326e30bf0644cdf74f86"; + sha256 = "2bad8be0be95c8f54a26d1e16299e65f31ae1b34bd6ad3819aa50e7b40521484"; }; outputs = [ "bin" "out" "dev" ]; From 73d3525b3d06278e7c220446256643b9b7b975c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Vladim=C3=ADr=20=C4=8Cun=C3=A1t?= Date: Wed, 16 Jun 2021 12:56:22 +0200 Subject: [PATCH 116/202] knot-dns: add passthru.tests I hope I got the conventions right (found in doc/stdenv/meta.chapter.md) (cherry picked from commit cf0b179b5ea78ff8fd34763c48da4323739fa5fb) --- pkgs/servers/dns/knot-dns/default.nix | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/dns/knot-dns/default.nix b/pkgs/servers/dns/knot-dns/default.nix index 0ded992dcee..394c76dbdb2 100644 --- a/pkgs/servers/dns/knot-dns/default.nix +++ b/pkgs/servers/dns/knot-dns/default.nix @@ -1,6 +1,6 @@ { lib, stdenv, fetchurl, pkg-config, gnutls, liburcu, lmdb, libcap_ng, libidn2, libunistring , systemd, nettle, libedit, zlib, libiconv, libintl, libmaxminddb, libbpf, nghttp2 -, autoreconfHook +, autoreconfHook, nixosTests }: let inherit (lib) optional optionals; in @@ -56,6 +56,8 @@ stdenv.mkDerivation rec { rm -r "$out"/lib/*.la ''; + passthru.tests = { inherit (nixosTests) knot; }; + meta = with lib; { description = "Authoritative-only DNS server from .cz domain registry"; homepage = "https://knot-dns.cz"; From 9420363b95521e65a76eb5153de1eaee4a2e41c6 Mon Sep 17 00:00:00 2001 From: Vincent Laporte Date: Wed, 2 Jun 2021 07:46:37 +0200 Subject: [PATCH 117/202] =?UTF-8?q?ocamlPackages.lwt:=205.4.0=20=E2=86=92?= =?UTF-8?q?=205.4.1?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit (cherry picked from commit 13e6c217524f53e44e65a55d58461b12fadc2043) --- pkgs/development/ocaml-modules/lwt/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/ocaml-modules/lwt/default.nix b/pkgs/development/ocaml-modules/lwt/default.nix index ee0c3b5b00c..b0f73546eed 100644 --- a/pkgs/development/ocaml-modules/lwt/default.nix +++ b/pkgs/development/ocaml-modules/lwt/default.nix @@ -8,13 +8,13 @@ let inherit (lib) optional versionAtLeast; in buildDunePackage rec { pname = "lwt"; - version = "5.4.0"; + version = "5.4.1"; useDune2 = true; src = fetchzip { url = "https://github.com/ocsigen/${pname}/archive/${version}.tar.gz"; - sha256 = "1ay1zgadnw19r9hl2awfjr22n37l7rzxd9v73pjbahavwm2ay65d"; + sha256 = "0cq2qy23sa1a5zk6nja3c652mp29i84yfrkcwks6i8sdqwli36jy"; }; nativeBuildInputs = [ pkg-config ]; From 7de7910c12bd3cb386aaf3c11587350ac7b49199 Mon Sep 17 00:00:00 2001 From: 06kellyjac Date: Wed, 16 Jun 2021 08:48:46 +0100 Subject: [PATCH 118/202] deno: 1.11.0 -> 1.11.1 (cherry picked from commit a58e5facde96ec107ac4b92cffbd48a231a75fc5) --- pkgs/development/web/deno/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/web/deno/default.nix b/pkgs/development/web/deno/default.nix index dee8ad0c9b8..1211440b6b4 100644 --- a/pkgs/development/web/deno/default.nix +++ b/pkgs/development/web/deno/default.nix @@ -17,15 +17,15 @@ rustPlatform.buildRustPackage rec { pname = "deno"; - version = "1.11.0"; + version = "1.11.1"; src = fetchFromGitHub { owner = "denoland"; repo = pname; rev = "v${version}"; - sha256 = "sha256-rsQ9MdMgYPqnLzMfW4rwDpx5QKVDm6TMCCHqJzvTpjw="; + sha256 = "sha256-+EXkWtqJihNx5wvEhRycVpPDs1QxfoqcbMW5aLrofI8="; }; - cargoSha256 = "sha256-nKbc73bEKb0XzuBZApu21E1OzkgU9sqbCaaWhUMiWdQ="; + cargoSha256 = "sha256-j/1NJlGRq1MuE+EU7VstwSMmRYfudBmv3nAe3bAyv+U="; # Install completions post-install nativeBuildInputs = [ installShellFiles ]; From 4561a449da2e967ae0198d8c2cff67b07bc41a8d Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 16 Jun 2021 18:32:50 +0200 Subject: [PATCH 119/202] signal-desktop: 5.4.1 -> 5.5.0 (cherry picked from commit fcda0d80a392240abdf12351b78ab32c6eaff62e) --- .../networking/instant-messengers/signal-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 01e68e7753b..d5f22c57cd3 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -25,7 +25,7 @@ let else ""); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.4.1"; # Please backport all updates to the stable channel. + version = "5.5.0"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "1f1narpqj8gcyi4r574nqm1cbyi3azk1y7d1j300scr51gk74fq6"; + sha256 = "0l12hwwv0ks2hgp1xc5nmn5rcqzwxdpjqhwysix550m26bz4jczp"; }; nativeBuildInputs = [ From 70bbb7063c7e76cbee595cec797ec40da21b53fb Mon Sep 17 00:00:00 2001 From: lunik1 Date: Fri, 21 May 2021 00:01:03 +0100 Subject: [PATCH 120/202] ppsspp: fix build against ffmpeg 4.4 (cherry picked from commit babd906230da851b27fb66f18b90a2beac4c7ddd) --- pkgs/misc/emulators/ppsspp/default.nix | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/pkgs/misc/emulators/ppsspp/default.nix b/pkgs/misc/emulators/ppsspp/default.nix index 4f5b4f7d69b..cadbbd3810d 100644 --- a/pkgs/misc/emulators/ppsspp/default.nix +++ b/pkgs/misc/emulators/ppsspp/default.nix @@ -1,5 +1,6 @@ { mkDerivation , fetchFromGitHub +, fetchpatch , SDL2 , cmake , ffmpeg @@ -26,6 +27,14 @@ mkDerivation rec { sha256 = "sha256-vfp/vacIItlPP5dR7jzDT7oOUNFnjvvdR46yi79EJKU="; }; + patches = [ + (fetchpatch { + name = "fix_ffmpeg_4.4.patch"; # to be removed with next release + url = "https://patch-diff.githubusercontent.com/raw/hrydgard/ppsspp/pull/14176.patch"; + sha256 = "sha256-ecDoOydaLfL6+eFpahcO1TnRl866mZZVHlr6Qrib1mo="; + }) + ]; + postPatch = '' substituteInPlace git-version.cmake --replace unknown ${src.rev} substituteInPlace UI/NativeApp.cpp --replace /usr/share $out/share From b682bf2892391a92aa0454c119358d9f0f8e56c5 Mon Sep 17 00:00:00 2001 From: lunik1 <13547699+lunik1@users.noreply.github.com> Date: Fri, 21 May 2021 22:49:22 +0100 Subject: [PATCH 121/202] Update pkgs/misc/emulators/ppsspp/default.nix Co-authored-by: Sandro (cherry picked from commit 89cbb28f64b3406164e61cd1fcd7504a89b6e8fd) --- pkgs/misc/emulators/ppsspp/default.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/misc/emulators/ppsspp/default.nix b/pkgs/misc/emulators/ppsspp/default.nix index cadbbd3810d..124b8cb8e69 100644 --- a/pkgs/misc/emulators/ppsspp/default.nix +++ b/pkgs/misc/emulators/ppsspp/default.nix @@ -28,8 +28,9 @@ mkDerivation rec { }; patches = [ + # fix compability with ffmpeg 4.4, remove on next release after 1.11 (fetchpatch { - name = "fix_ffmpeg_4.4.patch"; # to be removed with next release + name = "fix_ffmpeg_4.4.patch"; url = "https://patch-diff.githubusercontent.com/raw/hrydgard/ppsspp/pull/14176.patch"; sha256 = "sha256-ecDoOydaLfL6+eFpahcO1TnRl866mZZVHlr6Qrib1mo="; }) From 213c7f5bbeffc71cf89e4f73be7e712c97146c8f Mon Sep 17 00:00:00 2001 From: OPNA2608 Date: Wed, 16 Jun 2021 10:52:00 +0200 Subject: [PATCH 122/202] ptcollab: 0.4.0 -> 0.4.1 (cherry picked from commit dffffdc912c6dfc3690f31edb55a51c2becffa6a) --- pkgs/applications/audio/ptcollab/default.nix | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/pkgs/applications/audio/ptcollab/default.nix b/pkgs/applications/audio/ptcollab/default.nix index f5752dd96f4..c5b9f2b804e 100644 --- a/pkgs/applications/audio/ptcollab/default.nix +++ b/pkgs/applications/audio/ptcollab/default.nix @@ -4,6 +4,7 @@ , fetchFromGitHub , nix-update-script , qmake +, pkg-config , qtbase , qtmultimedia , libvorbis @@ -12,21 +13,16 @@ mkDerivation rec { pname = "ptcollab"; - version = "0.4.0"; + version = "0.4.1"; src = fetchFromGitHub { owner = "yuxshao"; repo = "ptcollab"; rev = "v${version}"; - sha256 = "1yfnf47saxxj17x0vyxihr343kp7gz3fashzky79j80sqlm6ng85"; + sha256 = "sha256-98v9it9M5FXCsOpWvO10uKYmEH15v1FEH1hH73XHa7w="; }; - postPatch = '' - substituteInPlace src/editor.pro \ - --replace '/usr/include/rtmidi' '${rtmidi}/include/rtmidi' - ''; - - nativeBuildInputs = [ qmake ]; + nativeBuildInputs = [ qmake pkg-config ]; buildInputs = [ qtbase qtmultimedia libvorbis rtmidi ]; From 0e9cfa787fb4a65c046601d95ae2cabbc8ed8758 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Fri, 11 Jun 2021 14:04:06 +0200 Subject: [PATCH 123/202] doc/gnome: document GIO modules In particular, that glib-networking is required for TLS support. (cherry picked from commit 653bd18d5192d79254ef6961a54dea01f7bb11f2) --- doc/languages-frameworks/gnome.section.md | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/doc/languages-frameworks/gnome.section.md b/doc/languages-frameworks/gnome.section.md index 732b529cc22..8bdf4fbcd9a 100644 --- a/doc/languages-frameworks/gnome.section.md +++ b/doc/languages-frameworks/gnome.section.md @@ -8,12 +8,30 @@ Programs in the GNOME universe are written in various languages but they all use [GSettings](https://developer.gnome.org/gio/stable/GSettings.html) API is often used for storing settings. GSettings schemas are required, to know the type and other metadata of the stored values. GLib looks for `glib-2.0/schemas/gschemas.compiled` files inside the directories of `XDG_DATA_DIRS`. -On Linux, GSettings API is implemented using [dconf](https://wiki.gnome.org/Projects/dconf) backend. You will need to add `dconf` GIO module to `GIO_EXTRA_MODULES` variable, otherwise the `memory` backend will be used and the saved settings will not be persistent. +On Linux, GSettings API is implemented using [dconf](https://wiki.gnome.org/Projects/dconf) backend. You will need to add `dconf` [GIO module](#ssec-gnome-gio-modules) to `GIO_EXTRA_MODULES` variable, otherwise the `memory` backend will be used and the saved settings will not be persistent. Last you will need the dconf database D-Bus service itself. You can enable it using `programs.dconf.enable`. Some applications will also require `gsettings-desktop-schemas` for things like reading proxy configuration or user interface customization. This dependency is often not mentioned by upstream, you should grep for `org.gnome.desktop` and `org.gnome.system` to see if the schemas are needed. +### GIO modules {#ssec-gnome-gio-modules} + +GLib’s [GIO](https://developer.gnome.org/gio/stable/ch01.html) library supports several [extension points](https://developer.gnome.org/gio/stable/extending-gio.html). Notably, they allow: + +* implementing settings backends (already [mentioned](#ssec-gnome-settings)) +* adding TLS support +* proxy settings +* virtual file systems + +The modules are typically installed to `lib/gio/modules/` directory of a package and you need to add them to `GIO_EXTRA_MODULES` if you need any of those features. + +In particular, we recommend: + +* adding `dconf.lib` for any software on Linux that reads [GSettings](#ssec-gnome-settings) (even transitivily through e.g. GTK’s file manager) +* adding `glib-networking` for any software that accesses network using GIO or libsoup – glib-networking contains a module that implements TLS support and loads system-wide proxy settings + +To allow software to use various virtual file systems, `gvfs` package can be also added. But that is usually an optional feature so we typically use `gvfs` from the system (e.g. installed globally using NixOS module). + ### GdkPixbuf loaders {#ssec-gnome-gdk-pixbuf-loaders} GTK applications typically use [GdkPixbuf](https://developer.gnome.org/gdk-pixbuf/stable/) to load images. But `gdk-pixbuf` package only supports basic bitmap formats like JPEG, PNG or TIFF, requiring to use third-party loader modules for other formats. This is especially painful since GTK itself includes SVG icons, which cannot be rendered without a loader provided by `librsvg`. From 2629acdcb0fa7c77ec1d05e8ad9575d7cd04c487 Mon Sep 17 00:00:00 2001 From: Artturin Date: Wed, 16 Jun 2021 00:30:15 +0300 Subject: [PATCH 124/202] discord-canary: 0.0.124 -> 0.0.125 (cherry picked from commit 7c7adc7b20aaf99b611b3ce666616f776bd21fee) --- .../networking/instant-messengers/discord/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/discord/default.nix b/pkgs/applications/networking/instant-messengers/discord/default.nix index e486cd9de62..f7435aa3ae3 100644 --- a/pkgs/applications/networking/instant-messengers/discord/default.nix +++ b/pkgs/applications/networking/instant-messengers/discord/default.nix @@ -27,10 +27,10 @@ in { pname = "discord-canary"; binaryName = "DiscordCanary"; desktopName = "Discord Canary"; - version = "0.0.124"; + version = "0.0.125"; src = fetchurl { url = "https://dl-canary.discordapp.net/apps/linux/${version}/discord-canary-${version}.tar.gz"; - sha256 = "060ypr9rn5yl8iwh4v3ax1v6501yaq72sx50q47sm0wyxn7gpv91"; + sha256 = "0ly5a6l7rvl54mc39xma14jrcrf11q3ndnkkr16by5hy3palmz9g"; }; }; }.${branch} From a21b8237f188505209b8795c9483e7d39a287f70 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Wed, 9 Jun 2021 03:32:26 +0200 Subject: [PATCH 125/202] microcodeIntel: 20210216 -> 20210608 (cherry picked from commit d94f35f69bff4eff7655279d45793003338f5c3c) --- pkgs/os-specific/linux/microcode/intel.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/microcode/intel.nix b/pkgs/os-specific/linux/microcode/intel.nix index 3ac8e6dcd4a..f8bb7c67d8e 100644 --- a/pkgs/os-specific/linux/microcode/intel.nix +++ b/pkgs/os-specific/linux/microcode/intel.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "microcode-intel"; - version = "20210216"; + version = "20210608"; src = fetchFromGitHub { owner = "intel"; repo = "Intel-Linux-Processor-Microcode-Data-Files"; rev = "microcode-${version}"; - sha256 = "17wrfp7h7xbvncgm1fp103zkyz9n1f820jy6yca1aq208264hjkv"; + sha256 = "08nk353z2lcqsjbm2qdsfapfgrvlfw0rj7r9scr9pllzkjj5n9x3"; }; nativeBuildInputs = [ iucode-tool libarchive ]; From 38088e7229b43ad0bc09f97cf42fc8562899cafb Mon Sep 17 00:00:00 2001 From: Mewp Date: Sat, 5 Jun 2021 10:35:20 +0200 Subject: [PATCH 126/202] nixos/acme: Remove an incorrect assertion from tests Commit 3a2e0c36e79cecaf196cbea23e75e74710140ea4 has removed `--reuse-key` from default renew options, yet the tests still expected keys not to change. This assertion is now removed, as they are supposed to change on each renew/change. (cherry picked from commit b00bcf21abc392ecb1d93bd49f7a5ffbc8524ecf) --- nixos/tests/acme.nix | 3 --- 1 file changed, 3 deletions(-) diff --git a/nixos/tests/acme.nix b/nixos/tests/acme.nix index 6f98b0da378..fe8c4af3ea2 100644 --- a/nixos/tests/acme.nix +++ b/nixos/tests/acme.nix @@ -392,14 +392,11 @@ in import ./make-test-python.nix ({ lib, ... }: { # Check the key hash before and after adding an alias. It should not change. # The previous test reverts the ed384 change webserver.wait_for_unit("acme-finished-a.example.test.target") - keyhash_old = webserver.succeed("md5sum /var/lib/acme/a.example.test/key.pem") switch_to(webserver, "nginx-aliases") webserver.wait_for_unit("acme-finished-a.example.test.target") check_issuer(webserver, "a.example.test", "pebble") check_connection(client, "a.example.test") check_connection(client, "b.example.test") - keyhash_new = webserver.succeed("md5sum /var/lib/acme/a.example.test/key.pem") - assert keyhash_old == keyhash_new with subtest("Can request certificates for vhost + aliases (apache-httpd)"): try: From ae8b33704107ad5e4b2827364c53415bfb48e056 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:12:48 +0000 Subject: [PATCH 127/202] linux: 4.14.236 -> 4.14.237 (cherry picked from commit 5efcab85a67f25cdb597ccf860f5751c7b8272d5) --- pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix index 9f40429f0ad..a550008b9d5 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.14.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.14.236"; + version = "4.14.237"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0albmgxj3cb1dvjagj54l0ffa7kwi8brh7bqwj6gvzpylsby5sp4"; + sha256 = "0kib9p61hhwjbr8zhir9aw86qik7k6bm95503n3k09ayyachajpq"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_14 ]; From 76cb349cb201e553bf7f693d6891dff19353c1ac Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:12:53 +0000 Subject: [PATCH 128/202] linux: 4.19.194 -> 4.19.195 (cherry picked from commit c6e07a72e7327407e73287bd531222656ae38bee) --- pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix index e42a1646791..42d98f1485e 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.19.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "4.19.194"; + version = "4.19.195"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "15l80psfgffa756vpjxmjkwjqif2gpx441hpzr473xwryp6bvbma"; + sha256 = "02rdy5mdmwxli0cin5n7ab492y9fs01hhqxrjq6b4idwv5baa42m"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_19 ]; From 18da963255a400b3ff7930004c1cf8a8f0d003c0 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:12:58 +0000 Subject: [PATCH 129/202] linux: 4.4.272 -> 4.4.273 (cherry picked from commit ecf27f78d32098e791d2d9944f13eb27d6741924) --- pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix index 4fc2985b586..d06d5133b47 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.4.272"; + version = "4.4.273"; extraMeta.branch = "4.4"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "1ar468ymk96v2pq9x209z2z4wbypppb91jpw8g22aa30pr9aagyi"; + sha256 = "1pd39cak0zhda3m9nvn9yxgd070wxvckaha5wl8pi7c8i6jfpclb"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_4 ]; From 81536c15d303bad6730ea1f144703cee3d592855 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:03 +0000 Subject: [PATCH 130/202] linux: 4.9.272 -> 4.9.273 (cherry picked from commit b9d8e45251917f347e31fff301ac416f705ed1a0) --- pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix index d0cb868f172..d614464bf2a 100644 --- a/pkgs/os-specific/linux/kernel/linux-4.9.nix +++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix @@ -1,13 +1,13 @@ { buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args: buildLinux (args // rec { - version = "4.9.272"; + version = "4.9.273"; extraMeta.branch = "4.9"; extraMeta.broken = stdenv.isAarch64; src = fetchurl { url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz"; - sha256 = "0n0hrszaijdpnbdvd8bvz15m7g268is0zw84w4vaf37418whrgzq"; + sha256 = "0jjarv3xfkc21j1xhgch53w8wm6rq3xw1i03rjw9fv5i9k4x6qsw"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_9 ]; From b7afdec506be63468f7354dc4988380c84b93961 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:09 +0000 Subject: [PATCH 131/202] linux: 5.10.43 -> 5.10.44 (cherry picked from commit 5382c2856df5a504650428177d75a40f307c1f66) --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 50ef93c04b9..7606af51276 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.43"; + version = "5.10.44"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "00yl1g6irpwy3sy0d43qvlk7x1gfk4v1dyv460afxy527d1ixf43"; + sha256 = "0ry7hfcj07xc6l9mrm5f0ylz54ca3aklgf9x6plf2k45kjjyzgkp"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ]; From c6d46ca2e4e063eba8a7e9c4f9b045f7853d8531 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:15 +0000 Subject: [PATCH 132/202] linux: 5.12.10 -> 5.12.11 (cherry picked from commit 14510ff4ea93d95103e9bf6b189490067caf0f2f) --- pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix index 6ae39a84891..9c70f150e2d 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.12.10"; + version = "5.12.11"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "03v3wzpbxb78gf4wsnc5wv6683g439cm2bzcjj4q657dagy9km68"; + sha256 = "0ykzyvb4c6mqcy0fl3wvpn4laj1cllsg80dxnv0gssjz6q836z5f"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ]; From 60151d59c3549125cbba5eb2c0d79866bd56ec91 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:23 +0000 Subject: [PATCH 133/202] linux: 5.4.125 -> 5.4.126 (cherry picked from commit d0860fef8831535bccae0273bfde5eb19841acfc) --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 94d5f6bd3ff..751295f435d 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.125"; + version = "5.4.126"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0g73xfkmj4sahrk7gx72hm2i4m98gqghswqyf8yqh77b9857bvhp"; + sha256 = "0xsjcdgiix8slykzi9c12pl5hk2fnz1bqrxxdcr79d9nmfc7kzf7"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ]; From c96a2fc4c9d4a53be71bb0c534edecb06a102f9d Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:58 +0000 Subject: [PATCH 134/202] linux/hardened/patches/4.14: 4.14.236-hardened1 -> 4.14.237-hardened1 (cherry picked from commit a7b1c72c5ec814f49dea2bae5e6f413dfbec9efb) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index f9c25f12368..dc92f61162b 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -1,9 +1,9 @@ { "4.14": { "extra": "-hardened1", - "name": "linux-hardened-4.14.236-hardened1.patch", - "sha256": "08wnc1acx8fnnrpaz5hxw9gakgk7qxf3kq1pycljl7396dnsy6xg", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.236-hardened1/linux-hardened-4.14.236-hardened1.patch" + "name": "linux-hardened-4.14.237-hardened1.patch", + "sha256": "0iz7q29dazp11ii1f2kcffkpi14765w0ryrn6dsb8mlqcsw639lc", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.237-hardened1/linux-hardened-4.14.237-hardened1.patch" }, "4.19": { "extra": "-hardened1", From 5abf0043a31c68c0104525c6a59a481d18e4594b Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:13:59 +0000 Subject: [PATCH 135/202] linux/hardened/patches/4.19: 4.19.194-hardened1 -> 4.19.195-hardened1 (cherry picked from commit 00eb48b68b2aff0cb2de7dee6880ed39d5423950) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index dc92f61162b..14a543bbcd5 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -7,9 +7,9 @@ }, "4.19": { "extra": "-hardened1", - "name": "linux-hardened-4.19.194-hardened1.patch", - "sha256": "102w5algxybffy5176zzgz7knafpdc0lp9y5wjdrf6yr65l4j5rj", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.194-hardened1/linux-hardened-4.19.194-hardened1.patch" + "name": "linux-hardened-4.19.195-hardened1.patch", + "sha256": "1h8v28kscaz4y2samww3vxpq4xvkbdvsnr0hybimn0ygwphshpqq", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.195-hardened1/linux-hardened-4.19.195-hardened1.patch" }, "5.10": { "extra": "-hardened1", From d14bae7155086fc5981b72904e722ccdbd138a57 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:14:00 +0000 Subject: [PATCH 136/202] linux/hardened/patches/5.10: 5.10.43-hardened1 -> 5.10.44-hardened1 (cherry picked from commit 9e42f0075a28940382f424121a355449c066ee50) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 14a543bbcd5..bb8ea798156 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -13,9 +13,9 @@ }, "5.10": { "extra": "-hardened1", - "name": "linux-hardened-5.10.43-hardened1.patch", - "sha256": "0hx2g4brpk32phiin96w4kgsbibrcb69a22p0rsqcanxl76v48sz", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.43-hardened1/linux-hardened-5.10.43-hardened1.patch" + "name": "linux-hardened-5.10.44-hardened1.patch", + "sha256": "12bxv87w74lj73vqflpfk022x2ig81lfn4pf1gfanw9zxjrapw4m", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.44-hardened1/linux-hardened-5.10.44-hardened1.patch" }, "5.12": { "extra": "-hardened1", From 55875793a1620d82210d07f3fc56472e9963f771 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:14:01 +0000 Subject: [PATCH 137/202] linux/hardened/patches/5.12: 5.12.10-hardened1 -> 5.12.11-hardened1 (cherry picked from commit ec53be76f2b5738e6ea66cdf064ab67df3f15ca8) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index bb8ea798156..9bab532950e 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -19,9 +19,9 @@ }, "5.12": { "extra": "-hardened1", - "name": "linux-hardened-5.12.10-hardened1.patch", - "sha256": "0wyw33kg3xih2j19hsff9mapxjll8ad38il74gkcbnhwci0ys1mc", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.10-hardened1/linux-hardened-5.12.10-hardened1.patch" + "name": "linux-hardened-5.12.11-hardened1.patch", + "sha256": "15qi1znszdg6c0v077k1p4gs0kbpvp6hqjcyg262yqjlpn1c7hcb", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.11-hardened1/linux-hardened-5.12.11-hardened1.patch" }, "5.4": { "extra": "-hardened1", From efb61e9e83199358d5b4f07d02ad1f48992d1cb9 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Thu, 17 Jun 2021 01:14:02 +0000 Subject: [PATCH 138/202] linux/hardened/patches/5.4: 5.4.125-hardened1 -> 5.4.126-hardened1 (cherry picked from commit 98642dcfd9c281266605e672e87552ea65e7f914) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 9bab532950e..1fedb688920 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -25,8 +25,8 @@ }, "5.4": { "extra": "-hardened1", - "name": "linux-hardened-5.4.125-hardened1.patch", - "sha256": "1vc6jgiglc4i5my9iw24yw16wi0x1lxkvyb6i619z3k3zh39gm04", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.125-hardened1/linux-hardened-5.4.125-hardened1.patch" + "name": "linux-hardened-5.4.126-hardened1.patch", + "sha256": "05bjry8390iy01nfvkp12x78brgndwm5rsqhnl7yp6vwgdi0fyj1", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.126-hardened1/linux-hardened-5.4.126-hardened1.patch" } } From 17c83897a5a42ad6ae2ee4ca3c51c7d7716b11ef Mon Sep 17 00:00:00 2001 From: sternenseemann <0rpkxez4ksa01gb3typccl0i@systemli.org> Date: Fri, 11 Jun 2021 19:27:02 +0200 Subject: [PATCH 139/202] pass: 1.7.3 -> 1.7.4 Mostly bug fixes, the following changes were required in the package: * set-correct-program-name-for-sleep.patch needed to be rebased, b08781e2a6e183986eb1c24f51cdeff879b7a6af partially implemented the changes done in this patch, so we don't need to touch password-store.sh anymore. * Remove wayland patch since it is part of the release now * Reworked assert logic wrt to x11-/wayland- and dmenuSupport: passmenu now supports wayland as well via dmenu-wayland. Sadly the choice of menu is not changeable, pending https://lists.zx2c4.com/pipermail/password-store/2021-January/004363.html * Rebased no-darwin-getopt.patch * Note that f.el is no longer required Reviews would be appreciated, I might've missed something. (cherry picked from commit 9b794eb21af842bda137bf9f1ecc95c2d2affc8c) --- .../security/pass/clip-wayland-support.patch | 113 ------------------ pkgs/tools/security/pass/default.nix | 33 ++--- .../security/pass/no-darwin-getopt.patch | 14 ++- .../set-correct-program-name-for-sleep.patch | 19 --- 4 files changed, 25 insertions(+), 154 deletions(-) delete mode 100644 pkgs/tools/security/pass/clip-wayland-support.patch diff --git a/pkgs/tools/security/pass/clip-wayland-support.patch b/pkgs/tools/security/pass/clip-wayland-support.patch deleted file mode 100644 index 7b8d2eb010d..00000000000 --- a/pkgs/tools/security/pass/clip-wayland-support.patch +++ /dev/null @@ -1,113 +0,0 @@ -From b0b784b1a57c0b06936e6f5d6560712b4b810cd3 Mon Sep 17 00:00:00 2001 -From: Brett Cornwall -Date: Wed, 27 Feb 2019 00:08:33 -0700 -Subject: clip: Add support for wl-clipboard - -Edited to properly apply with -`set-correct-program-name-for-sleep.patch`. - ---- - README | 4 +++- - man/pass.1 | 5 +++++ - src/password-store.sh | 26 +++++++++++++++++++++----- - 3 files changed, 29 insertions(+), 6 deletions(-) - -diff --git a/README b/README -index 6b59965..1a46242 100644 ---- a/README -+++ b/README -@@ -19,8 +19,10 @@ Depends on: - http://www.gnupg.org/ - - git - http://www.git-scm.com/ --- xclip -+- xclip (for X11 environments) - http://sourceforge.net/projects/xclip/ -+- wl-clipboard (for wlroots Wayland-based environments) -+ https://github.com/bugaevc/wl-clipboard - - tree >= 1.7.0 - http://mama.indstate.edu/users/ice/tree/ - - GNU getopt -diff --git a/man/pass.1 b/man/pass.1 -index 01a3fbe..a555dcb 100644 ---- a/man/pass.1 -+++ b/man/pass.1 -@@ -99,6 +99,8 @@ Decrypt and print a password named \fIpass-name\fP. If \fI--clip\fP or \fI-c\fP - is specified, do not print the password but instead copy the first (or otherwise specified) - line to the clipboard using - .BR xclip (1) -+or -+.BR wl-clipboard(1) - and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP) seconds. If \fI--qrcode\fP - or \fI-q\fP is specified, do not print the password but instead display a QR code using - .BR qrencode (1) -@@ -132,6 +134,8 @@ in generating passwords can be changed with the \fIPASSWORD_STORE_CHARACTER_SET\ - If \fI--clip\fP or \fI-c\fP is specified, do not print the password but instead copy - it to the clipboard using - .BR xclip (1) -+or -+.BR wl-clipboard(1) - and then restore the clipboard after 45 (or \fIPASSWORD_STORE_CLIP_TIME\fP) seconds. If \fI--qrcode\fP - or \fI-q\fP is specified, do not print the password but instead display a QR code using - .BR qrencode (1) -@@ -466,6 +470,7 @@ The location of the text editor used by \fBedit\fP. - .BR tr (1), - .BR git (1), - .BR xclip (1), -+.BR wl-clipboard (1), - .BR qrencode (1). - - .SH AUTHOR -diff --git a/src/password-store.sh b/src/password-store.sh -index d89d455..284eabf 100755 ---- a/src/password-store.sh -+++ b/src/password-store.sh -@@ -152,16 +152,32 @@ check_sneaky_paths() { - # - - clip() { -+ if [[ -n $WAYLAND_DISPLAY ]]; then -+ local copy_cmd=( wl-copy ) -+ local paste_cmd=( wl-paste -n ) -+ if [[ $X_SELECTION == primary ]]; then -+ copy_cmd+=( --primary ) -+ paste_cmd+=( --primary ) -+ fi -+ local display_name="$WAYLAND_DISPLAY" -+ elif [[ -n $DISPLAY ]]; then -+ local copy_cmd=( xclip -selection "$X_SELECTION" ) -+ local paste_cmd=( xclip -o -selection "$X_SELECTION" ) -+ local display_name="$DISPLAY" -+ else -+ die "Error: No X11 or Wayland display detected" -+ fi -+ local sleep_argv0="password store sleep on display $display_name" -+ - # This base64 business is because bash cannot store binary data in a shell - # variable. Specifically, it cannot store nulls nor (non-trivally) store - # trailing new lines. -- local sleep_argv0="password store sleep on display $DISPLAY" - pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 -- local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | $BASE64)" -- echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard" -+ local before="$("${paste_cmd[@]}" 2>/dev/null | $BASE64)" -+ echo -n "$1" | "${copy_cmd[@]}" || die "Error: Could not copy data to the clipboard" - ( - ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") ) -- local now="$(xclip -o -selection "$X_SELECTION" | $BASE64)" -+ local now="$("${paste_cmd[@]}" | $BASE64)" - [[ $now != $(echo -n "$1" | $BASE64) ]] && before="$now" - - # It might be nice to programatically check to see if klipper exists, -@@ -173,7 +189,7 @@ clip() { - # so we axe it here: - qdbus org.kde.klipper /klipper org.kde.klipper.klipper.clearClipboardHistory &>/dev/null - -- echo "$before" | $BASE64 -d | xclip -selection "$X_SELECTION" -+ echo "$before" | $BASE64 -d | "${copy_cmd[@]}" - ) >/dev/null 2>&1 & disown - echo "Copied $2 to clipboard. Will clear in $CLIP_TIME seconds." - } --- -cgit v1.2.1-28-gf32c - diff --git a/pkgs/tools/security/pass/default.nix b/pkgs/tools/security/pass/default.nix index a7872c50fb3..7468b5dcc8d 100644 --- a/pkgs/tools/security/pass/default.nix +++ b/pkgs/tools/security/pass/default.nix @@ -3,8 +3,9 @@ , which, procps , qrencode , makeWrapper, pass, symlinkJoin , xclip ? null, xdotool ? null, dmenu ? null -, x11Support ? !stdenv.isDarwin , dmenuSupport ? x11Support +, x11Support ? !stdenv.isDarwin , dmenuSupport ? (x11Support || waylandSupport) , waylandSupport ? false, wl-clipboard ? null +, ydotool ? null, dmenu-wayland ? null # For backwards-compatibility , tombPluginSupport ? false @@ -13,13 +14,15 @@ with lib; assert x11Support -> xclip != null; - -assert dmenuSupport -> dmenu != null - && xdotool != null - && x11Support; - assert waylandSupport -> wl-clipboard != null; +assert dmenuSupport -> x11Support || waylandSupport; +assert dmenuSupport && x11Support + -> dmenu != null && xdotool != null; +assert dmenuSupport && waylandSupport + -> dmenu-wayland != null && ydotool != null; + + let passExtensions = import ./extensions { inherit pkgs; }; @@ -52,21 +55,18 @@ let in stdenv.mkDerivation rec { - version = "1.7.3"; + version = "1.7.4"; pname = "password-store"; src = fetchurl { url = "https://git.zx2c4.com/password-store/snapshot/${pname}-${version}.tar.xz"; - sha256 = "1x53k5dn3cdmvy8m4fqdld4hji5n676ksl0ql4armkmsds26av1b"; + sha256 = "1h4k6w7g8pr169p5w9n6mkdhxl3pw51zphx7www6pvgjb7vgmafg"; }; patches = [ ./set-correct-program-name-for-sleep.patch ./extension-dir.patch - ] ++ lib.optional stdenv.isDarwin ./no-darwin-getopt.patch - # TODO (@Ma27) this patch adds support for wl-clipboard and can be removed during the next - # version bump. - ++ lib.optional waylandSupport ./clip-wayland-support.patch; + ] ++ lib.optional stdenv.isDarwin ./no-darwin-getopt.patch; nativeBuildInputs = [ makeWrapper ]; @@ -74,8 +74,7 @@ stdenv.mkDerivation rec { postInstall = '' # Install Emacs Mode. NOTE: We can't install the necessary - # dependencies (s.el and f.el) here. The user has to do this - # himself. + # dependencies (s.el) here. The user has to do this themselves. mkdir -p "$out/share/emacs/site-lisp" cp "contrib/emacs/password-store.el" "$out/share/emacs/site-lisp/" '' + optionalString dmenuSupport '' @@ -96,8 +95,10 @@ stdenv.mkDerivation rec { procps ] ++ optional stdenv.isDarwin openssl ++ optional x11Support xclip - ++ optionals dmenuSupport [ xdotool dmenu ] - ++ optional waylandSupport wl-clipboard); + ++ optional waylandSupport wl-clipboard + ++ optionals (waylandSupport && dmenuSupport) [ ydotool dmenu-wayland ] + ++ optionals (x11Support && dmenuSupport) [ xdotool dmenu ] + ); postFixup = '' # Fix program name in --help diff --git a/pkgs/tools/security/pass/no-darwin-getopt.patch b/pkgs/tools/security/pass/no-darwin-getopt.patch index e8f7e138ff0..7e8b66dd7f1 100644 --- a/pkgs/tools/security/pass/no-darwin-getopt.patch +++ b/pkgs/tools/security/pass/no-darwin-getopt.patch @@ -1,9 +1,11 @@ -diff -Naur password-store-1.6.5-orig/src/platform/darwin.sh password-store-1.6.5/src/platform/darwin.sh ---- password-store-1.6.5-orig/src/platform/darwin.sh 2015-01-28 16:43:02.000000000 +0000 -+++ password-store-1.6.5/src/platform/darwin.sh 2015-02-15 16:09:02.000000000 +0000 -@@ -31,5 +31,4 @@ - mount -t hfs -o noatime -o nobrowse "$DARWIN_RAMDISK_DEV" "$SECURE_TMPDIR" || die "Error: could not mount filesystem on ramdisk." +diff --git a/src/platform/darwin.sh b/src/platform/darwin.sh +index f6cc471..e2e8bba 100644 +--- a/src/platform/darwin.sh ++++ b/src/platform/darwin.sh +@@ -39,6 +39,5 @@ qrcode() { + fi } --GETOPT="$(brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" +-GETOPT="$({ test -x /usr/local/opt/gnu-getopt/bin/getopt && echo /usr/local/opt/gnu-getopt; } || brew --prefix gnu-getopt 2>/dev/null || { which port &>/dev/null && echo /opt/local; } || echo /usr/local)/bin/getopt" SHRED="srm -f -z" + BASE64="openssl base64" diff --git a/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch b/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch index f3a844ad2d6..a71a279c1ef 100644 --- a/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch +++ b/pkgs/tools/security/pass/set-correct-program-name-for-sleep.patch @@ -5,29 +5,10 @@ Subject: [PATCH] Patch the clip() function to work even when using single-binary coreutils --- - src/password-store.sh | 4 ++-- src/platform/cygwin.sh | 4 ++-- src/platform/darwin.sh | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) -diff --git a/src/password-store.sh b/src/password-store.sh -index 7264ffc..68551a4 100755 ---- a/src/password-store.sh -+++ b/src/password-store.sh -@@ -155,11 +155,11 @@ clip() { - # variable. Specifically, it cannot store nulls nor (non-trivally) store - # trailing new lines. - local sleep_argv0="password store sleep on display $DISPLAY" -- pkill -f "^$sleep_argv0" 2>/dev/null && sleep 0.5 -+ pkill -P $(pgrep -f "^$sleep_argv0") 2>/dev/null && sleep 0.5 - local before="$(xclip -o -selection "$X_SELECTION" 2>/dev/null | $BASE64)" - echo -n "$1" | xclip -selection "$X_SELECTION" || die "Error: Could not copy data to the clipboard" - ( -- ( exec -a "$sleep_argv0" bash <<<"trap 'kill %1' TERM; sleep '$CLIP_TIME' & wait" ) -+ ( exec -a "$sleep_argv0" bash <(echo trap 'kill %1' TERM\; sleep "$CLIP_TIME & wait") ) - local now="$(xclip -o -selection "$X_SELECTION" | $BASE64)" - [[ $now != $(echo -n "$1" | $BASE64) ]] && before="$now" - diff --git a/src/platform/cygwin.sh b/src/platform/cygwin.sh index 5a8d5ea..423e0ce 100644 --- a/src/platform/cygwin.sh From bad3ccd099ebe9a8aa017bda8500ab02787d90aa Mon Sep 17 00:00:00 2001 From: Alyssa Ross Date: Wed, 16 Jun 2021 19:22:12 +0000 Subject: [PATCH 140/202] makeDBusConf: make apparmor argument optional The only in-tree use of this is the DBus NixOS module, which always passes apparmor (but the services.dbus.apparmor option defaults to "disabled"). Set the default in the function as well so other users of the function can take advantage of it. (cherry picked from commit e9f45cc69d6fb2a2e2446ce9606eb7e9c376959f) --- pkgs/top-level/all-packages.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 20daf163363..0e42d2e389d 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -14521,7 +14521,7 @@ in dbus-sharp-glib-1_0 = callPackage ../development/libraries/dbus-sharp-glib/dbus-sharp-glib-1.0.nix { }; dbus-sharp-glib-2_0 = callPackage ../development/libraries/dbus-sharp-glib { }; - makeDBusConf = { suidHelper, serviceDirectories, apparmor }: + makeDBusConf = { suidHelper, serviceDirectories, apparmor ? "disabled" }: callPackage ../development/libraries/dbus/make-dbus-conf.nix { inherit suidHelper serviceDirectories apparmor; }; From 3715be19ec9b7d7fe0eefbfa013ad8133a4138c0 Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Fri, 18 Jun 2021 11:59:37 +0200 Subject: [PATCH 141/202] chromium: 91.0.4472.106 -> 91.0.4472.114 https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop_17.html This update includes 4 security fixes. Google is aware that an exploit for CVE-2021-30554 exists in the wild. CVEs: CVE-2021-30554 CVE-2021-30555 CVE-2021-30556 CVE-2021-30557 (cherry picked from commit 0505ed81bc2a71be572117208829b5e69ea9fd65) --- .../networking/browsers/chromium/upstream-info.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index c18b25b5147..7c3abf1e009 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -1,8 +1,8 @@ { "stable": { - "version": "91.0.4472.106", - "sha256": "1fxy1l2dl0f6v8566lykcng18ma6fv4nlwxmdb0hh06fgp6khpjl", - "sha256bin64": "11l88fqrl1r7b02j78zgrr6kajayl8kw8mb8b91ard18w5kz1xvd", + "version": "91.0.4472.114", + "sha256": "0wbyiwbdazgjjgj9vs56x26q3g9r80a57gfl0f2rfl1j7xwgxiy1", + "sha256bin64": "00ac1dyqxpxy1j11jvc5j35bgc629n2f2pll3912gzih4ir0vrys", "deps": { "gn": { "version": "2021-04-06", From 450eab40ac9f5154221f14f43c09d2b90e5f0d88 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Fri, 18 Jun 2021 10:55:07 +0000 Subject: [PATCH 142/202] appgate-sdp: 5.4.0 -> 5.4.2 (cherry picked from commit 8c6c14f7a6fd81f1c6b66514aca8718ede68ee1a) --- pkgs/applications/networking/appgate-sdp/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/appgate-sdp/default.nix b/pkgs/applications/networking/appgate-sdp/default.nix index e9e22741c41..29b51fa7f82 100644 --- a/pkgs/applications/networking/appgate-sdp/default.nix +++ b/pkgs/applications/networking/appgate-sdp/default.nix @@ -99,11 +99,11 @@ let in stdenv.mkDerivation rec { pname = "appgate-sdp"; - version = "5.4.0"; + version = "5.4.2"; src = fetchurl { url = "https://bin.appgate-sdp.com/${lib.versions.majorMinor version}/client/appgate-sdp_${version}_amd64.deb"; - sha256 = "sha256-2DzZ5JnFGBeaHtDf7CAXb/qv6kVI+sYMW5Nc25E3eNA="; + sha256 = "sha256-wAhcTRO/Cd4MG1lfPNDq92yGcu3NOfymucddy92VaXo="; }; dontConfigure = true; From fc2b15a4f28db9594b3d93e2b28124b5855b6cf1 Mon Sep 17 00:00:00 2001 From: Pol Dellaiera Date: Fri, 18 Jun 2021 21:01:56 +0200 Subject: [PATCH 143/202] Bump from 4.25.2 to 4.25.4. (cherry picked from commit ad8bc531cca4305798bf5371509f4feaa7b134c1) --- pkgs/development/tools/symfony-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/tools/symfony-cli/default.nix b/pkgs/development/tools/symfony-cli/default.nix index eb12f9e1dcd..6ff541b933c 100644 --- a/pkgs/development/tools/symfony-cli/default.nix +++ b/pkgs/development/tools/symfony-cli/default.nix @@ -2,11 +2,11 @@ stdenvNoCC.mkDerivation rec { pname = "symfony-cli"; - version = "4.25.2"; + version = "4.25.4"; src = fetchurl { url = "https://github.com/symfony/cli/releases/download/v${version}/symfony_linux_amd64.gz"; - sha256 = "8bfa53c1479883e9b48d2e4e5d3f6f7a511df73d65fe5c7b07a4890ee2c75c7e"; + sha256 = "94ade97d79e6949022ac45e4f8f9c025a9e3efa54a1a891a086a24eb9a9765a7"; }; dontBuild = true; From 798a2dfaa7c13ae782e84eddfdc12218f7daf7d0 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Thu, 17 Jun 2021 01:34:56 +0000 Subject: [PATCH 144/202] bosh-cli: 6.4.3 -> 6.4.4 (cherry picked from commit dd1b9306467d6ad3cfaabfb0d8d5a79c8c76404b) --- pkgs/applications/networking/cluster/bosh-cli/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/cluster/bosh-cli/default.nix b/pkgs/applications/networking/cluster/bosh-cli/default.nix index 070af87f9c4..2354a41a6a6 100644 --- a/pkgs/applications/networking/cluster/bosh-cli/default.nix +++ b/pkgs/applications/networking/cluster/bosh-cli/default.nix @@ -8,13 +8,13 @@ buildGoModule rec { pname = "bosh-cli"; - version = "6.4.3"; + version = "6.4.4"; src = fetchFromGitHub { owner = "cloudfoundry"; repo = pname; rev = "v${version}"; - sha256 = "1glxwk0fv52rjim7ihcxkjx19fsn9k7gzg9zmwxgx8wpsjrdcq3f"; + sha256 = "sha256-N7GrxePNewxhHnkQP/XBdUIEL5FsFD4avouZaIO+BKc="; }; vendorSha256 = null; From 15d6e418149d2a8adc6874e73bcd3573756885ec Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Fri, 18 Jun 2021 19:11:31 +0200 Subject: [PATCH 145/202] gitea: 1.14.2 -> 1.14.3 ChangeLog: https://github.com/go-gitea/gitea/releases/tag/v1.14.3 (cherry picked from commit d5edee8113b7b0567492568e1c0552b4c7d22771) --- pkgs/applications/version-management/gitea/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/gitea/default.nix b/pkgs/applications/version-management/gitea/default.nix index e92a5a38a28..96f3af51620 100644 --- a/pkgs/applications/version-management/gitea/default.nix +++ b/pkgs/applications/version-management/gitea/default.nix @@ -16,12 +16,12 @@ with lib; buildGoPackage rec { pname = "gitea"; - version = "1.14.2"; + version = "1.14.3"; # not fetching directly from the git repo, because that lacks several vendor files for the web UI src = fetchurl { url = "https://github.com/go-gitea/gitea/releases/download/v${version}/gitea-src-${version}.tar.gz"; - sha256 = "sha256-0EvKk0/ro1YAqvc5yCt8vn2LkRoIbXrFTwcQtomoWsM="; + sha256 = "sha256-ieQxqZO84sYBcCzWYn40tRGLgSs2PpLlcNkI4vFq+wE="; }; unpackPhase = '' From fbeb67dd93f18806c413de4c451859db9814d96f Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Fri, 18 Jun 2021 22:46:49 +0000 Subject: [PATCH 146/202] chromium: fix APNG support https://bugs.chromium.org/p/chromium/issues/detail?id=752403 (cherry picked from commit 52651ca62a9e9bf5833ffda13baed4b96b766381) --- pkgs/applications/networking/browsers/chromium/common.nix | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index 57cac091912..c2417d9f524 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -92,9 +92,10 @@ let }; defaultDependencies = [ + (libpng.override { apngSupport = false; }) # https://bugs.chromium.org/p/chromium/issues/detail?id=752403 bzip2 flac speex opusWithCustomModes libevent expat libjpeg snappy - libpng libcap + libcap xdg-utils minizip libwebp libusb1 re2 ffmpeg libxslt libxml2 From 73167dd57510d073c1e8658b2a47455b2f7be4f0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sandro=20J=C3=A4ckel?= Date: Thu, 27 May 2021 17:04:19 +0200 Subject: [PATCH 147/202] diff-so-fancy: 1.4.0 -> 1.4.1 (cherry picked from commit 15eb917faf7ddab6d7ab8a17cf72a425eff898e5) --- .../git-and-tools/diff-so-fancy/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix b/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix index a1daf3db448..77ad7d8658d 100644 --- a/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix +++ b/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "diff-so-fancy"; - version = "1.4.0"; + version = "1.4.1"; src = fetchFromGitHub { owner = "so-fancy"; repo = "diff-so-fancy"; rev = "v${version}"; - sha256 = "sha256-//n7kOANVHRSjxclxDcMnpMVzUcd/U6fFsP8acRjVWA="; + sha256 = "sha256-bV22x459QerWg4MVLWsXPDhM38QWG6BE+dVmKIFfDiE="; }; nativeBuildInputs = [ From 2a27281bc1661483200c3566756d1098367978c9 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Mon, 14 Jun 2021 22:36:43 +0200 Subject: [PATCH 148/202] gitAndTools.diff-so-fancy: 1.4.1 -> 1.4.2 ChangeLog: https://github.com/so-fancy/diff-so-fancy/releases/tag/v1.4.2 (cherry picked from commit d387353590e9a1c6c7206ee6a64551570769b03d) --- .../git-and-tools/diff-so-fancy/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix b/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix index 77ad7d8658d..95060714c24 100644 --- a/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix +++ b/pkgs/applications/version-management/git-and-tools/diff-so-fancy/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "diff-so-fancy"; - version = "1.4.1"; + version = "1.4.2"; src = fetchFromGitHub { owner = "so-fancy"; repo = "diff-so-fancy"; rev = "v${version}"; - sha256 = "sha256-bV22x459QerWg4MVLWsXPDhM38QWG6BE+dVmKIFfDiE="; + sha256 = "sha256-1kBarsRiuB8fv7VLlWfpotPfHeMrfmIXHXTFu8TzC2A="; }; nativeBuildInputs = [ @@ -52,6 +52,6 @@ stdenv.mkDerivation rec { diff-so-fancy builds on the good-lookin' output of git contrib's diff-highlight to upgrade your diffs' appearances. ''; - maintainers = with maintainers; [ fpletz globin ]; + maintainers = with maintainers; [ fpletz globin ma27 ]; }; } From 426c25db0d9f78769fa95d0613fd1ba5d6271e39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sat, 19 Jun 2021 18:36:29 +0200 Subject: [PATCH 149/202] getmail6: 6.16 -> 6.17 https://github.com/getmail6/getmail6/releases/tag/v6.17 (cherry picked from commit fbf187aafe8c330f6986a182d171c17a4947d168) --- pkgs/tools/networking/getmail6/default.nix | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/pkgs/tools/networking/getmail6/default.nix b/pkgs/tools/networking/getmail6/default.nix index 673ff7f83a3..ceec2bab490 100644 --- a/pkgs/tools/networking/getmail6/default.nix +++ b/pkgs/tools/networking/getmail6/default.nix @@ -1,16 +1,20 @@ -{ fetchFromGitHub, python3Packages, lib }: +{ lib +, python3 +, fetchFromGitHub +}: -python3Packages.buildPythonApplication rec { +python3.pkgs.buildPythonApplication rec { pname = "getmail6"; - version = "6.16"; + version = "6.17"; src = fetchFromGitHub { owner = pname; repo = pname; rev = "v${version}"; - sha256 = "1y373nzbffjjjs43441cn3wrb0yq1mw2vqixhizbzdacrs45xbfa"; + sha256 = "sha256-pPf+98zoS1t59RoqbmS4V0OsTLMR37Wcsl9BSWuvc0k="; }; + # needs a Docker setup doCheck = false; pythonImportsCheck = [ "getmailcore" ]; @@ -26,6 +30,6 @@ python3Packages.buildPythonApplication rec { homepage = "https://getmail6.org"; updateWalker = true; license = licenses.gpl2Plus; - maintainers = with maintainers; [ abbe ]; + maintainers = with maintainers; [ abbe dotlambda ]; }; } From 59979f87460379fb2156e462a941b97ddf62ee3a Mon Sep 17 00:00:00 2001 From: Thomas Gerbet Date: Sat, 19 Jun 2021 10:33:02 +0200 Subject: [PATCH 150/202] pythonPackages.impacket: 0.9.22 -> 0.9.23 Fixes CVE-2021-31800. https://github.com/SecureAuthCorp/impacket/releases/tag/impacket_0_9_23 (cherry picked from commit 31c39c11ca197f2e64ca90dcb329ff052d9bde68) --- pkgs/development/python-modules/impacket/default.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/development/python-modules/impacket/default.nix b/pkgs/development/python-modules/impacket/default.nix index 15d148f168f..43fdfb6a9ce 100644 --- a/pkgs/development/python-modules/impacket/default.nix +++ b/pkgs/development/python-modules/impacket/default.nix @@ -1,15 +1,15 @@ -{ lib, buildPythonPackage, fetchPypi, flask, ldapdomaindump, pycryptodomex, pyasn1, pyopenssl }: +{ lib, buildPythonPackage, fetchPypi, flask, ldapdomaindump, pycryptodomex, pyasn1, pyopenssl, chardet }: buildPythonPackage rec { pname = "impacket"; - version = "0.9.22"; + version = "0.9.23"; src = fetchPypi { inherit pname version; - sha256 = "4bf7e7b595356585599b4b2773b8a463d7b9765c97012dcd5a44eb6d547f6a1d"; + sha256 = "113isxb9rd2n761nnh3skg3vqa0v5dalz9kbavyczqyv1jjyh6qw"; }; - propagatedBuildInputs = [ flask ldapdomaindump pycryptodomex pyasn1 pyopenssl ]; + propagatedBuildInputs = [ flask ldapdomaindump pycryptodomex pyasn1 pyopenssl chardet ]; # fail with: # RecursionError: maximum recursion depth exceeded @@ -18,7 +18,7 @@ buildPythonPackage rec { meta = with lib; { description = "Network protocols Constructors and Dissectors"; - homepage = "https://github.com/CoreSecurity/impacket"; + homepage = "https://github.com/SecureAuthCorp/impacket"; # Modified Apache Software License, Version 1.1 license = licenses.free; maintainers = with maintainers; [ SuperSandro2000 ]; From 459ad479686afba9449033c05f8164ffe0d382f8 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Fri, 18 Jun 2021 17:11:23 +0200 Subject: [PATCH 151/202] searx: patch to fix a crash If the `default_doi_resolver` and `use_default_settings` are used together searx crashes. (cherry picked from commit 2a90b3329b18fadf35bf79966cd2330d83547b7e) --- pkgs/servers/web-apps/searx/default.nix | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/pkgs/servers/web-apps/searx/default.nix b/pkgs/servers/web-apps/searx/default.nix index 43fb374fe11..3ba6f327042 100644 --- a/pkgs/servers/web-apps/searx/default.nix +++ b/pkgs/servers/web-apps/searx/default.nix @@ -1,4 +1,4 @@ -{ lib, nixosTests, python3, python3Packages, fetchFromGitHub }: +{ lib, nixosTests, python3, python3Packages, fetchFromGitHub, fetchpatch }: with python3Packages; @@ -14,6 +14,14 @@ toPythonModule (buildPythonApplication rec { sha256 = "0ghkx8g8jnh8yd46p4mlbjn2zm12nx27v7qflr4c8xhlgi0px0mh"; }; + patches = [ + # Fix a crash, remove with the next update + (fetchpatch { + url = "https://github.com/searx/searx/commit/9c10b150963babb7f0b52081693a42b2e61eede9.patch"; + sha256 = "0svp8799628wja2hq59da6rxqi99am8p6hb8y27ciwzsjz0wwba7"; + }) + ]; + postPatch = '' sed -i 's/==.*$//' requirements.txt ''; From 6613a30c5e3ee59753181512b4bedd4121569925 Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Mon, 24 May 2021 22:01:59 +0200 Subject: [PATCH 152/202] gnomeExtensions: normalize pnames They should have gnome-shell-extension prefix like most other extension packages. This is what other distros listed on Repology use so Repology will be able to unify them. Exception is chrome-gnome-shell, which is estabilished under that name. (cherry picked from commit 5ba789eeca29a85144d1b611e52d09b132bedd91) --- pkgs/desktops/gnome/extensions/arcmenu/default.nix | 2 +- pkgs/desktops/gnome/extensions/buildGnomeExtension.nix | 2 +- pkgs/desktops/gnome/extensions/dash-to-dock/default.nix | 2 +- pkgs/desktops/gnome/extensions/dash-to-panel/default.nix | 2 +- pkgs/desktops/gnome/extensions/emoji-selector/default.nix | 2 +- pkgs/desktops/gnome/extensions/freon/default.nix | 2 +- pkgs/desktops/gnome/extensions/gsconnect/default.nix | 2 +- pkgs/desktops/gnome/extensions/impatience/default.nix | 2 +- pkgs/desktops/gnome/extensions/noannoyance/default.nix | 2 +- pkgs/desktops/gnome/extensions/system-monitor/default.nix | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/pkgs/desktops/gnome/extensions/arcmenu/default.nix b/pkgs/desktops/gnome/extensions/arcmenu/default.nix index 8fa29126a30..c3ed99b788b 100644 --- a/pkgs/desktops/gnome/extensions/arcmenu/default.nix +++ b/pkgs/desktops/gnome/extensions/arcmenu/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitLab, glib, gettext, substituteAll, gnome-menus }: stdenv.mkDerivation rec { - pname = "gnome-shell-arcmenu"; + pname = "gnome-shell-extension-arcmenu"; version = "10"; src = fetchFromGitLab { diff --git a/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix b/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix index ad405fae34b..2d12b9983d5 100644 --- a/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix +++ b/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix @@ -19,7 +19,7 @@ let }: stdenv.mkDerivation { - inherit pname; + pname = "gnome-shell-extension-${pname}"; version = builtins.toString version; src = fetchzip { url = "https://extensions.gnome.org/extension-data/${ diff --git a/pkgs/desktops/gnome/extensions/dash-to-dock/default.nix b/pkgs/desktops/gnome/extensions/dash-to-dock/default.nix index 45233e52f89..97815a844d7 100644 --- a/pkgs/desktops/gnome/extensions/dash-to-dock/default.nix +++ b/pkgs/desktops/gnome/extensions/dash-to-dock/default.nix @@ -5,7 +5,7 @@ }: stdenv.mkDerivation rec { - pname = "gnome-shell-dash-to-dock"; + pname = "gnome-shell-extension-dash-to-dock"; version = "69"; src = fetchFromGitHub { diff --git a/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix b/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix index 7a9dc066cc7..440b8d76b17 100644 --- a/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix +++ b/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, glib, gettext }: stdenv.mkDerivation rec { - pname = "gnome-shell-dash-to-panel"; + pname = "gnome-shell-extension-dash-to-panel"; version = "40"; src = fetchFromGitHub { diff --git a/pkgs/desktops/gnome/extensions/emoji-selector/default.nix b/pkgs/desktops/gnome/extensions/emoji-selector/default.nix index 5470dc996be..70f09463d12 100644 --- a/pkgs/desktops/gnome/extensions/emoji-selector/default.nix +++ b/pkgs/desktops/gnome/extensions/emoji-selector/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, glib, gettext }: stdenv.mkDerivation rec { - pname = "gnome-shell-emoji-selector"; + pname = "gnome-shell-extension-emoji-selector"; version = "19"; src = fetchFromGitHub { diff --git a/pkgs/desktops/gnome/extensions/freon/default.nix b/pkgs/desktops/gnome/extensions/freon/default.nix index f30e2f6f8a2..7734558eb20 100644 --- a/pkgs/desktops/gnome/extensions/freon/default.nix +++ b/pkgs/desktops/gnome/extensions/freon/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, glib }: stdenv.mkDerivation rec { - pname = "gnome-shell-freon"; + pname = "gnome-shell-extension-freon"; version = "40"; uuid = "freon@UshakovVasilii_Github.yahoo.com"; diff --git a/pkgs/desktops/gnome/extensions/gsconnect/default.nix b/pkgs/desktops/gnome/extensions/gsconnect/default.nix index c924b4e3eca..8906ebcddec 100644 --- a/pkgs/desktops/gnome/extensions/gsconnect/default.nix +++ b/pkgs/desktops/gnome/extensions/gsconnect/default.nix @@ -18,7 +18,7 @@ }: stdenv.mkDerivation rec { - pname = "gnome-shell-gsconnect"; + pname = "gnome-shell-extension-gsconnect"; version = "46"; outputs = [ "out" "installedTests" ]; diff --git a/pkgs/desktops/gnome/extensions/impatience/default.nix b/pkgs/desktops/gnome/extensions/impatience/default.nix index 82551efef3c..95477222163 100644 --- a/pkgs/desktops/gnome/extensions/impatience/default.nix +++ b/pkgs/desktops/gnome/extensions/impatience/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, fetchFromGitHub, glib }: stdenv.mkDerivation rec { - pname = "gnome-shell-impatience"; + pname = "gnome-shell-extension-impatience"; version = "unstable-2019-09-23"; src = fetchFromGitHub { diff --git a/pkgs/desktops/gnome/extensions/noannoyance/default.nix b/pkgs/desktops/gnome/extensions/noannoyance/default.nix index 4763d905755..1a53e6abd55 100644 --- a/pkgs/desktops/gnome/extensions/noannoyance/default.nix +++ b/pkgs/desktops/gnome/extensions/noannoyance/default.nix @@ -3,7 +3,7 @@ , fetchFromGitHub }: stdenv.mkDerivation rec { - pname = "noannoyance"; + pname = "gnome-shell-extension-noannoyance"; version = "unstable-2021-01-17"; src = fetchFromGitHub { diff --git a/pkgs/desktops/gnome/extensions/system-monitor/default.nix b/pkgs/desktops/gnome/extensions/system-monitor/default.nix index a6cfad43b66..d141ab9dcaa 100644 --- a/pkgs/desktops/gnome/extensions/system-monitor/default.nix +++ b/pkgs/desktops/gnome/extensions/system-monitor/default.nix @@ -1,7 +1,7 @@ { lib, stdenv, substituteAll, fetchFromGitHub, glib, glib-networking, libgtop, gnome }: stdenv.mkDerivation rec { - pname = "gnome-shell-system-monitor"; + pname = "gnome-shell-extension-system-monitor"; version = "unstable-2021-05-04"; src = fetchFromGitHub { From d81e14f4918a19316eb5574ca0ecaf8bb8aba376 Mon Sep 17 00:00:00 2001 From: rnhmjoj Date: Fri, 18 Jun 2021 02:50:34 +0200 Subject: [PATCH 153/202] nixos-rebuild: fix --use-remote-sudo Currently fails with: $ nixos-rebuild test --target-host myhost --use-remote-sudo building Nix... sudo: /run/current-system/sw/bin/sudo must be owned by uid 0 and have the setuid bit set It seems setting an explicit PATH in the ssh command overrides the remote setuid wrappers. (cherry picked from commit 35a8d78e44d566d6d2ddba42ae5137f7a511a090) --- pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh index 2b94f18f538..62828de2676 100644 --- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh +++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh @@ -145,7 +145,7 @@ buildHostCmd() { if [ -z "$buildHost" ]; then "$@" elif [ -n "$remoteNix" ]; then - ssh $SSHOPTS "$buildHost" env PATH="$remoteNix":'$PATH' "${maybeSudo[@]}" "$@" + ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" env PATH="$remoteNix":'$PATH' "$@" else ssh $SSHOPTS "$buildHost" "${maybeSudo[@]}" "$@" fi From 9d8db405412e951614964a03e78fe1fa3aea9bf9 Mon Sep 17 00:00:00 2001 From: Artturin Date: Fri, 18 Jun 2021 02:02:30 +0300 Subject: [PATCH 154/202] mailspring: add wrapGAppsHook (cherry picked from commit 64c69fa288fbcb22a37b3059571386bd578af2fd) --- pkgs/applications/networking/mailreaders/mailspring/default.nix | 2 ++ 1 file changed, 2 insertions(+) diff --git a/pkgs/applications/networking/mailreaders/mailspring/default.nix b/pkgs/applications/networking/mailreaders/mailspring/default.nix index 29667eb52c6..2dd0f5ae747 100644 --- a/pkgs/applications/networking/mailreaders/mailspring/default.nix +++ b/pkgs/applications/networking/mailreaders/mailspring/default.nix @@ -8,6 +8,7 @@ , dpkg , glib , gtk3 +, wrapGAppsHook , libkrb5 , libsecret , nss @@ -28,6 +29,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ autoPatchelfHook dpkg + wrapGAppsHook ]; buildInputs = [ From 60e4d510c23802bfb85bbbcdb132676b336a6303 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Sun, 20 Jun 2021 08:34:48 -0300 Subject: [PATCH 155/202] [Backport release-21.05] linkerd: 2020-05-01 -> edge-21.6.2 (#127154) --- .../networking/cluster/linkerd/default.nix | 87 ++++++++++++++----- pkgs/top-level/all-packages.nix | 4 +- 2 files changed, 66 insertions(+), 25 deletions(-) diff --git a/pkgs/applications/networking/cluster/linkerd/default.nix b/pkgs/applications/networking/cluster/linkerd/default.nix index 0dd6363d07e..07c042bc9c0 100644 --- a/pkgs/applications/networking/cluster/linkerd/default.nix +++ b/pkgs/applications/networking/cluster/linkerd/default.nix @@ -1,27 +1,66 @@ -{ lib, fetchFromGitHub, buildGoModule }: +{ lib, fetchFromGitHub, buildGoModule, installShellFiles }: -buildGoModule { - pname = "linkerd-unstable"; - version = "2020-05-01"; +let generic = { channel, version, sha256, vendorSha256 }: + buildGoModule rec { + pname = "linkerd-${channel}"; + inherit version vendorSha256; - src = fetchFromGitHub { - owner = "linkerd"; - repo = "linkerd2"; - rev = "9e9f3bb1e2aeab8cf20f98f5cad159bbb6f24883"; - sha256 = "1pvj31wz1klwhcqga1m8kixdqsxwmppp9ix6r3wpp4dwfig45fm0"; + src = fetchFromGitHub { + owner = "linkerd"; + repo = "linkerd2"; + rev = "${channel}-${version}"; + inherit sha256; + }; + + subPackages = [ "cli" ]; + runVend = true; + + preBuild = '' + buildFlagsArray+=( + "-tags=prod" + "-ldflags=-s -w -X github.com/linkerd/linkerd2/pkg/version.Version=${src.rev}" + ) + env GOFLAGS="" go generate ./pkg/charts/static + env GOFLAGS="" go generate ./jaeger/static + env GOFLAGS="" go generate ./multicluster/static + env GOFLAGS="" go generate ./viz/static + ''; + + nativeBuildInputs = [ installShellFiles ]; + + postInstall = '' + mv $out/bin/cli $out/bin/linkerd + installShellCompletion --cmd linkerd \ + --bash <($out/bin/linkerd completion bash) \ + --zsh <($out/bin/linkerd completion zsh) \ + --fish <($out/bin/linkerd completion fish) + ''; + + doInstallCheck = true; + installCheckPhase = '' + $out/bin/linkerd version --client | grep ${src.rev} > /dev/null + ''; + + meta = with lib; { + description = "A simple Kubernetes service mesh that improves security, observability and reliability"; + downloadPage = "https://github.com/linkerd/linkerd2/"; + homepage = "https://linkerd.io/"; + license = licenses.asl20; + maintainers = with maintainers; [ Gonzih bryanasdev000 superherointj ]; + }; }; - - vendorSha256 = "0vls58ld50jca5yn73kvg3lx4z83cc7skky54a90pkbj737y58pz"; - - doCheck = false; - - subPackages = [ "cli/cmd" ]; - - meta = with lib; { - description = "A service mesh for Kubernetes and beyond"; - homepage = "https://linkerd.io/"; - license = licenses.asl20; - maintainers = with maintainers; [ Gonzih ]; - broken = true; - }; -} +in + { + stable = generic { + channel = "stable"; + version = "2.10.2"; + sha256 = "sha256-dOD0S4FJ2lXE+1VZooi8tKvC8ndGEHAxmAvSqoWI/m0="; + vendorSha256 = "sha256-Qb0FZOvKL9GgncfUl538PynkYbm3V8Q6lUpApUoIp5s="; + }; + edge = generic { + channel = "edge"; + version = "21.6.2"; + sha256 = "sha256-kgdKH+cIYRg5A3+wrJJ7jcY6Xl206EwBYa37PT3xn1k"; + vendorSha256 = "sha256-QVLg1ZRsNQPM4lERVHpZLbd+I32JZ1pbGNSGIVTbseg="; + }; + } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index 0f307114611..db116204e9e 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -24633,7 +24633,9 @@ in fluxcd = callPackage ../applications/networking/cluster/fluxcd { }; - linkerd = callPackage ../applications/networking/cluster/linkerd { }; + linkerd_stable = (callPackage ../applications/networking/cluster/linkerd { }).stable; + linkerd_edge = (callPackage ../applications/networking/cluster/linkerd { }).edge; + linkerd = linkerd_edge; kile-wl = callPackage ../applications/misc/kile-wl { }; From e5ecc9fbfd3e169cce346523aeb895bfd7177997 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Sun, 20 Jun 2021 15:23:25 +0200 Subject: [PATCH 156/202] pythonPackages.certifi: does not support python2 Support was officially dropped in https://github.com/certifi/python-certifi/commit/5efdd48f719d9c3c7c8f9a812da2256d088eab78 (cherry picked from commit 7748af9fff7867dc7c413c762b36793537b6cf47) --- pkgs/development/python-modules/certifi/default.nix | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pkgs/development/python-modules/certifi/default.nix b/pkgs/development/python-modules/certifi/default.nix index d0ae968b0be..e21719245c8 100644 --- a/pkgs/development/python-modules/certifi/default.nix +++ b/pkgs/development/python-modules/certifi/default.nix @@ -1,5 +1,6 @@ { lib , buildPythonPackage +, isPy27 , fetchFromGitHub , pytestCheckHook }: @@ -8,6 +9,8 @@ buildPythonPackage rec { pname = "certifi"; version = "2021.05.30"; + disabled = isPy27; + src = fetchFromGitHub { owner = pname; repo = "python-certifi"; From d726b9c204416abc8a9122cc48956c89194d0dab Mon Sep 17 00:00:00 2001 From: talyz Date: Wed, 16 Jun 2021 10:25:45 +0200 Subject: [PATCH 157/202] nixos/fail2ban: Remove `reloadIfChanged = true` This makes the service fail when upgrading the package, so let's properly restart it instead. (cherry picked from commit b4c069b1476a92a540e906ef95cd7fb380d29c63) --- nixos/modules/services/security/fail2ban.nix | 1 - 1 file changed, 1 deletion(-) diff --git a/nixos/modules/services/security/fail2ban.nix b/nixos/modules/services/security/fail2ban.nix index 0c24972823d..07702bfb9d0 100644 --- a/nixos/modules/services/security/fail2ban.nix +++ b/nixos/modules/services/security/fail2ban.nix @@ -257,7 +257,6 @@ in partOf = optional config.networking.firewall.enable "firewall.service"; restartTriggers = [ fail2banConf jailConf pathsConf ]; - reloadIfChanged = true; path = [ cfg.package cfg.packageFirewall pkgs.iproute2 ] ++ cfg.extraPackages; From 2d857bc5feb4b8b5e1fc7ee0c9213aee9ab174d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sat, 19 Jun 2021 19:22:56 +0200 Subject: [PATCH 158/202] gnomeExtensions.system-monitor: 2021-05-04 -> 2021-06-19 Fixes crash when opening "Preferences" in NixOS with GNOME 40. Closes #123260. (cherry picked from commit 7073a3722fc0173da59012f751ea7192be03aa4f) --- pkgs/desktops/gnome/extensions/system-monitor/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/desktops/gnome/extensions/system-monitor/default.nix b/pkgs/desktops/gnome/extensions/system-monitor/default.nix index d141ab9dcaa..0a959de2681 100644 --- a/pkgs/desktops/gnome/extensions/system-monitor/default.nix +++ b/pkgs/desktops/gnome/extensions/system-monitor/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "gnome-shell-extension-system-monitor"; - version = "unstable-2021-05-04"; + version = "unstable-2021-06-19"; src = fetchFromGitHub { owner = "paradoxxxzero"; repo = "gnome-shell-system-monitor-applet"; - rev = "bc38ccf49ac0ffae0fc0436f3c2579fc86949f10"; - sha256 = "0yb5sb2xv4m18a24h4daahnxgnlmbfa0rfzic0zs082qv1kfi5h8"; + rev = "bece7be22352b81d3d81e64e18a385812851b8de"; + sha256 = "08nnsg7z3cqk25hfgy4wm02hd2wpz13kig498kn4mf5f1q4hslmx"; }; buildInputs = [ @@ -20,7 +20,7 @@ stdenv.mkDerivation rec { patches = [ (substituteAll { src = ./paths_and_nonexisting_dirs.patch; - clutter_path = gnome.mutter.libdir; # this should not be used in settings but 🤷‍♀️ + clutter_path = gnome.mutter.libdir; # only needed for GNOME < 40. gtop_path = "${libgtop}/lib/girepository-1.0"; glib_net_path = "${glib-networking}/lib/girepository-1.0"; }) From c40c611ff9e58a73c2cc277a047117d84082ec8d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sun, 20 Jun 2021 19:39:35 +0200 Subject: [PATCH 159/202] doc: fix link to kodi-19.0 announcement (cherry picked from commit 14c8246c0c69e3cf48d332ede319238ec36247ed) --- nixos/doc/manual/release-notes/rl-2105.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml index 124ede12726..4cbc1fe36be 100644 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ b/nixos/doc/manual/release-notes/rl-2105.xml @@ -844,7 +844,7 @@ environment.systemPackages = [ Kodi has been updated to version 19.1 "Matrix". See - the announcement for + the announcement for further details. From 2876d250e9f247b80829cb4d860cfa870168b8c7 Mon Sep 17 00:00:00 2001 From: Enno Richter Date: Tue, 15 Jun 2021 10:04:36 +0200 Subject: [PATCH 160/202] sylpheed: Use SNI; fixes TLSv1.3 to imap.gmail.com (cherry picked from commit f28175adcf42adbdddd97aae93d7875fd56e4241) --- .../networking/mailreaders/sylpheed/default.nix | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/mailreaders/sylpheed/default.nix b/pkgs/applications/networking/mailreaders/sylpheed/default.nix index 48a212b4ffb..9a65bec21c2 100644 --- a/pkgs/applications/networking/mailreaders/sylpheed/default.nix +++ b/pkgs/applications/networking/mailreaders/sylpheed/default.nix @@ -1,5 +1,5 @@ { lib, stdenv, fetchurl, pkg-config, gtk2, openssl ? null, gpgme ? null -, gpgSupport ? true, sslSupport ? true }: +, gpgSupport ? true, sslSupport ? true, fetchpatch }: assert gpgSupport -> gpgme != null; assert sslSupport -> openssl != null; @@ -15,6 +15,17 @@ stdenv.mkDerivation rec { sha256 = "0j9y5vdzch251s264diw9clrn88dn20bqqkwfmis9l7m8vmwasqd"; }; + patches = [ + (fetchpatch { + # patch upstream bug https://sylpheed.sraoss.jp/redmine/issues/306 + name = "patch-libsylph_ssl_c.patch"; + url = "https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/mail/sylpheed/patches/patch-libsylph_ssl_c?rev=1.4&content-type=text/plain"; + sha256 = "sha256-k9OwPtHrEjaxXdH0trNqXgJMhR8kjgtei9pi6OFvILk="; + }) + ]; + + patchFlags = [ "-p0" ]; + nativeBuildInputs = [ pkg-config ]; buildInputs = [ gtk2 ] From e9194c796f033626fa9ae43c2d2d66768f20186b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Eduardo=20S=C3=A1nchez=20Mu=C3=B1oz?= Date: Fri, 18 Jun 2021 15:42:26 +0200 Subject: [PATCH 161/202] gnomeExtensions.dash-to-panel: 40 -> 43 Supports GNOME 40 (cherry picked from commit 49ad3f7a530cdc30c16cd85e02874c00a0876fe5) --- pkgs/desktops/gnome/extensions/dash-to-panel/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix b/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix index 440b8d76b17..728f341589d 100644 --- a/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix +++ b/pkgs/desktops/gnome/extensions/dash-to-panel/default.nix @@ -2,13 +2,13 @@ stdenv.mkDerivation rec { pname = "gnome-shell-extension-dash-to-panel"; - version = "40"; + version = "43"; src = fetchFromGitHub { owner = "home-sweet-gnome"; repo = "dash-to-panel"; rev = "v${version}"; - sha256 = "07jq8d16nn62ikis896nyfn3q02f5srj754fmiblhz472q4ljc3p"; + sha256 = "08n6lwcj943p0vzi2vif7j3nza6xg5z1yka68vwc34ia9ys352m7"; }; buildInputs = [ From d99688bba409979e7e0563783a5ef53fbcb92031 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= Date: Sun, 20 Jun 2021 19:44:23 +0200 Subject: [PATCH 162/202] doc: point out that nixos-21.05 has gnuradio 3.9 Reading the release notes I got the impression that the latest (and default) was GR3.8, but it is in fact 3.9. Make that more obvioius. (cherry picked from commit c789c53ce55d26d4963b48cb109fd3f02838fa11) --- nixos/doc/manual/release-notes/rl-2105.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml index 4cbc1fe36be..8246f982190 100644 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ b/nixos/doc/manual/release-notes/rl-2105.xml @@ -113,11 +113,11 @@ - GNURadio 3.8 was + GNURadio 3.8 and 3.9 were finally packaged, along with a rewrite to the Nix expressions, allowing users to override the features upstream supports selecting to compile or not to. - Additionally, the attribute gnuradio and gnuradio3_7 + Additionally, the attribute gnuradio (3.9), gnuradio3_8 and gnuradio3_7 now point to an externally wrapped by default derivations, that allow you to also add `extraPythonPackages` to the Python interpreter used by GNURadio. Missing environmental variables needed for operational GUI were also added From e8d68469fc10e3e0439bbf34d7d508a1dbf3fd1a Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Sun, 20 Jun 2021 13:02:27 +0200 Subject: [PATCH 163/202] ungoogled-chromium: 91.0.4472.101 -> 91.0.4472.114 (cherry picked from commit 4e201c1c3ca99e9067e64802a877eda1e17e8f58) --- .../networking/browsers/chromium/upstream-info.json | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index 7c3abf1e009..baee58dfad2 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -44,9 +44,9 @@ } }, "ungoogled-chromium": { - "version": "91.0.4472.101", - "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q", - "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1", + "version": "91.0.4472.114", + "sha256": "0wbyiwbdazgjjgj9vs56x26q3g9r80a57gfl0f2rfl1j7xwgxiy1", + "sha256bin64": "00ac1dyqxpxy1j11jvc5j35bgc629n2f2pll3912gzih4ir0vrys", "deps": { "gn": { "version": "2021-04-06", @@ -55,8 +55,8 @@ "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x" }, "ungoogled-patches": { - "rev": "91.0.4472.101-1", - "sha256": "1ca8gjxz3w730446qns253ibs9lx22iysxq5sphb3pw2w0069q8r" + "rev": "91.0.4472.114-1", + "sha256": "1xb5g3hybaiwn3y1zw1fxd3g0zwmvplrs06sdqnxzsr1qm8b874h" } } } From c2a1eb0bc62825d6677b3365976ade4fc31d8419 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Mon, 21 Jun 2021 09:42:30 +0200 Subject: [PATCH 164/202] vorta: 0.7.6 -> 0.7.7 ChangeLog: https://github.com/borgbase/vorta/releases/tag/v0.7.7 (cherry picked from commit 5244b041dcec13766c35d3c3e8276f552761644b) --- pkgs/applications/backup/vorta/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/backup/vorta/default.nix b/pkgs/applications/backup/vorta/default.nix index 4cb21e5267d..347a0de0503 100644 --- a/pkgs/applications/backup/vorta/default.nix +++ b/pkgs/applications/backup/vorta/default.nix @@ -7,13 +7,13 @@ python3.pkgs.buildPythonApplication rec { pname = "vorta"; - version = "0.7.6"; + version = "0.7.7"; src = fetchFromGitHub { owner = "borgbase"; repo = "vorta"; rev = "v${version}"; - sha256 = "sha256-bzhabRVgl1eLTS4KtFkn4xw2KDTZJyFU6zCJdHW5IGE="; + sha256 = "sha256-AH9CvoWAaNLPLC+NL+VXtYq9CNCMt0AFtC1ZGXSlcHQ="; }; postPatch = '' From 184202407f035ddd65827907ad58ab3c2be022b5 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 19 Jun 2021 09:31:03 +0000 Subject: [PATCH 165/202] keycloak: 13.0.1 -> 14.0.0 (cherry picked from commit 0b204c6f48f7e6d890e4a69da55e946a5e6c8ae7) --- pkgs/servers/keycloak/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/keycloak/default.nix b/pkgs/servers/keycloak/default.nix index 9788e04ac44..8cfefcf9796 100644 --- a/pkgs/servers/keycloak/default.nix +++ b/pkgs/servers/keycloak/default.nix @@ -18,11 +18,11 @@ let in stdenv.mkDerivation rec { pname = "keycloak"; - version = "13.0.1"; + version = "14.0.0"; src = fetchzip { url = "https://github.com/keycloak/keycloak/releases/download/${version}/keycloak-${version}.zip"; - sha256 = "sha256-81i8Yf9rEuHtUDqYThUCn0/Lb9YokRi4tGi/Ooyyxr8="; + sha256 = "sha256-NH2uNiYZZrEYE5DG2kDXzLN7/GgXR8IfBqRb6EoKA9s="; }; nativeBuildInputs = [ makeWrapper ]; From 65a1707f258595bf0b64e06be87b551b1af8d9c3 Mon Sep 17 00:00:00 2001 From: Kim Lindberger Date: Mon, 21 Jun 2021 16:08:31 +0200 Subject: [PATCH 166/202] Revert "[21.05] php/generic: Allow to extend PHP_INI_SCAN_DIR" --- pkgs/development/interpreters/php/generic.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/development/interpreters/php/generic.nix b/pkgs/development/interpreters/php/generic.nix index 46ca2e6ebda..13fd811c4ea 100644 --- a/pkgs/development/interpreters/php/generic.nix +++ b/pkgs/development/interpreters/php/generic.nix @@ -125,15 +125,15 @@ let ln -s ${extraInit} $out/lib/php.ini if test -e $out/bin/php; then - wrapProgram $out/bin/php --prefix PHP_INI_SCAN_DIR : $out/lib + wrapProgram $out/bin/php --set PHP_INI_SCAN_DIR $out/lib fi if test -e $out/bin/php-fpm; then - wrapProgram $out/bin/php-fpm --prefix PHP_INI_SCAN_DIR : $out/lib + wrapProgram $out/bin/php-fpm --set PHP_INI_SCAN_DIR $out/lib fi if test -e $out/bin/phpdbg; then - wrapProgram $out/bin/phpdbg --prefix PHP_INI_SCAN_DIR : $out/lib + wrapProgram $out/bin/phpdbg --set PHP_INI_SCAN_DIR $out/lib fi ''; }; From 588eb83ca7516e209567a3ad432690b35c76e861 Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Jun 2021 15:18:02 +0200 Subject: [PATCH 167/202] dovecot: 2.3.14 -> 2.3.15 (cherry picked from commit 075fb19d81f4da81943f4127eba632b46368022f) --- pkgs/servers/mail/dovecot/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/mail/dovecot/default.nix b/pkgs/servers/mail/dovecot/default.nix index 337405ff672..26290368e15 100644 --- a/pkgs/servers/mail/dovecot/default.nix +++ b/pkgs/servers/mail/dovecot/default.nix @@ -10,7 +10,7 @@ stdenv.mkDerivation rec { pname = "dovecot"; - version = "2.3.14"; + version = "2.3.15"; nativeBuildInputs = [ perl pkg-config ]; buildInputs = @@ -22,7 +22,7 @@ stdenv.mkDerivation rec { src = fetchurl { url = "https://dovecot.org/releases/${lib.versions.majorMinor version}/${pname}-${version}.tar.gz"; - sha256 = "0jm3p52z619v7ajh533g2g7d790k82fk0w7ry0zqlm8ymzrxgcy8"; + sha256 = "141manrh54cy8xizr7f8fsa3vdzc2ccfgdz87l9rjylm8mfxvfr1"; }; enableParallelBuilding = true; From 0761599dd1781990e4920c4092612d89b3cd781f Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Jun 2021 15:18:52 +0200 Subject: [PATCH 168/202] dovecot: add licenses (cherry picked from commit 0fb5b6c648e14b61c3304266561c366f869af836) --- pkgs/servers/mail/dovecot/default.nix | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/mail/dovecot/default.nix b/pkgs/servers/mail/dovecot/default.nix index 26290368e15..f58d65d9f16 100644 --- a/pkgs/servers/mail/dovecot/default.nix +++ b/pkgs/servers/mail/dovecot/default.nix @@ -81,11 +81,12 @@ stdenv.mkDerivation rec { ++ lib.optional withPgSQL "--with-pgsql" ++ lib.optional withSQLite "--with-sqlite"; - meta = { + meta = with lib; { homepage = "https://dovecot.org/"; description = "Open source IMAP and POP3 email server written with security primarily in mind"; - maintainers = with lib.maintainers; [ peti fpletz globin ajs124 ]; - platforms = lib.platforms.unix; + license = with licenses; [ mit publicDomain lgpl21Only bsd3 bsdOriginal ]; + maintainers = with maintainers; [ peti fpletz globin ajs124 ]; + platforms = platforms.unix; }; passthru.tests = { opensmtpd-interaction = nixosTests.opensmtpd; From c7db318b2486315cdebbe93eaf7631fe3e4ebd2e Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Jun 2021 15:19:19 +0200 Subject: [PATCH 169/202] dovecot_pigeonhole: 0.5.14 -> 0.5.15 (cherry picked from commit 0187e72b571e3afc3e761d101deadf15b6c5b760) --- pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix index 6cdb2ee06f2..d86eee5a9c0 100644 --- a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix +++ b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix @@ -3,11 +3,11 @@ let dovecotMajorMinor = lib.versions.majorMinor dovecot.version; in stdenv.mkDerivation rec { pname = "dovecot-pigeonhole"; - version = "0.5.14"; + version = "0.5.15"; src = fetchurl { url = "https://pigeonhole.dovecot.org/releases/${dovecotMajorMinor}/dovecot-${dovecotMajorMinor}-pigeonhole-${version}.tar.gz"; - sha256 = "1lmjzz4kd90wbdslacybizd1dks4bhwmrx39lj8b19naldw0zjk8"; + sha256 = "1l2h0p8ddsl3ja2lnwk0mfqplqh8n0iw8k27awd3ak7prr88yjg1"; }; buildInputs = [ dovecot openssl ]; From 1f762dbf63a65d79e6c347798b5e1dded9caecdf Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Jun 2021 15:19:32 +0200 Subject: [PATCH 170/202] dovecot_pigeonhole: add myself as maintainer and fix licensing information (cherry picked from commit fd83b193ac343e69980978a1e4abb7a0f1a8ff5a) --- pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix index d86eee5a9c0..33c66a46bb7 100644 --- a/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix +++ b/pkgs/servers/mail/dovecot/plugins/pigeonhole/default.nix @@ -32,8 +32,8 @@ in stdenv.mkDerivation rec { meta = with lib; { homepage = "http://pigeonhole.dovecot.org/"; description = "A sieve plugin for the Dovecot IMAP server"; - license = licenses.lgpl21; - maintainers = with maintainers; [ globin ]; + license = licenses.lgpl21Only; + maintainers = with maintainers; [ globin ajs124 ]; platforms = platforms.unix; }; } From c466620ad2c70caedd2bb12a56546ff05bf2f63c Mon Sep 17 00:00:00 2001 From: ajs124 Date: Mon, 21 Jun 2021 16:21:41 +0200 Subject: [PATCH 171/202] dovecout: fix systemd unit dir the configure flag we were using was dropped in https://github.com/dovecot/core/commit/a42bb363b4ab475ced72fada57cc3e1de8b05bca (cherry picked from commit 5fa6e9c403940c7c641356daf9c7ac05e464f58f) --- pkgs/servers/mail/dovecot/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/mail/dovecot/default.nix b/pkgs/servers/mail/dovecot/default.nix index f58d65d9f16..d5fb9e7ed6e 100644 --- a/pkgs/servers/mail/dovecot/default.nix +++ b/pkgs/servers/mail/dovecot/default.nix @@ -29,7 +29,7 @@ stdenv.mkDerivation rec { preConfigure = '' patchShebangs src/config/settings-get.pl - ''; + '' + lib.optionalString (stdenv.isLinux) "export systemdsystemunitdir=$out/etc/systemd/system"; # We need this for sysconfdir, see remark below. installFlags = [ "DESTDIR=$(out)" ]; @@ -75,8 +75,8 @@ stdenv.mkDerivation rec { "lib_cv_va_copy=yes" "lib_cv___va_copy=yes" "lib_cv_va_val_copy=yes" - ] ++ lib.optional (stdenv.isLinux) "--with-systemdsystemunitdir=$(out)/etc/systemd/system" - ++ lib.optional (stdenv.isDarwin) "--enable-static" + ] ++ lib.optional stdenv.isLinux "--with-systemd" + ++ lib.optional stdenv.isDarwin "--enable-static" ++ lib.optional withMySQL "--with-mysql" ++ lib.optional withPgSQL "--with-pgsql" ++ lib.optional withSQLite "--with-sqlite"; From 1fd5950faab464c99b5cd498a98492621f914a5f Mon Sep 17 00:00:00 2001 From: David Arnold Date: Sun, 20 Jun 2021 23:29:26 -0500 Subject: [PATCH 172/202] nixosTest: Force system.nixos.revision constant nixos tests are blended with other system configurations, hence their settings must be either enforced or defaulted. This particular setting is set via lib.nixosSystem as `system.nixos.revision = final.mkIf (self ? rev) self.rev;` which would mean that without this change no flake generated nixos could be blended with nixos testing. This setting was made previously constant in 169c6b4b1478a3a0c823c99ea39d4082f76a2708 in order to avoid pointless rebuilds of the testing VMs, but was set without enforcing it. (cherry picked from commit 8bbdff45816c657f679cd77c0a0dbca534a85bf3) --- nixos/lib/build-vms.nix | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nixos/lib/build-vms.nix b/nixos/lib/build-vms.nix index 064e44f643b..f0a58628c68 100644 --- a/nixos/lib/build-vms.nix +++ b/nixos/lib/build-vms.nix @@ -41,7 +41,7 @@ rec { # The human version (e.g. 21.05-pre) is left as is, because it is useful # for external modules that test with e.g. nixosTest and rely on that # version number. - config.system.nixos.revision = "constant-nixos-revision"; + config.system.nixos.revision = mkForce "constant-nixos-revision"; } { key = "nodes"; _module.args.nodes = nodes; } ] ++ optional minimal ../modules/testing/minimal-kernel.nix; From 085ba8376c58f5dbc962dd29ef6f23eb928af6d0 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:42:38 +0000 Subject: [PATCH 173/202] linux: 5.10.44 -> 5.10.45 (cherry picked from commit 67ff76420c76413c31482c6677b8051e2989fe8d) --- pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix index 7606af51276..e11b5db3d30 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.10.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.10.44"; + version = "5.10.45"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0ry7hfcj07xc6l9mrm5f0ylz54ca3aklgf9x6plf2k45kjjyzgkp"; + sha256 = "01rmw5rnxyybr8sh0v9rgamrg71ign2nr7m0ilrq9704k6dj9dzj"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ]; From 257571a90810f7ba61d020cefc32a4e29fede1cc Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:42:45 +0000 Subject: [PATCH 174/202] linux: 5.12.11 -> 5.12.12 (cherry picked from commit c4df7bfef79a71d7c12b40a3cae4e3272db97b2d) --- pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix index 9c70f150e2d..5cc25f4a6da 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.12.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.12.11"; + version = "5.12.12"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0ykzyvb4c6mqcy0fl3wvpn4laj1cllsg80dxnv0gssjz6q836z5f"; + sha256 = "1a1ymbgkp8ngrkf7cfjrn56zb9qz1mm1j1pmd60g85ln7nyb4ai1"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ]; From e539ffea84dd7e59034048aed1dd4519e7a48c30 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:42:52 +0000 Subject: [PATCH 175/202] linux: 5.4.126 -> 5.4.127 (cherry picked from commit 7c23102d0309360ba5649067ede6b8029cc198b3) --- pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix index 751295f435d..377a5308345 100644 --- a/pkgs/os-specific/linux/kernel/linux-5.4.nix +++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix @@ -3,7 +3,7 @@ with lib; buildLinux (args // rec { - version = "5.4.126"; + version = "5.4.127"; # modDirVersion needs to be x.y.z, will automatically add .0 if needed modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg; @@ -13,7 +13,7 @@ buildLinux (args // rec { src = fetchurl { url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz"; - sha256 = "0xsjcdgiix8slykzi9c12pl5hk2fnz1bqrxxdcr79d9nmfc7kzf7"; + sha256 = "1gr89x1ymxaslp9fqcchaa7939yvhxy67z3pgskmx6z2vrd9pgd0"; }; kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ]; From f8a4c84f1bd7c5e520ba7e79e6bdf74fbb5d6fc4 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:43:13 +0000 Subject: [PATCH 176/202] linux_latest-libre: 18115 -> 18132 (cherry picked from commit c43cd094c7eaf1e5c373658061f14e9a43f759a9) --- pkgs/os-specific/linux/kernel/linux-libre.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix index 2001b350ecc..76b5c1cf146 100644 --- a/pkgs/os-specific/linux/kernel/linux-libre.nix +++ b/pkgs/os-specific/linux/kernel/linux-libre.nix @@ -1,8 +1,8 @@ { stdenv, lib, fetchsvn, linux , scripts ? fetchsvn { url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/"; - rev = "18115"; - sha256 = "00wsxlhz7lc4qk7jcgshb05hvv3mm4m8r3zalc9wvp4r1r6xbbjp"; + rev = "18132"; + sha256 = "01mgpfx5cddq4bgffydkxpm3xlgf7zfjr1c1icsyn7f2pibd114q"; } , ... }: From 33ec269818dfdafc7ab46ac8c11db12883bf9e10 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:43:23 +0000 Subject: [PATCH 177/202] linux/hardened/patches/5.10: 5.10.44-hardened1 -> 5.10.45-hardened1 (cherry picked from commit cfd71fa4b5cbb3764818878b5b304e55c4a3ab14) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 1fedb688920..279e44705e1 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -13,9 +13,9 @@ }, "5.10": { "extra": "-hardened1", - "name": "linux-hardened-5.10.44-hardened1.patch", - "sha256": "12bxv87w74lj73vqflpfk022x2ig81lfn4pf1gfanw9zxjrapw4m", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.44-hardened1/linux-hardened-5.10.44-hardened1.patch" + "name": "linux-hardened-5.10.45-hardened1.patch", + "sha256": "1382dflkv31b9apf3l0b5wcq8hyi69jm03139z3m0vbxi93pk44z", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.45-hardened1/linux-hardened-5.10.45-hardened1.patch" }, "5.12": { "extra": "-hardened1", From d2c67458d95136e7c7bfe4dfd70e2e72fc47a7e1 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:43:24 +0000 Subject: [PATCH 178/202] linux/hardened/patches/5.12: 5.12.11-hardened1 -> 5.12.12-hardened1 (cherry picked from commit d1e2575c4c7114ab1f6e2f7fd0fda2918d0e7a89) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 279e44705e1..29a3d790d86 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -19,9 +19,9 @@ }, "5.12": { "extra": "-hardened1", - "name": "linux-hardened-5.12.11-hardened1.patch", - "sha256": "15qi1znszdg6c0v077k1p4gs0kbpvp6hqjcyg262yqjlpn1c7hcb", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.11-hardened1/linux-hardened-5.12.11-hardened1.patch" + "name": "linux-hardened-5.12.12-hardened1.patch", + "sha256": "10923kjxhfphsh1wr0zjj3lk16bxkq9ana4hyy8af7cn2k30k4iw", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.12-hardened1/linux-hardened-5.12.12-hardened1.patch" }, "5.4": { "extra": "-hardened1", From 1f180eafdb44a811202e4499080a3846a392d721 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:43:25 +0000 Subject: [PATCH 179/202] linux/hardened/patches/5.4: 5.4.126-hardened1 -> 5.4.127-hardened1 (cherry picked from commit df60fdef552ef8a1aaaf3b63a0e7941165a2e893) --- pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json index 29a3d790d86..3d3ddfc3310 100644 --- a/pkgs/os-specific/linux/kernel/hardened/patches.json +++ b/pkgs/os-specific/linux/kernel/hardened/patches.json @@ -25,8 +25,8 @@ }, "5.4": { "extra": "-hardened1", - "name": "linux-hardened-5.4.126-hardened1.patch", - "sha256": "05bjry8390iy01nfvkp12x78brgndwm5rsqhnl7yp6vwgdi0fyj1", - "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.126-hardened1/linux-hardened-5.4.126-hardened1.patch" + "name": "linux-hardened-5.4.127-hardened1.patch", + "sha256": "1qsz5cnm0ny138pbd9f7j5avvz69g51db7dgr1q4farrjml3nshy", + "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.127-hardened1/linux-hardened-5.4.127-hardened1.patch" } } From 220b8ca902cb245f89cbba4dc9d76453c466d7e1 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 18:52:06 +0000 Subject: [PATCH 180/202] linux: fix regression in bridge VLAN configuration (cherry picked from commit 24a08441d52480cf3332a100e24fdf9b83a8351a) --- pkgs/os-specific/linux/kernel/patches.nix | 9 +++++++++ pkgs/top-level/all-packages.nix | 4 ++++ 2 files changed, 13 insertions(+) diff --git a/pkgs/os-specific/linux/kernel/patches.nix b/pkgs/os-specific/linux/kernel/patches.nix index f41cedca0f6..48dd9b38d9b 100644 --- a/pkgs/os-specific/linux/kernel/patches.nix +++ b/pkgs/os-specific/linux/kernel/patches.nix @@ -102,4 +102,13 @@ name = "mac_nvme_t2"; patch = ./mac-nvme-t2.patch; }; + + rtnetlink_fix_regression_in_bridge_vlan_configuration = rec { + name = "rtnetlink_fix_regression_in_bridge_vlan_configuration"; + patch = fetchpatch { + name = name + ".patch"; + url = "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=d2e381c4963663bca6f30c3b996fa4dbafe8fcb5"; + sha256 = "0ragdi13yh5ypp9x49vrdjqx8ddh7sq7i1qjp8fyrbk3n0jdaac3"; + }; + }; } diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix index db116204e9e..417c2e0faf8 100644 --- a/pkgs/top-level/all-packages.nix +++ b/pkgs/top-level/all-packages.nix @@ -20381,6 +20381,7 @@ in kernelPatches.bridge_stp_helper kernelPatches.request_key_helper kernelPatches.rtl8761b_support + kernelPatches.rtnetlink_fix_regression_in_bridge_vlan_configuration ]; }; @@ -20395,6 +20396,7 @@ in kernelPatches = [ kernelPatches.bridge_stp_helper kernelPatches.request_key_helper + kernelPatches.rtnetlink_fix_regression_in_bridge_vlan_configuration ]; }; @@ -20402,6 +20404,7 @@ in kernelPatches = [ kernelPatches.bridge_stp_helper kernelPatches.request_key_helper + kernelPatches.rtnetlink_fix_regression_in_bridge_vlan_configuration ]; }; @@ -20461,6 +20464,7 @@ in kernelPatches = [ kernelPatches.bridge_stp_helper kernelPatches.request_key_helper + kernelPatches.rtnetlink_fix_regression_in_bridge_vlan_configuration ]; }; From d62fcd1c2022a7c1121cd3209e5ad2b38dbf4c31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Tue, 22 Jun 2021 11:36:09 +0200 Subject: [PATCH 181/202] imagemagick6: 6.9.12-15 -> 6.9.12-16 (cherry picked from commit 4b1e53a46dd1315aee3639cad59c6fc66ea2597b) --- pkgs/applications/graphics/ImageMagick/6.x.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/graphics/ImageMagick/6.x.nix b/pkgs/applications/graphics/ImageMagick/6.x.nix index e89aded1ce4..3b16cb4291e 100644 --- a/pkgs/applications/graphics/ImageMagick/6.x.nix +++ b/pkgs/applications/graphics/ImageMagick/6.x.nix @@ -16,13 +16,13 @@ in stdenv.mkDerivation rec { pname = "imagemagick"; - version = "6.9.12-15"; + version = "6.9.12-16"; src = fetchFromGitHub { owner = "ImageMagick"; repo = "ImageMagick6"; rev = version; - sha256 = "sha256-bel4p45eQfQPIp5/sawhTYTfyuYRQ5nFuGh4qqt1zDs="; + sha256 = "sha256-kg8vt88G6huRbJlVYztKxHiFPhGz/QHuNKtbhmai790="; }; outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big From f5d1823254d5e85014072b6b0dcf9e27ece941ff Mon Sep 17 00:00:00 2001 From: Jan Tojnar Date: Tue, 25 May 2021 02:34:21 +0200 Subject: [PATCH 182/202] gnomeExtensions: Fix the package names I did not realize the attribute names are derived from the Nix package names so I accidentally, renamed them in https://github.com/NixOS/nixpkgs/pull/124295. (cherry picked from commit 571d540abf447f97b9b4db4a1e0665ec0a4dc06f) --- pkgs/desktops/gnome/extensions/buildGnomeExtension.nix | 7 +++++-- pkgs/desktops/gnome/extensions/default.nix | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix b/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix index 2d12b9983d5..3be7f5c8789 100644 --- a/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix +++ b/pkgs/desktops/gnome/extensions/buildGnomeExtension.nix @@ -47,8 +47,11 @@ let license = lib.licenses.gpl2Plus; # https://wiki.gnome.org/Projects/GnomeShell/Extensions/Review#Licensing maintainers = with lib.maintainers; [ piegames ]; }; - # Store the extension's UUID, because we might need it at some places - passthru.extensionUuid = uuid; + passthru = { + extensionPortalSlug = pname; + # Store the extension's UUID, because we might need it at some places + extensionUuid = uuid; + }; }; in lib.makeOverridable buildGnomeExtension diff --git a/pkgs/desktops/gnome/extensions/default.nix b/pkgs/desktops/gnome/extensions/default.nix index f7439897702..1ca9a57eb99 100644 --- a/pkgs/desktops/gnome/extensions/default.nix +++ b/pkgs/desktops/gnome/extensions/default.nix @@ -48,7 +48,7 @@ let )) # Map all extensions to their pname, with potential overwrites (map (extension: - lib.nameValuePair (extensionRenames.${extension.extensionUuid} or extension.pname) extension + lib.nameValuePair (extensionRenames.${extension.extensionUuid} or extension.extensionPortalSlug) extension )) builtins.listToAttrs ]; From 6fb054dda07783fc43eecdb303940e7803a1e15c Mon Sep 17 00:00:00 2001 From: fortuneteller2k Date: Sat, 19 Jun 2021 09:46:36 +0800 Subject: [PATCH 183/202] linux_xanmod: 5.12.5 -> 5.12.12 (cherry picked from commit 4fa80ae13ab707bd11074cf18d6203f15d65f613) --- .../os-specific/linux/kernel/linux-xanmod.nix | 37 +++++++++---------- 1 file changed, 17 insertions(+), 20 deletions(-) diff --git a/pkgs/os-specific/linux/kernel/linux-xanmod.nix b/pkgs/os-specific/linux/kernel/linux-xanmod.nix index eecdc09ca20..4d6ff1ce76b 100644 --- a/pkgs/os-specific/linux/kernel/linux-xanmod.nix +++ b/pkgs/os-specific/linux/kernel/linux-xanmod.nix @@ -1,27 +1,24 @@ { lib, stdenv, buildLinux, fetchFromGitHub, ... } @ args: let - version = "5.12.5"; + version = "5.12.12"; suffix = "xanmod1-cacule"; in - buildLinux (args // rec { - modDirVersion = "${version}-${suffix}"; - inherit version; +buildLinux (args // rec { + inherit version; + modDirVersion = "${version}-${suffix}"; - src = fetchFromGitHub { - owner = "xanmod"; - repo = "linux"; - rev = modDirVersion; - sha256 = "sha256-u9ebl2M8zrCNdangcUdk/78KwPCYV41PIB6YKTqCgIY="; - extraPostFetch = '' - rm $out/.config - ''; - }; + src = fetchFromGitHub { + owner = "xanmod"; + repo = "linux"; + rev = modDirVersion; + sha256 = "sha256-99gVqdYhnBx3MDTCCHbxsljmvi+DixHp19vtNwCRM/M="; + }; - extraMeta = { - branch = "5.12-cacule"; - maintainers = with lib.maintainers; [ fortuneteller2k ]; - description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; - broken = stdenv.hostPlatform.isAarch64; - }; - } // (args.argsOverride or { })) + extraMeta = { + branch = "5.12-cacule"; + maintainers = with lib.maintainers; [ fortuneteller2k ]; + description = "Built with custom settings and new features built to provide a stable, responsive and smooth desktop experience"; + broken = stdenv.hostPlatform.isAarch64; + }; +} // (args.argsOverride or { })) From a5810d38e39dda94e95ad79bccfbf85f687adebc Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Mon, 21 Jun 2021 17:26:11 +0000 Subject: [PATCH 184/202] element-{desktop,web}: 1.7.30 -> 1.7.31 https://github.com/vector-im/element-web/blob/v1.7.31/CHANGELOG.md https://github.com/vector-im/element-desktop/blob/v1.7.31/CHANGELOG.md (cherry picked from commit 3eb0354b76e858abe8dc757a9727f67e259a8613) --- .../element/element-desktop-package.json | 8 +- .../element/element-desktop-yarndeps.nix | 488 +++++++++--------- .../element/element-desktop.nix | 4 +- .../element/element-web.nix | 4 +- 4 files changed, 248 insertions(+), 256 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/element/element-desktop-package.json b/pkgs/applications/networking/instant-messengers/element/element-desktop-package.json index 5293c55f127..063c64fa377 100644 --- a/pkgs/applications/networking/instant-messengers/element/element-desktop-package.json +++ b/pkgs/applications/networking/instant-messengers/element/element-desktop-package.json @@ -2,7 +2,7 @@ "name": "element-desktop", "productName": "Element", "main": "src/electron-main.js", - "version": "1.7.30", + "version": "1.7.31", "description": "A feature-rich client for Matrix.org", "author": "Element", "repository": { @@ -43,8 +43,8 @@ }, "devDependencies": { "asar": "^2.0.1", - "electron-builder": "22.10.5", - "electron-builder-squirrel-windows": "22.10.5", + "electron-builder": "22.11.4", + "electron-builder-squirrel-windows": "22.11.4", "electron-devtools-installer": "^3.1.1", "electron-notarize": "^1.0.0", "eslint": "7.18.0", @@ -68,7 +68,7 @@ }, "build": { "appId": "im.riot.app", - "electronVersion": "12.0.9", + "electronVersion": "12.0.11", "files": [ "package.json", { diff --git a/pkgs/applications/networking/instant-messengers/element/element-desktop-yarndeps.nix b/pkgs/applications/networking/instant-messengers/element/element-desktop-yarndeps.nix index 258f5cb2dad..733cfa3a11a 100644 --- a/pkgs/applications/networking/instant-messengers/element/element-desktop-yarndeps.nix +++ b/pkgs/applications/networking/instant-messengers/element/element-desktop-yarndeps.nix @@ -1,14 +1,6 @@ { fetchurl, fetchgit, linkFarm, runCommandNoCC, gnutar }: rec { offline_cache = linkFarm "offline" packages; packages = [ - { - name = "7zip_bin___7zip_bin_5.0.3.tgz"; - path = fetchurl { - name = "7zip_bin___7zip_bin_5.0.3.tgz"; - url = "https://registry.yarnpkg.com/7zip-bin/-/7zip-bin-5.0.3.tgz"; - sha1 = "bc5b5532ecafd923a61f2fb097e3b108c0106a3f"; - }; - } { name = "7zip_bin___7zip_bin_5.1.1.tgz"; path = fetchurl { @@ -138,11 +130,11 @@ }; } { - name = "_electron_universal___universal_1.0.4.tgz"; + name = "_electron_universal___universal_1.0.5.tgz"; path = fetchurl { - name = "_electron_universal___universal_1.0.4.tgz"; - url = "https://registry.yarnpkg.com/@electron/universal/-/universal-1.0.4.tgz"; - sha1 = "231ac246c39d45b80e159bd21c3f9027dcaa10f5"; + name = "_electron_universal___universal_1.0.5.tgz"; + url = "https://registry.yarnpkg.com/@electron/universal/-/universal-1.0.5.tgz"; + sha1 = "b812340e4ef21da2b3ee77b2b4d35c9b86defe37"; }; } { @@ -417,6 +409,14 @@ sha1 = "504af200af6b98e198bce768bc1730c6936ae01d"; }; } + { + name = "_malept_flatpak_bundler___flatpak_bundler_0.4.0.tgz"; + path = fetchurl { + name = "_malept_flatpak_bundler___flatpak_bundler_0.4.0.tgz"; + url = "https://registry.yarnpkg.com/@malept/flatpak-bundler/-/flatpak-bundler-0.4.0.tgz"; + sha1 = "e8a32c30a95d20c2b1bb635cc580981a06389858"; + }; + } { name = "_sindresorhus_is___is_0.14.0.tgz"; path = fetchurl { @@ -450,11 +450,11 @@ }; } { - name = "_types_fs_extra___fs_extra_9.0.9.tgz"; + name = "_types_fs_extra___fs_extra_9.0.11.tgz"; path = fetchurl { - name = "_types_fs_extra___fs_extra_9.0.9.tgz"; - url = "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.9.tgz"; - sha1 = "11ed43b3f3c6b3490f1ef9bd17f58da896e2d861"; + name = "_types_fs_extra___fs_extra_9.0.11.tgz"; + url = "https://registry.yarnpkg.com/@types/fs-extra/-/fs-extra-9.0.11.tgz"; + sha1 = "8cc99e103499eab9f347dbc6ca4e99fb8d2c2b87"; }; } { @@ -514,11 +514,11 @@ }; } { - name = "_types_yargs___yargs_15.0.13.tgz"; + name = "_types_yargs___yargs_16.0.3.tgz"; path = fetchurl { - name = "_types_yargs___yargs_15.0.13.tgz"; - url = "https://registry.yarnpkg.com/@types/yargs/-/yargs-15.0.13.tgz"; - sha1 = "34f7fec8b389d7f3c1fd08026a5763e072d3c6dc"; + name = "_types_yargs___yargs_16.0.3.tgz"; + url = "https://registry.yarnpkg.com/@types/yargs/-/yargs-16.0.3.tgz"; + sha1 = "4b6d35bb8e680510a7dc2308518a80ee1ef27e01"; }; } { @@ -730,19 +730,19 @@ }; } { - name = "app_builder_bin___app_builder_bin_3.5.12.tgz"; + name = "app_builder_bin___app_builder_bin_3.5.13.tgz"; path = fetchurl { - name = "app_builder_bin___app_builder_bin_3.5.12.tgz"; - url = "https://registry.yarnpkg.com/app-builder-bin/-/app-builder-bin-3.5.12.tgz"; - sha1 = "bbe174972cc1f481f73d6d92ad47a8b4c7eb4530"; + name = "app_builder_bin___app_builder_bin_3.5.13.tgz"; + url = "https://registry.yarnpkg.com/app-builder-bin/-/app-builder-bin-3.5.13.tgz"; + sha1 = "6dd7f4de34a4e408806f99b8c7d6ef1601305b7e"; }; } { - name = "app_builder_lib___app_builder_lib_22.10.5.tgz"; + name = "app_builder_lib___app_builder_lib_22.11.4.tgz"; path = fetchurl { - name = "app_builder_lib___app_builder_lib_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/app-builder-lib/-/app-builder-lib-22.10.5.tgz"; - sha1 = "24a88581c891e5b187a0d569aa44e7c4a0dc8de2"; + name = "app_builder_lib___app_builder_lib_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/app-builder-lib/-/app-builder-lib-22.11.4.tgz"; + sha1 = "f476e8f1c843d2bcce0348d60e2deae3a71b3474"; }; } { @@ -938,11 +938,11 @@ }; } { - name = "balanced_match___balanced_match_1.0.0.tgz"; + name = "balanced_match___balanced_match_1.0.2.tgz"; path = fetchurl { - name = "balanced_match___balanced_match_1.0.0.tgz"; - url = "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.0.tgz"; - sha1 = "89b4d199ab2bee49de164ea02b89ce462d71b767"; + name = "balanced_match___balanced_match_1.0.2.tgz"; + url = "https://registry.yarnpkg.com/balanced-match/-/balanced-match-1.0.2.tgz"; + sha1 = "e83e3a7e3f300b34cb9d87f615fa0cbf357690ee"; }; } { @@ -985,14 +985,6 @@ sha1 = "bd39aadab5dc4bdac222a07df5baf1af745b2228"; }; } - { - name = "binaryextensions___binaryextensions_4.15.0.tgz"; - path = fetchurl { - name = "binaryextensions___binaryextensions_4.15.0.tgz"; - url = "https://registry.yarnpkg.com/binaryextensions/-/binaryextensions-4.15.0.tgz"; - sha1 = "c63a502e0078ff1b0e9b00a9f74d3c2b0f8bd32e"; - }; - } { name = "bl___bl_4.0.3.tgz"; path = fetchurl { @@ -1098,19 +1090,19 @@ }; } { - name = "builder_util_runtime___builder_util_runtime_8.7.3.tgz"; + name = "builder_util_runtime___builder_util_runtime_8.7.5.tgz"; path = fetchurl { - name = "builder_util_runtime___builder_util_runtime_8.7.3.tgz"; - url = "https://registry.yarnpkg.com/builder-util-runtime/-/builder-util-runtime-8.7.3.tgz"; - sha1 = "0aaafa52d25295c939496f62231ca9ff06c30e40"; + name = "builder_util_runtime___builder_util_runtime_8.7.5.tgz"; + url = "https://registry.yarnpkg.com/builder-util-runtime/-/builder-util-runtime-8.7.5.tgz"; + sha1 = "fbe59e274818885e0d2e358d5b7017c34ae6b0f5"; }; } { - name = "builder_util___builder_util_22.10.5.tgz"; + name = "builder_util___builder_util_22.11.4.tgz"; path = fetchurl { - name = "builder_util___builder_util_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/builder-util/-/builder-util-22.10.5.tgz"; - sha1 = "8d0b04a3be6acc74938679aa90dcb3181b1ae86b"; + name = "builder_util___builder_util_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/builder-util/-/builder-util-22.11.4.tgz"; + sha1 = "5deee8e067d6e3248791977ce2928b98fe514342"; }; } { @@ -1137,6 +1129,14 @@ sha1 = "4b651039a5ecd96767e71a3d7ed380e48bed4191"; }; } + { + name = "cacache___cacache_12.0.4.tgz"; + path = fetchurl { + name = "cacache___cacache_12.0.4.tgz"; + url = "https://registry.yarnpkg.com/cacache/-/cacache-12.0.4.tgz"; + sha1 = "668bcbd105aeb5f1d92fe25570ec9525c8faa40c"; + }; + } { name = "cacache___cacache_12.0.3.tgz"; path = fetchurl { @@ -1225,6 +1225,14 @@ sha1 = "4e14870a618d9e2edd97dd8345fd9d9dc315646a"; }; } + { + name = "chalk___chalk_4.1.1.tgz"; + path = fetchurl { + name = "chalk___chalk_4.1.1.tgz"; + url = "https://registry.yarnpkg.com/chalk/-/chalk-4.1.1.tgz"; + sha1 = "c80b3fab28bf6371e6863325eee67e618b77e6ad"; + }; + } { name = "chownr___chownr_1.1.4.tgz"; path = fetchurl { @@ -1265,6 +1273,14 @@ sha1 = "67a9e964be31a51e15e5010d58e6f12834002f46"; }; } + { + name = "ci_info___ci_info_3.2.0.tgz"; + path = fetchurl { + name = "ci_info___ci_info_3.2.0.tgz"; + url = "https://registry.yarnpkg.com/ci-info/-/ci-info-3.2.0.tgz"; + sha1 = "2876cb948a498797b5236f0095bc057d0dca38b6"; + }; + } { name = "cidr_regex___cidr_regex_2.0.10.tgz"; path = fetchurl { @@ -1657,6 +1673,14 @@ sha1 = "5bb5a0672628b64149566ba16819e61518c67261"; }; } + { + name = "debug___debug_3.2.7.tgz"; + path = fetchurl { + name = "debug___debug_3.2.7.tgz"; + url = "https://registry.yarnpkg.com/debug/-/debug-3.2.7.tgz"; + sha1 = "72580b7e9145fb39b6676f9c5e5fb100b934179a"; + }; + } { name = "debug___debug_3.2.6.tgz"; path = fetchurl { @@ -1818,19 +1842,19 @@ }; } { - name = "dmg_builder___dmg_builder_22.10.5.tgz"; + name = "dmg_builder___dmg_builder_22.11.4.tgz"; path = fetchurl { - name = "dmg_builder___dmg_builder_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/dmg-builder/-/dmg-builder-22.10.5.tgz"; - sha1 = "65a33c106ead5a350c7de8997c546559bd6e0e7c"; + name = "dmg_builder___dmg_builder_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/dmg-builder/-/dmg-builder-22.11.4.tgz"; + sha1 = "8e3a31bd835d51d3b686d1a6be6c0d08d3e7b1f4"; }; } { - name = "dmg_license___dmg_license_1.0.8.tgz"; + name = "dmg_license___dmg_license_1.0.9.tgz"; path = fetchurl { - name = "dmg_license___dmg_license_1.0.8.tgz"; - url = "https://registry.yarnpkg.com/dmg-license/-/dmg-license-1.0.8.tgz"; - sha1 = "d52e234815f1a07a59706e5f2a2fea71991cf784"; + name = "dmg_license___dmg_license_1.0.9.tgz"; + url = "https://registry.yarnpkg.com/dmg-license/-/dmg-license-1.0.9.tgz"; + sha1 = "a2fb8d692af0e30b0730b5afc91ed9edc2d9cb4f"; }; } { @@ -1850,11 +1874,11 @@ }; } { - name = "dot_prop___dot_prop_4.2.0.tgz"; + name = "dot_prop___dot_prop_4.2.1.tgz"; path = fetchurl { - name = "dot_prop___dot_prop_4.2.0.tgz"; - url = "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.0.tgz"; - sha1 = "1f19e0c2e1aa0e32797c49799f2837ac6af69c57"; + name = "dot_prop___dot_prop_4.2.1.tgz"; + url = "https://registry.yarnpkg.com/dot-prop/-/dot-prop-4.2.1.tgz"; + sha1 = "45884194a71fc2cda71cbb4bceb3a4dd2f433ba4"; }; } { @@ -1882,11 +1906,11 @@ }; } { - name = "dotenv___dotenv_8.2.0.tgz"; + name = "dotenv___dotenv_9.0.2.tgz"; path = fetchurl { - name = "dotenv___dotenv_8.2.0.tgz"; - url = "https://registry.yarnpkg.com/dotenv/-/dotenv-8.2.0.tgz"; - sha1 = "97e619259ada750eea3e4ea3e26bceea5424b16a"; + name = "dotenv___dotenv_9.0.2.tgz"; + url = "https://registry.yarnpkg.com/dotenv/-/dotenv-9.0.2.tgz"; + sha1 = "dacc20160935a37dea6364aa1bef819fb9b6ab05"; }; } { @@ -1913,14 +1937,6 @@ sha1 = "3a83a904e54353287874c564b7549386849a98c9"; }; } - { - name = "editions___editions_6.1.0.tgz"; - path = fetchurl { - name = "editions___editions_6.1.0.tgz"; - url = "https://registry.yarnpkg.com/editions/-/editions-6.1.0.tgz"; - sha1 = "ba6c6cf9f4bb571d9e53ea34e771a602e5a66549"; - }; - } { name = "editor___editor_1.0.0.tgz"; path = fetchurl { @@ -1938,19 +1954,19 @@ }; } { - name = "electron_builder_squirrel_windows___electron_builder_squirrel_windows_22.10.5.tgz"; + name = "electron_builder_squirrel_windows___electron_builder_squirrel_windows_22.11.4.tgz"; path = fetchurl { - name = "electron_builder_squirrel_windows___electron_builder_squirrel_windows_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/electron-builder-squirrel-windows/-/electron-builder-squirrel-windows-22.10.5.tgz"; - sha1 = "83d3bf498110341a522cc5263fb4474ae6e05caf"; + name = "electron_builder_squirrel_windows___electron_builder_squirrel_windows_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/electron-builder-squirrel-windows/-/electron-builder-squirrel-windows-22.11.4.tgz"; + sha1 = "6dc50a26396d813f58a4d8e5b90ee3cedb56f4d8"; }; } { - name = "electron_builder___electron_builder_22.10.5.tgz"; + name = "electron_builder___electron_builder_22.11.4.tgz"; path = fetchurl { - name = "electron_builder___electron_builder_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/electron-builder/-/electron-builder-22.10.5.tgz"; - sha1 = "03b156b93e6012609027c3aaa69201a3ad21e454"; + name = "electron_builder___electron_builder_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/electron-builder/-/electron-builder-22.11.4.tgz"; + sha1 = "aadb57a4fc90863e82ebdbc66131400fc3bb4c82"; }; } { @@ -1970,11 +1986,11 @@ }; } { - name = "electron_publish___electron_publish_22.10.5.tgz"; + name = "electron_publish___electron_publish_22.11.4.tgz"; path = fetchurl { - name = "electron_publish___electron_publish_22.10.5.tgz"; - url = "https://registry.yarnpkg.com/electron-publish/-/electron-publish-22.10.5.tgz"; - sha1 = "9cbe46266b6c79d8c6e99840755682e2262d3543"; + name = "electron_publish___electron_publish_22.11.4.tgz"; + url = "https://registry.yarnpkg.com/electron-publish/-/electron-publish-22.11.4.tgz"; + sha1 = "0f526edb7e0c3f0155103ff3b8a2e363a3a392f1"; }; } { @@ -2010,11 +2026,11 @@ }; } { - name = "encoding___encoding_0.1.12.tgz"; + name = "encoding___encoding_0.1.13.tgz"; path = fetchurl { - name = "encoding___encoding_0.1.12.tgz"; - url = "https://registry.yarnpkg.com/encoding/-/encoding-0.1.12.tgz"; - sha1 = "538b66f3ee62cd1ab51ec323829d1f9480c74beb"; + name = "encoding___encoding_0.1.13.tgz"; + url = "https://registry.yarnpkg.com/encoding/-/encoding-0.1.13.tgz"; + sha1 = "56574afdd791f54a8e9b2785c0582a2d26210fa9"; }; } { @@ -2049,14 +2065,6 @@ sha1 = "06e0116d3028f6aef4806849eb0ea6a748ae6960"; }; } - { - name = "errlop___errlop_4.1.0.tgz"; - path = fetchurl { - name = "errlop___errlop_4.1.0.tgz"; - url = "https://registry.yarnpkg.com/errlop/-/errlop-4.1.0.tgz"; - sha1 = "8e7b8f4f1bf0a6feafce4d14f0c0cf4bf5ef036b"; - }; - } { name = "errno___errno_0.1.7.tgz"; path = fetchurl { @@ -2473,6 +2481,14 @@ sha1 = "6be0de9be998ce16af8afc24497b9ee9b7ccd9ad"; }; } + { + name = "fs_extra___fs_extra_10.0.0.tgz"; + path = fetchurl { + name = "fs_extra___fs_extra_10.0.0.tgz"; + url = "https://registry.yarnpkg.com/fs-extra/-/fs-extra-10.0.0.tgz"; + sha1 = "9ff61b655dde53fb34a82df84bb214ce802e17c1"; + }; + } { name = "fs_extra___fs_extra_8.1.0.tgz"; path = fetchurl { @@ -2481,14 +2497,6 @@ sha1 = "49d43c45a88cd9677668cb7be1b46efdb8d2e1c0"; }; } - { - name = "fs_extra___fs_extra_9.0.1.tgz"; - path = fetchurl { - name = "fs_extra___fs_extra_9.0.1.tgz"; - url = "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.0.1.tgz"; - sha1 = "910da0062437ba4c39fedd863f1675ccfefcb9fc"; - }; - } { name = "fs_extra___fs_extra_9.1.0.tgz"; path = fetchurl { @@ -2497,6 +2505,14 @@ sha1 = "5954460c764a8da2094ba3554bf839e6b9a7c86d"; }; } + { + name = "fs_extra___fs_extra_9.0.1.tgz"; + path = fetchurl { + name = "fs_extra___fs_extra_9.0.1.tgz"; + url = "https://registry.yarnpkg.com/fs-extra/-/fs-extra-9.0.1.tgz"; + sha1 = "910da0062437ba4c39fedd863f1675ccfefcb9fc"; + }; + } { name = "fs_minipass___fs_minipass_1.2.7.tgz"; path = fetchurl { @@ -2642,11 +2658,11 @@ }; } { - name = "glob_parent___glob_parent_5.1.1.tgz"; + name = "glob_parent___glob_parent_5.1.2.tgz"; path = fetchurl { - name = "glob_parent___glob_parent_5.1.1.tgz"; - url = "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.1.tgz"; - sha1 = "b6c1ef417c4e5663ea498f1c45afac6916bbc229"; + name = "glob_parent___glob_parent_5.1.2.tgz"; + url = "https://registry.yarnpkg.com/glob-parent/-/glob-parent-5.1.2.tgz"; + sha1 = "869832c58034fe68a4093c17dc15e8340d8401c4"; }; } { @@ -2657,6 +2673,14 @@ sha1 = "141f33b81a7c2492e125594307480c46679278a6"; }; } + { + name = "glob___glob_7.1.7.tgz"; + path = fetchurl { + name = "glob___glob_7.1.7.tgz"; + url = "https://registry.yarnpkg.com/glob/-/glob-7.1.7.tgz"; + sha1 = "3b193e9233f01d42d0b3f78294bbeeb418f94a90"; + }; + } { name = "global_dirs___global_dirs_0.1.1.tgz"; path = fetchurl { @@ -2721,6 +2745,14 @@ sha1 = "4a12ff1b60376ef09862c2093edd908328be8423"; }; } + { + name = "graceful_fs___graceful_fs_4.2.6.tgz"; + path = fetchurl { + name = "graceful_fs___graceful_fs_4.2.6.tgz"; + url = "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.6.tgz"; + sha1 = "ff040b2b0853b23c3d31027523706f1885d76bee"; + }; + } { name = "graceful_fs___graceful_fs_4.2.4.tgz"; path = fetchurl { @@ -2810,27 +2842,11 @@ }; } { - name = "hosted_git_info___hosted_git_info_2.8.5.tgz"; + name = "hosted_git_info___hosted_git_info_2.8.9.tgz"; path = fetchurl { - name = "hosted_git_info___hosted_git_info_2.8.5.tgz"; - url = "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.5.tgz"; - sha1 = "759cfcf2c4d156ade59b0b2dfabddc42a6b9c70c"; - }; - } - { - name = "hosted_git_info___hosted_git_info_2.8.8.tgz"; - path = fetchurl { - name = "hosted_git_info___hosted_git_info_2.8.8.tgz"; - url = "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.8.tgz"; - sha1 = "7539bd4bc1e0e0a895815a2e0262420b12858488"; - }; - } - { - name = "hosted_git_info___hosted_git_info_3.0.8.tgz"; - path = fetchurl { - name = "hosted_git_info___hosted_git_info_3.0.8.tgz"; - url = "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-3.0.8.tgz"; - sha1 = "6e35d4cc87af2c5f816e4cb9ce350ba87a3f370d"; + name = "hosted_git_info___hosted_git_info_2.8.9.tgz"; + url = "https://registry.yarnpkg.com/hosted-git-info/-/hosted-git-info-2.8.9.tgz"; + sha1 = "dffc0bf9a21c02209090f2aa69429e1414daf3f9"; }; } { @@ -2890,11 +2906,11 @@ }; } { - name = "iconv_corefoundation___iconv_corefoundation_1.1.5.tgz"; + name = "iconv_corefoundation___iconv_corefoundation_1.1.6.tgz"; path = fetchurl { - name = "iconv_corefoundation___iconv_corefoundation_1.1.5.tgz"; - url = "https://registry.yarnpkg.com/iconv-corefoundation/-/iconv-corefoundation-1.1.5.tgz"; - sha1 = "90596d444a579aeb109f5ca113f6bb665a41be2b"; + name = "iconv_corefoundation___iconv_corefoundation_1.1.6.tgz"; + url = "https://registry.yarnpkg.com/iconv-corefoundation/-/iconv-corefoundation-1.1.6.tgz"; + sha1 = "27c135470237f6f8d13462fa1f5eaf250523c29a"; }; } { @@ -2906,11 +2922,11 @@ }; } { - name = "iconv_lite___iconv_lite_0.6.2.tgz"; + name = "iconv_lite___iconv_lite_0.6.3.tgz"; path = fetchurl { - name = "iconv_lite___iconv_lite_0.6.2.tgz"; - url = "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.2.tgz"; - sha1 = "ce13d1875b0c3a674bd6a04b7f76b01b1b6ded01"; + name = "iconv_lite___iconv_lite_0.6.3.tgz"; + url = "https://registry.yarnpkg.com/iconv-lite/-/iconv-lite-0.6.3.tgz"; + sha1 = "a52f80bf38da1952eb5c681790719871a1a72501"; }; } { @@ -3121,6 +3137,14 @@ sha1 = "6bc6334181810e04b5c22b3d589fdca55026404c"; }; } + { + name = "is_ci___is_ci_3.0.0.tgz"; + path = fetchurl { + name = "is_ci___is_ci_3.0.0.tgz"; + url = "https://registry.yarnpkg.com/is-ci/-/is-ci-3.0.0.tgz"; + sha1 = "c7e7be3c9d8eef7d0fa144390bd1e4b88dc4c994"; + }; + } { name = "is_cidr___is_cidr_3.1.0.tgz"; path = fetchurl { @@ -3129,14 +3153,6 @@ sha1 = "72e233d8e1c4cd1d3f11713fcce3eba7b0e3476f"; }; } - { - name = "is_core_module___is_core_module_2.2.0.tgz"; - path = fetchurl { - name = "is_core_module___is_core_module_2.2.0.tgz"; - url = "https://registry.yarnpkg.com/is-core-module/-/is-core-module-2.2.0.tgz"; - sha1 = "97037ef3d52224d85163f5597b2b63d9afed981a"; - }; - } { name = "is_date_object___is_date_object_1.0.1.tgz"; path = fetchurl { @@ -3329,6 +3345,14 @@ sha1 = "bb935d48582cba168c06834957a54a3e07124f11"; }; } + { + name = "isbinaryfile___isbinaryfile_4.0.8.tgz"; + path = fetchurl { + name = "isbinaryfile___isbinaryfile_4.0.8.tgz"; + url = "https://registry.yarnpkg.com/isbinaryfile/-/isbinaryfile-4.0.8.tgz"; + sha1 = "5d34b94865bd4946633ecc78a026fc76c5b11fcf"; + }; + } { name = "isexe___isexe_2.0.0.tgz"; path = fetchurl { @@ -3345,14 +3369,6 @@ sha1 = "47e63f7af55afa6f92e1500e690eb8b8529c099a"; }; } - { - name = "istextorbinary___istextorbinary_5.12.0.tgz"; - path = fetchurl { - name = "istextorbinary___istextorbinary_5.12.0.tgz"; - url = "https://registry.yarnpkg.com/istextorbinary/-/istextorbinary-5.12.0.tgz"; - sha1 = "2f84777838668fdf524c305a2363d6057aaeec84"; - }; - } { name = "jake___jake_10.8.2.tgz"; path = fetchurl { @@ -3394,11 +3410,11 @@ }; } { - name = "js_yaml___js_yaml_4.0.0.tgz"; + name = "js_yaml___js_yaml_4.1.0.tgz"; path = fetchurl { - name = "js_yaml___js_yaml_4.0.0.tgz"; - url = "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.0.0.tgz"; - sha1 = "f426bc0ff4b4051926cd588c71113183409a121f"; + name = "js_yaml___js_yaml_4.1.0.tgz"; + url = "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz"; + sha1 = "c1fb65f8f5017901cdd2c951864ba18458a10602"; }; } { @@ -3482,11 +3498,11 @@ }; } { - name = "json5___json5_2.1.3.tgz"; + name = "json5___json5_2.2.0.tgz"; path = fetchurl { - name = "json5___json5_2.1.3.tgz"; - url = "https://registry.yarnpkg.com/json5/-/json5-2.1.3.tgz"; - sha1 = "c9b0f7fa9233bfe5807fe66fcf3a5617ed597d43"; + name = "json5___json5_2.2.0.tgz"; + url = "https://registry.yarnpkg.com/json5/-/json5-2.2.0.tgz"; + sha1 = "2dfefe720c6ba525d9ebd909950f0515316c89a3"; }; } { @@ -3569,6 +3585,14 @@ sha1 = "882636a7245c2cfe6e0a4e3ba6c5d68a137e5c65"; }; } + { + name = "lazy_val___lazy_val_1.0.5.tgz"; + path = fetchurl { + name = "lazy_val___lazy_val_1.0.5.tgz"; + url = "https://registry.yarnpkg.com/lazy-val/-/lazy-val-1.0.5.tgz"; + sha1 = "6cf3b9f5bc31cee7ee3e369c0832b7583dcd923d"; + }; + } { name = "lazystream___lazystream_1.0.0.tgz"; path = fetchurl { @@ -4162,11 +4186,11 @@ }; } { - name = "node_fetch_npm___node_fetch_npm_2.0.2.tgz"; + name = "node_fetch_npm___node_fetch_npm_2.0.4.tgz"; path = fetchurl { - name = "node_fetch_npm___node_fetch_npm_2.0.2.tgz"; - url = "https://registry.yarnpkg.com/node-fetch-npm/-/node-fetch-npm-2.0.2.tgz"; - sha1 = "7258c9046182dca345b4208eda918daf33697ff7"; + name = "node_fetch_npm___node_fetch_npm_2.0.4.tgz"; + url = "https://registry.yarnpkg.com/node-fetch-npm/-/node-fetch-npm-2.0.4.tgz"; + sha1 = "6507d0e17a9ec0be3bec516958a497cec54bf5a4"; }; } { @@ -4217,14 +4241,6 @@ sha1 = "e66db1838b200c1dfc233225d12cb36520e234a8"; }; } - { - name = "normalize_package_data___normalize_package_data_3.0.2.tgz"; - path = fetchurl { - name = "normalize_package_data___normalize_package_data_3.0.2.tgz"; - url = "https://registry.yarnpkg.com/normalize-package-data/-/normalize-package-data-3.0.2.tgz"; - sha1 = "cae5c410ae2434f9a6c1baa65d5bc3b9366c8699"; - }; - } { name = "normalize_path___normalize_path_3.0.0.tgz"; path = fetchurl { @@ -4234,11 +4250,11 @@ }; } { - name = "normalize_url___normalize_url_4.5.0.tgz"; + name = "normalize_url___normalize_url_4.5.1.tgz"; path = fetchurl { - name = "normalize_url___normalize_url_4.5.0.tgz"; - url = "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.0.tgz"; - sha1 = "453354087e6ca96957bd8f5baf753f5982142129"; + name = "normalize_url___normalize_url_4.5.1.tgz"; + url = "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.1.tgz"; + sha1 = "0dd90cf1288ee1d1313b87081c9a5932ee48518a"; }; } { @@ -4345,14 +4361,6 @@ sha1 = "28ee94390e936df6d084263ee2061336a6a1581b"; }; } - { - name = "npm_registry_fetch___npm_registry_fetch_4.0.2.tgz"; - path = fetchurl { - name = "npm_registry_fetch___npm_registry_fetch_4.0.2.tgz"; - url = "https://registry.yarnpkg.com/npm-registry-fetch/-/npm-registry-fetch-4.0.2.tgz"; - sha1 = "2b1434f93ccbe6b6385f8e45f45db93e16921d7a"; - }; - } { name = "npm_registry_fetch___npm_registry_fetch_4.0.7.tgz"; path = fetchurl { @@ -5026,11 +5034,11 @@ }; } { - name = "read_config_file___read_config_file_6.0.0.tgz"; + name = "read_config_file___read_config_file_6.2.0.tgz"; path = fetchurl { - name = "read_config_file___read_config_file_6.0.0.tgz"; - url = "https://registry.yarnpkg.com/read-config-file/-/read-config-file-6.0.0.tgz"; - sha1 = "224b5dca6a5bdc1fb19e63f89f342680efdb9299"; + name = "read_config_file___read_config_file_6.2.0.tgz"; + url = "https://registry.yarnpkg.com/read-config-file/-/read-config-file-6.2.0.tgz"; + sha1 = "71536072330bcd62ba814f91458b12add9fc7ade"; }; } { @@ -5233,14 +5241,6 @@ sha1 = "be0aa4c06acd53083505abb35f4d66932ab35d16"; }; } - { - name = "resolve___resolve_1.20.0.tgz"; - path = fetchurl { - name = "resolve___resolve_1.20.0.tgz"; - url = "https://registry.yarnpkg.com/resolve/-/resolve-1.20.0.tgz"; - sha1 = "629a013fb3f70755d6f0b7935cc1c2c5378b1975"; - }; - } { name = "responselike___responselike_1.0.2.tgz"; path = fetchurl { @@ -5290,11 +5290,11 @@ }; } { - name = "safe_buffer___safe_buffer_5.2.0.tgz"; + name = "safe_buffer___safe_buffer_5.2.1.tgz"; path = fetchurl { - name = "safe_buffer___safe_buffer_5.2.0.tgz"; - url = "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.0.tgz"; - sha1 = "b74daec49b1148f88c64b68d49b1e815c1f2f519"; + name = "safe_buffer___safe_buffer_5.2.1.tgz"; + url = "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz"; + sha1 = "1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"; }; } { @@ -5305,14 +5305,6 @@ sha1 = "991ec69d296e0313747d59bdfd2b745c35f8828d"; }; } - { - name = "safe_buffer___safe_buffer_5.2.1.tgz"; - path = fetchurl { - name = "safe_buffer___safe_buffer_5.2.1.tgz"; - url = "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz"; - sha1 = "1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"; - }; - } { name = "safer_buffer___safer_buffer_2.1.2.tgz"; path = fetchurl { @@ -5385,6 +5377,14 @@ sha1 = "27aaa7d2e4ca76452f98d3add093a72c943edc97"; }; } + { + name = "semver___semver_7.3.5.tgz"; + path = fetchurl { + name = "semver___semver_7.3.5.tgz"; + url = "https://registry.yarnpkg.com/semver/-/semver-7.3.5.tgz"; + sha1 = "0b621c879348d8998e4b0e4be94b3f12e6018ef7"; + }; + } { name = "set_blocking___set_blocking_2.0.0.tgz"; path = fetchurl { @@ -5842,11 +5842,11 @@ }; } { - name = "temp_file___temp_file_3.3.7.tgz"; + name = "temp_file___temp_file_3.4.0.tgz"; path = fetchurl { - name = "temp_file___temp_file_3.3.7.tgz"; - url = "https://registry.yarnpkg.com/temp-file/-/temp-file-3.3.7.tgz"; - sha1 = "686885d635f872748e384e871855958470aeb18a"; + name = "temp_file___temp_file_3.4.0.tgz"; + url = "https://registry.yarnpkg.com/temp-file/-/temp-file-3.4.0.tgz"; + sha1 = "766ea28911c683996c248ef1a20eea04d51652c7"; }; } { @@ -5865,14 +5865,6 @@ sha1 = "7f5ee823ae805207c00af2df4a84ec3fcfa570b4"; }; } - { - name = "textextensions___textextensions_5.12.0.tgz"; - path = fetchurl { - name = "textextensions___textextensions_5.12.0.tgz"; - url = "https://registry.yarnpkg.com/textextensions/-/textextensions-5.12.0.tgz"; - sha1 = "b908120b5c1bd4bb9eba41423d75b176011ab68a"; - }; - } { name = "through2___through2_2.0.5.tgz"; path = fetchurl { @@ -5929,6 +5921,14 @@ sha1 = "bb924d239029157b9bc1d506a6aa341f8b13e64c"; }; } + { + name = "tmp_promise___tmp_promise_3.0.2.tgz"; + path = fetchurl { + name = "tmp_promise___tmp_promise_3.0.2.tgz"; + url = "https://registry.yarnpkg.com/tmp-promise/-/tmp-promise-3.0.2.tgz"; + sha1 = "6e933782abff8b00c3119d63589ca1fb9caaa62a"; + }; + } { name = "tmp___tmp_0.1.0.tgz"; path = fetchurl { @@ -5937,6 +5937,14 @@ sha1 = "ee434a4e22543082e294ba6201dcc6eafefa2877"; }; } + { + name = "tmp___tmp_0.2.1.tgz"; + path = fetchurl { + name = "tmp___tmp_0.2.1.tgz"; + url = "https://registry.yarnpkg.com/tmp/-/tmp-0.2.1.tgz"; + sha1 = "8457fc3037dcf4719c251367a1af6500ee1ccf14"; + }; + } { name = "to_fast_properties___to_fast_properties_2.0.0.tgz"; path = fetchurl { @@ -6281,22 +6289,6 @@ sha1 = "3a105ca17053af55d6e270c1f8288682e18da400"; }; } - { - name = "version_compare___version_compare_1.1.0.tgz"; - path = fetchurl { - name = "version_compare___version_compare_1.1.0.tgz"; - url = "https://registry.yarnpkg.com/version-compare/-/version-compare-1.1.0.tgz"; - sha1 = "7b3e67e7e6cec5c72d9c9e586f8854e419ade17c"; - }; - } - { - name = "version_range___version_range_1.1.0.tgz"; - path = fetchurl { - name = "version_range___version_range_1.1.0.tgz"; - url = "https://registry.yarnpkg.com/version-range/-/version-range-1.1.0.tgz"; - sha1 = "1c233064202ee742afc9d56e21da3b2e15260acf"; - }; - } { name = "walk___walk_2.3.14.tgz"; path = fetchurl { @@ -6514,19 +6506,19 @@ }; } { - name = "y18n___y18n_3.2.1.tgz"; + name = "y18n___y18n_3.2.2.tgz"; path = fetchurl { - name = "y18n___y18n_3.2.1.tgz"; - url = "https://registry.yarnpkg.com/y18n/-/y18n-3.2.1.tgz"; - sha1 = "6d15fba884c08679c0d77e88e7759e811e07fa41"; + name = "y18n___y18n_3.2.2.tgz"; + url = "https://registry.yarnpkg.com/y18n/-/y18n-3.2.2.tgz"; + sha1 = "85c901bd6470ce71fc4bb723ad209b70f7f28696"; }; } { - name = "y18n___y18n_4.0.0.tgz"; + name = "y18n___y18n_4.0.3.tgz"; path = fetchurl { - name = "y18n___y18n_4.0.0.tgz"; - url = "https://registry.yarnpkg.com/y18n/-/y18n-4.0.0.tgz"; - sha1 = "95ef94f85ecc81d007c264e190a120f0a3c8566b"; + name = "y18n___y18n_4.0.3.tgz"; + url = "https://registry.yarnpkg.com/y18n/-/y18n-4.0.3.tgz"; + sha1 = "b5f259c82cd6e336921efd7bfd8bf560de9eeedf"; }; } { @@ -6602,11 +6594,11 @@ }; } { - name = "yargs___yargs_16.2.0.tgz"; + name = "yargs___yargs_17.0.1.tgz"; path = fetchurl { - name = "yargs___yargs_16.2.0.tgz"; - url = "https://registry.yarnpkg.com/yargs/-/yargs-16.2.0.tgz"; - sha1 = "1c82bf0f6b6a66eafce7ef30e376f49a12477f66"; + name = "yargs___yargs_17.0.1.tgz"; + url = "https://registry.yarnpkg.com/yargs/-/yargs-17.0.1.tgz"; + sha1 = "6a1ced4ed5ee0b388010ba9fd67af83b9362e0bb"; }; } { diff --git a/pkgs/applications/networking/instant-messengers/element/element-desktop.nix b/pkgs/applications/networking/instant-messengers/element/element-desktop.nix index 6424972cbf7..f8f4d31d6ec 100644 --- a/pkgs/applications/networking/instant-messengers/element/element-desktop.nix +++ b/pkgs/applications/networking/instant-messengers/element/element-desktop.nix @@ -8,12 +8,12 @@ let executableName = "element-desktop"; - version = "1.7.30"; + version = "1.7.31"; src = fetchFromGitHub { owner = "vector-im"; repo = "element-desktop"; rev = "v${version}"; - sha256 = "09k1xxmzqvw8c1x9ndsdvwj4598rdx9zqraz3rmr3i58s51vycxp"; + sha256 = "14vyqzf69g4n3i7qjm1pgq2kwym6cira0jwvirzdrwxkfsl0dsq6"; }; in mkYarnPackage rec { name = "element-desktop-${version}"; diff --git a/pkgs/applications/networking/instant-messengers/element/element-web.nix b/pkgs/applications/networking/instant-messengers/element/element-web.nix index 5baed75ba52..d9aec35b04b 100644 --- a/pkgs/applications/networking/instant-messengers/element/element-web.nix +++ b/pkgs/applications/networking/instant-messengers/element/element-web.nix @@ -12,11 +12,11 @@ let in stdenv.mkDerivation rec { pname = "element-web"; - version = "1.7.30"; + version = "1.7.31"; src = fetchurl { url = "https://github.com/vector-im/element-web/releases/download/v${version}/element-v${version}.tar.gz"; - sha256 = "1pnmgdyacxfk8hdf930rqqvqrcvckc3m4pb5mkznlirsmw06nfay"; + sha256 = "1p0vg5bkri7qiqv5yic56hjjbb5zvhvyzsm5zi7fx3yb7zdxmr3f"; }; installPhase = '' From 3276bd576d2f74c48aef4879853a7d3b9a287d1e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milan=20P=C3=A4ssler?= Date: Thu, 10 Jun 2021 01:37:30 +0200 Subject: [PATCH 185/202] ansible_2_10: 2.10.9 -> 2.10.10 (cherry picked from commit 6960d3b17088433c63a8f6e39ef9b64c27e2f34b) --- pkgs/development/python-modules/ansible/base.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/ansible/base.nix b/pkgs/development/python-modules/ansible/base.nix index f3470f80b50..99a63d69939 100644 --- a/pkgs/development/python-modules/ansible/base.nix +++ b/pkgs/development/python-modules/ansible/base.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "ansible-base"; - version = "2.10.9"; + version = "2.10.10"; src = fetchPypi { inherit pname version; - sha256 = "0l91bwbavjnaqsnb4c6f17xl7r0cvglz3rxqfs63aagw10z5sqq4"; + sha256 = "046ynyk9ldw35jbyw6jp0dmms735cd5i1f046f2lis8xv27bci3p"; }; # ansible_connection is already wrapped, so don't pass it through From 323d2080cb97c7a1740e56298a3b341ef4eb6038 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Milan=20P=C3=A4ssler?= Date: Thu, 10 Jun 2021 01:38:20 +0200 Subject: [PATCH 186/202] ansible_2_9: 2.9.21 -> 2.9.22 (cherry picked from commit 53448012e83d6b9872b345ede9873e4ffbc4acea) --- pkgs/development/python-modules/ansible/legacy.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/ansible/legacy.nix b/pkgs/development/python-modules/ansible/legacy.nix index 2779feffee8..174ab6dc6c4 100644 --- a/pkgs/development/python-modules/ansible/legacy.nix +++ b/pkgs/development/python-modules/ansible/legacy.nix @@ -18,13 +18,13 @@ buildPythonPackage rec { pname = "ansible"; - version = "2.9.21"; + version = "2.9.22"; src = fetchFromGitHub { owner = "ansible"; repo = "ansible"; rev = "v${version}"; - sha256 = "1pfiwq2wfw11vmxdq2yhk86hm5jljlrnphlzfjr01kwzfikkdp5m"; + sha256 = "0gkv59cfxzs0ahgkxmmx9sqnfb2xqr10q4yh2662nbzajmvqmfgm"; }; prePatch = '' From e352b011c26127ed851357643a45790ed04b6703 Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 22 Jun 2021 15:02:09 +0200 Subject: [PATCH 187/202] ansible_2_10: 2.10.10 -> 2.10.11 (cherry picked from commit 10be06813dcd89516ceba01e6891a742bdcf63ef) --- pkgs/development/python-modules/ansible/base.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/ansible/base.nix b/pkgs/development/python-modules/ansible/base.nix index 99a63d69939..06f53423219 100644 --- a/pkgs/development/python-modules/ansible/base.nix +++ b/pkgs/development/python-modules/ansible/base.nix @@ -22,11 +22,11 @@ buildPythonPackage rec { pname = "ansible-base"; - version = "2.10.10"; + version = "2.10.11"; src = fetchPypi { inherit pname version; - sha256 = "046ynyk9ldw35jbyw6jp0dmms735cd5i1f046f2lis8xv27bci3p"; + sha256 = "0jr3cxqiami9k07g2kmvfp54iafbcnd1d66l8fdnaqka5bc19wdw"; }; # ansible_connection is already wrapped, so don't pass it through From eab26236af131edad382624bb037b977f9297fad Mon Sep 17 00:00:00 2001 From: Martin Weinelt Date: Tue, 22 Jun 2021 15:06:58 +0200 Subject: [PATCH 188/202] ansible_2_9: 2.9.22 -> 2.9.23 (cherry picked from commit e578f0f7d06ef94030d45298296d6b8b2a61b97d) --- pkgs/development/python-modules/ansible/legacy.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/development/python-modules/ansible/legacy.nix b/pkgs/development/python-modules/ansible/legacy.nix index 174ab6dc6c4..12eed6bdb29 100644 --- a/pkgs/development/python-modules/ansible/legacy.nix +++ b/pkgs/development/python-modules/ansible/legacy.nix @@ -18,13 +18,13 @@ buildPythonPackage rec { pname = "ansible"; - version = "2.9.22"; + version = "2.9.23"; src = fetchFromGitHub { owner = "ansible"; repo = "ansible"; rev = "v${version}"; - sha256 = "0gkv59cfxzs0ahgkxmmx9sqnfb2xqr10q4yh2662nbzajmvqmfgm"; + sha256 = "0mikykpzyqpmaiczz53f71mcyc4qvahi9ckn7wgfx7sw7s2z3skk"; }; prePatch = '' From aa6f5b6f911bcb96b7d3ce6390a603a6cfaa170f Mon Sep 17 00:00:00 2001 From: Michael Weiss Date: Wed, 23 Jun 2021 00:10:49 +0200 Subject: [PATCH 189/202] signal-desktop: 5.5.0 -> 5.6.1 (cherry picked from commit 150a2f0b2eed02fd3e8a22047245870600071160) --- .../networking/instant-messengers/signal-desktop/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index d5f22c57cd3..b78a5310026 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -25,7 +25,7 @@ let else ""); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.5.0"; # Please backport all updates to the stable channel. + version = "5.6.1"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "0l12hwwv0ks2hgp1xc5nmn5rcqzwxdpjqhwysix550m26bz4jczp"; + sha256 = "00q99r3p49fa5j54h1faxrzxfgz1pkx86b1jg3vi94hddlw3xm9c"; }; nativeBuildInputs = [ From 0ccd0d91361dc42dd32ffcfafed1a4fc23d1c8b4 Mon Sep 17 00:00:00 2001 From: upkeep-bot Date: Fri, 18 Jun 2021 00:28:30 +0000 Subject: [PATCH 190/202] vscode: 1.57.0 -> 1.57.1 (cherry picked from commit 1642cf81b3e1485e2e3191b0760cf893f7a1327e) --- pkgs/applications/editors/vscode/vscode.nix | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pkgs/applications/editors/vscode/vscode.nix b/pkgs/applications/editors/vscode/vscode.nix index 6ae837105a9..dc980a00587 100644 --- a/pkgs/applications/editors/vscode/vscode.nix +++ b/pkgs/applications/editors/vscode/vscode.nix @@ -13,10 +13,10 @@ let archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz"; sha256 = { - x86_64-linux = "08qrag9nzmngzzvs2cgbmc4zzxlb9kwn183v8caj6dvcrjvfqgbv"; - x86_64-darwin = "0rlyr08lla3xadlh373xqcks8a9akk3x2cmakgn17q2b16988fmq"; - aarch64-linux = "1m277940xsasqac4i88s05xrqsab99jhl3ka0zzfbixrgr2dj8q1"; - armv7l-linux = "1qm4cggjj50vdnrx848x810gz3ahh0hndra22lsvcjdbsw8g35rk"; + x86_64-linux = "0cklp0mp7qylzrqnfbvzs308q0bzpswlqw5n98qhl1jb5783svx1"; + x86_64-darwin = "04yyv0wpkzdjfiy9kj2jslhv7nc5i6nw2207vfnbzysgs55l3x63"; + aarch64-linux = "1ygk51902g0q7x3r6kd3s7gi2gx86x10svpvbipl494qcyfngqzs"; + armv7l-linux = "0z5rg1nl8lz7zsvml6dfz093dbyrkr4zvvfssqiyarw4n24d2mim"; }.${system}; in callPackage ./generic.nix rec { @@ -25,7 +25,7 @@ in # Please backport all compatible updates to the stable release. # This is important for the extension ecosystem. - version = "1.56.2"; + version = "1.57.1"; pname = "vscode"; executableName = "code" + lib.optionalString isInsiders "-insiders"; From d70ec738b300f8e74ef9a844e65859fc517f4bef Mon Sep 17 00:00:00 2001 From: Jean-Marie Gaillourdet Date: Sat, 5 Jun 2021 20:52:32 +0200 Subject: [PATCH 191/202] all Jetbrains products: update to latest version clion: 2020.2.1 -> 2021.1.2 datagrip: 2020.2.2 -> 2021.1.2 goland: 2020.2.2 -> 2021.1.2 idea-community: 2020.2.1 -> 2021.1.2 idea-ultimate: 2020.2.1 -> 2021.1.2 mps: 2020.1.4 -> 2021.1 phpstorm: 2020.2.1 -> 2021.1.3 pycharm-community: 2020.2.1 -> 2021.1.2 pycharm-professional: 2020.2.1 -> 2021.1.2 rider: 2020.2.1 -> 2021.1.3 ruby-mine: 2020.2.1 -> 2021.1.2 webstorm: 2020.2.1 -> 2021.1.2 These updates have all been generated with the newly fixed update.pl script. The script update.pl, which gets the latest versions from upstream web server, has been failing for roughly half a year. It failed to handle the new url pattern of MPS. The script and the url pattern is updated to work with the latest version. The clion specific postFixup hook had to be adapted, because names of shared libraries changed. (cherry picked from commit 8593496928ebacc8d0779ff5706b8d511dbc0177) (cherry picked from commit a887b48e1d666ae2742bf86010aa1a1372b9ecbd) --- .../editors/jetbrains/default.nix | 22 +++++++++---------- pkgs/applications/editors/jetbrains/update.pl | 5 +++-- 2 files changed, 14 insertions(+), 13 deletions(-) diff --git a/pkgs/applications/editors/jetbrains/default.nix b/pkgs/applications/editors/jetbrains/default.nix index 32159e3ebd2..55df159fab9 100644 --- a/pkgs/applications/editors/jetbrains/default.nix +++ b/pkgs/applications/editors/jetbrains/default.nix @@ -307,12 +307,12 @@ in mps = buildMps rec { name = "mps-${version}"; - version = "2020.3.3"; /* updated by script */ + version = "2021.1"; /* updated by script */ description = "Create your own domain-specific language"; license = lib.licenses.asl20; src = fetchurl { - url = "https://download.jetbrains.com/mps/2020.3/MPS-${version}.tar.gz"; - sha256 = "0sb50f7d4272dzx84njc326xvhbqn3xwrphvdq4zl3pk3wl8f4nz"; /* updated by script */ + url = "https://download.jetbrains.com/mps/${version}/MPS-${version}.tar.gz"; + sha256 = "0fdh8lzsi2zryi0xs961vrf3l8kqk5imlj56dhifywi7xkhs3vwn"; /* updated by script */ }; wmClass = "jetbrains-mps"; update-channel = "MPS RELEASE"; @@ -320,12 +320,12 @@ in phpstorm = buildPhpStorm rec { name = "phpstorm-${version}"; - version = "2021.1.2"; /* updated by script */ + version = "2021.1.3"; /* updated by script */ description = "Professional IDE for Web and PHP developers"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/webide/PhpStorm-${version}.tar.gz"; - sha256 = "02s75fqd9hfh302zha4jw6qynpgm9nkrlq7s78nk3fc3d3hw8v5y"; /* updated by script */ + sha256 = "05hjv1nz1b82bkakadjvsy23v0qv8fyni6h31lcg9198h1890f7v"; /* updated by script */ }; wmClass = "jetbrains-phpstorm"; update-channel = "PhpStorm RELEASE"; @@ -333,12 +333,12 @@ in pycharm-community = buildPycharm rec { name = "pycharm-community-${version}"; - version = "2021.1.1"; /* updated by script */ + version = "2021.1.2"; /* updated by script */ description = "PyCharm Community Edition"; license = lib.licenses.asl20; src = fetchurl { url = "https://download.jetbrains.com/python/${name}.tar.gz"; - sha256 = "04bs9sz872b0h1zzax23irvj6q5wxnzp6fl4f177j94kh4116cqh"; /* updated by script */ + sha256 = "0sp7w1xrl0y36dai08kqfd0jk06yr7jdbaf1a9f3fgxp5pmspxp1"; /* updated by script */ }; wmClass = "jetbrains-pycharm-ce"; update-channel = "PyCharm RELEASE"; @@ -346,12 +346,12 @@ in pycharm-professional = buildPycharm rec { name = "pycharm-professional-${version}"; - version = "2021.1.1"; /* updated by script */ + version = "2021.1.2"; /* updated by script */ description = "PyCharm Professional Edition"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/python/${name}.tar.gz"; - sha256 = "0wc9j7nilakmm7scf7a71zb3k9vixgih05ni3n3pp4iznvwb3nxg"; /* updated by script */ + sha256 = "0ny7rbl8g5azpqnlcq8l6bwh6hrp8rgp06lf4a8gdr9rpvw9xsqb"; /* updated by script */ }; wmClass = "jetbrains-pycharm"; update-channel = "PyCharm RELEASE"; @@ -372,12 +372,12 @@ in ruby-mine = buildRubyMine rec { name = "ruby-mine-${version}"; - version = "2021.1.1"; /* updated by script */ + version = "2021.1.2"; /* updated by script */ description = "The Most Intelligent Ruby and Rails IDE"; license = lib.licenses.unfree; src = fetchurl { url = "https://download.jetbrains.com/ruby/RubyMine-${version}.tar.gz"; - sha256 = "05sfjf5523idsl7byc7400r4xqv1d65gpmkh5x0lbgf1k3bx2wlm"; /* updated by script */ + sha256 = "0r80y8y38rdxgc9sim0q2p7bmgxlp4pdxydr0w9gjikwnjxnvz51"; /* updated by script */ }; wmClass = "jetbrains-rubymine"; update-channel = "RubyMine RELEASE"; diff --git a/pkgs/applications/editors/jetbrains/update.pl b/pkgs/applications/editors/jetbrains/update.pl index 6f0a451849a..cd3d2193a28 100755 --- a/pkgs/applications/editors/jetbrains/update.pl +++ b/pkgs/applications/editors/jetbrains/update.pl @@ -61,8 +61,9 @@ sub update_nix_block { # try to interpret some nix my ($name) = $block =~ /name\s*=\s*"([^"]+)"/; $name =~ s/\$\{version\}/$latest_versions{$channel}/; - $url =~ s/\$\{name\}/$name/; - $url =~ s/\$\{version\}/$latest_versions{$channel}/; + # Some url paattern contain variables more than once + $url =~ s/\$\{name\}/$name/g; + $url =~ s/\$\{version\}/$latest_versions{$channel}/g; die "$url still has some interpolation" if $url =~ /\$/; my ($sha256) = get("$url.sha256") =~ /^([0-9a-f]{64})/; my $version_string = $latest_versions{$channel}; From e579ac33d271ccc14ecfba5946674c5dbe113706 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Wed, 23 Jun 2021 17:54:56 +0200 Subject: [PATCH 192/202] grafana: 7.5.7 -> 7.5.9 ChangeLog: https://github.com/grafana/grafana/releases/tag/v7.5.8 ChangeLog: https://github.com/grafana/grafana/releases/tag/v7.5.9 While I don't think we should backport Grafana 8 to 21.05 without a good reason, it still makes sense to apply patch-updates of v7 here. --- pkgs/servers/monitoring/grafana/default.nix | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/pkgs/servers/monitoring/grafana/default.nix b/pkgs/servers/monitoring/grafana/default.nix index 89e49671d86..acf4c599b60 100644 --- a/pkgs/servers/monitoring/grafana/default.nix +++ b/pkgs/servers/monitoring/grafana/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "grafana"; - version = "7.5.7"; + version = "7.5.9"; excludedPackages = [ "release_publisher" ]; @@ -10,15 +10,15 @@ buildGoModule rec { rev = "v${version}"; owner = "grafana"; repo = "grafana"; - sha256 = "sha256-GTQK02zxOBTE+93vT0zLMhAeZ7F3Cq/0lbvbzwB2QZA="; + sha256 = "sha256-khk2K4V/FnvZ5/DHu/0dRBgkUipJ0vzVujyqpkttft8="; }; srcStatic = fetchurl { url = "https://dl.grafana.com/oss/release/grafana-${version}.linux-amd64.tar.gz"; - sha256 = "sha256-IQ7aAuUrNa+bSh5ld6IttujM8AgKUSlu8H7pwzDi164="; + sha256 = "sha256-QMWcmedMOB7EBAWOl4t/kZ6G4Q7D9XxMzTh4BkW+pPI="; }; - vendorSha256 = "sha256-AsPRaRLomp090XAKLXLXKm40ESPO4im9qi6VLpLYRQU="; + vendorSha256 = "sha256-FdotpFi1ee92mCX59bBuqzCyjIq6yujWixReYxmKbS8="; # grafana-aws-sdk is specified with two versions which causes a problem later: # go: inconsistent vendoring in /build/source: From 8f89e4b6a12eeec3d5ea084efb0aa02bd3282902 Mon Sep 17 00:00:00 2001 From: David Arnold Date: Wed, 16 Jun 2021 15:02:47 -0500 Subject: [PATCH 193/202] docs: nixos release notes to CommonMark (2105) docs: nixos release notes (revise code blocks) docs: nixos release notes (fix opt links outside of code blocks) docs: nixos release notes (fix opt links inside of code blocks) went fishing with: ```console rg -A1 \ --multiline \ --multiline-dotall \ '[^]+' \ | rg linkend ``` docs: nixos release notes (prettier) docs: nixos release notes (restore admonition from prettier destriction) docs: nixos release notes (recreate xml files) docs: nixos release notes (fix code block indentation) docs: nixos release notes (diff after converting with https://github.com/NixOS/nixpkgs/pull/127270) (cherry picked from commit 32c2dd304d5e1b2a48a0772f906d0cc86332992e) --- .../from_md/release-notes/rl-2105.section.xml | 1565 +++++++++++++++++ .../manual/release-notes/release-notes.xml | 2 +- .../manual/release-notes/rl-2105.section.md | 428 +++++ nixos/doc/manual/release-notes/rl-2105.xml | 1257 ------------- 4 files changed, 1994 insertions(+), 1258 deletions(-) create mode 100644 nixos/doc/manual/from_md/release-notes/rl-2105.section.xml create mode 100644 nixos/doc/manual/release-notes/rl-2105.section.md delete mode 100644 nixos/doc/manual/release-notes/rl-2105.xml diff --git a/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml b/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml new file mode 100644 index 00000000000..e043bee7761 --- /dev/null +++ b/nixos/doc/manual/from_md/release-notes/rl-2105.section.xml @@ -0,0 +1,1565 @@ +
+ Release 21.05 (<quote>Okapi</quote>, 2021.05/31) + + Support is planned until the end of December 2021, handing over to + 21.11. + +
+ Highlights + + In addition to numerous new and upgraded packages, this release + has the following highlights: + + + + + Core version changes: + + + + + gcc: 9.3.0 -> 10.3.0 + + + + + glibc: 2.30 -> 2.32 + + + + + default linux: 5.4 -> 5.10, all supported kernels + available + + + + + mesa: 20.1.7 -> 21.0.1 + + + + + + + Desktop Environments: + + + + + GNOME: 3.36 -> 40, see its + release + notes + + + + + Plasma5: 5.18.5 -> 5.21.3 + + + + + kdeApplications: 20.08.1 -> 20.12.3 + + + + + cinnamon: 4.6 -> 4.8.1 + + + + + + + Programming Languages and Frameworks: + + + + + Python optimizations were disabled again. Builds with + optimizations enabled are not reproducible. Optimizations + can now be enabled with an option. + + + + + + + The linux_latest kernel was updated to the 5.12 series. It + currently is not officially supported for use with the zfs + filesystem. If you use zfs, you should use a different kernel + version (either the LTS kernel, or track a specific one). + + + +
+
+ New Services + + The following new services were added since the last release: + + + + + GNURadio + 3.8 was + finally + packaged, along with a rewrite to the Nix expressions, + allowing users to override the features upstream supports + selecting to compile or not to. Additionally, the attribute + gnuradio and gnuradio3_7 + now point to an externally wrapped by default derivations, + that allow you to also add `extraPythonPackages` to the Python + interpreter used by GNURadio. Missing environmental variables + needed for operational GUI were also added + (#75478). + + + + + Keycloak, + an open source identity and access management server with + support for + OpenID + Connect, OAUTH + 2.0 and + SAML + 2.0. + + + See the Keycloak + section of the NixOS manual for more information. + + + + + services.samba-wsdd.enable + Web Services Dynamic Discovery host daemon + + + + + Discourse, + a modern and open source discussion platform. + + + See the Discourse + section of the NixOS manual for more information. + + + + + services.nebula.networks + Nebula + VPN + + + +
+
+ Backward Incompatibilities + + When upgrading from a previous release, please be aware of the + following incompatible changes: + + + + + GNOME desktop environment was upgraded to 40, see the release + notes for + 40.0 + and + 3.38. + The gnome3 attribute set has been renamed + to gnome and so have been the NixOS + options. + + + + + If you are using services.udev.extraRules + to assign custom names to network interfaces, this may stop + working due to a change in the initialisation of dhcpcd and + systemd networkd. To avoid this, either move them to + services.udev.initrdRules or see the new + Assigning custom + names section of the NixOS manual for an example using + networkd links. + + + + + The security.hideProcessInformation module + has been removed. It was broken since the switch to + cgroups-v2. + + + + + The linuxPackages.ati_drivers_x11 kernel + modules have been removed. The drivers only supported kernels + prior to 4.2, and thus have become obsolete. + + + + + The systemConfig kernel parameter is no + longer added to boot loader entries. It has been unused since + September 2010, but if do have a system generation from that + era, you will now be unable to boot into them. + + + + + systemd-journal2gelf no longer parses json + and expects the receiving system to handle it. How to achieve + this with Graylog is described in this + GitHub + issue. + + + + + If the services.dbus module is enabled, + then the user D-Bus session is now always socket activated. + The associated options + services.dbus.socketActivated and + services.xserver.startDbusSession have + therefore been removed and you will receive a warning if they + are present in your configuration. This change makes the user + D-Bus session available also for non-graphical logins. + + + + + The networking.wireless.iwd module now + installs the upstream-provided 80-iwd.link file, which sets + the NamePolicy= for all wlan devices to "keep + kernel", to avoid race conditions between iwd and + networkd. If you don't want this, you can set + systemd.network.links."80-iwd" = lib.mkForce {}. + + + + + rubyMinimal was removed due to being unused + and unusable. The default ruby interpreter includes JIT + support, which makes it reference it's compiler. Since JIT + support is probably needed by some Gems, it was decided to + enable this feature with all cc references by default, and + allow to build a Ruby derivation without references to cc, by + setting jitSupport = false; in an overlay. + See + #90151 + for more info. + + + + + Setting + services.openssh.authorizedKeysFiles now + also affects which keys + security.pam.enableSSHAgentAuth will use. + WARNING: If you are using these options in combination do make + sure that any key paths you use are present in + services.openssh.authorizedKeysFiles! + + + + + The option fonts.enableFontDir has been + renamed to + fonts.fontDir.enable. + The path of font directory has also been changed to + /run/current-system/sw/share/X11/fonts, for + consistency with other X11 resources. + + + + + A number of options have been renamed in the kicad interface. + oceSupport has been renamed to + withOCE, withOCCT has + been renamed to withOCC, + ngspiceSupport has been renamed to + withNgspice, and + scriptingSupport has been renamed to + withScripting. Additionally, + kicad/base.nix no longer provides default + argument values since these are provided by + kicad/default.nix. + + + + + The socket for the pdns-recursor module was + moved from /var/lib/pdns-recursor to + /run/pdns-recursor to match upstream. + + + + + Paperwork was updated to version 2. The on-disk format + slightly changed, and it is not possible to downgrade from + Paperwork 2 back to Paperwork 1.3. Back your documents up + before upgrading. See + this + thread for more details. + + + + + PowerDNS has been updated from 4.2.x to + 4.3.x. Please be sure to review the + Upgrade + Notes provided by upstream before upgrading. Worth + specifically noting is that the service now runs entirely as a + dedicated pdns user, instead of starting as + root and dropping privileges, as well as + the default socket-dir location changing + from /var/lib/powerdns to + /run/pdns. + + + + + The mediatomb service is now using by + default the new and maintained fork gerbera + package instead of the unmaintained + mediatomb package. If you want to keep the + old behavior, you must declare it with: + + +{ + services.mediatomb.package = pkgs.mediatomb; +} + + + One new option openFirewall has been + introduced which defaults to false. If you relied on the + service declaration to add the firewall rules itself before, + you should now declare it with: + + +{ + services.mediatomb.openFirewall = true; +} + + + + + xfsprogs was update from 4.19 to 5.11. It now enables reflink + support by default on filesystem creation. Support for + reflinks was added with an experimental status to kernel 4.9 + and deemed stable in kernel 4.16. If you want to be able to + mount XFS filesystems created with this release of xfsprogs on + kernel releases older than those, you need to format them with + mkfs.xfs -m reflink=0. + + + + + The uWSGI server is now built with POSIX capabilities. As a + consequence, root is no longer required in emperor mode and + the service defaults to running as the unprivileged + uwsgi user. Any additional capability can + be added via the new option + services.uwsgi.capabilities. + The previous behaviour can be restored by setting: + + +{ + services.uwsgi.user = "root"; + services.uwsgi.group = "root"; + services.uwsgi.instance = + { + uid = "uwsgi"; + gid = "uwsgi"; + }; +} + + + Another incompatibility from the previous release is that + vassals running under a different user or group need to use + immediate-{uid,gid} instead of the usual + uid,gid options. + + + + + btc1 has been abandoned upstream, and removed. + + + + + cpp_ethereum (aleth) has been abandoned upstream, and removed. + + + + + riak-cs package removed along with + services.riak-cs module. + + + + + stanchion package removed along with + services.stanchion module. + + + + + mutt has been updated to a new major version (2.x), which + comes with some backward incompatible changes that are + described in the + release + notes for Mutt 2.0. + + + + + vim and neovim switched + to Python 3, dropping all Python 2 support. + + + + + networking.wireguard.interfaces.<name>.generatePrivateKeyFile, + which is off by default, had a chmod race + condition fixed. As an aside, the parent directory's + permissions were widened, and the key files were made + owner-writable. This only affects newly created keys. However, + if the exact permissions are important for your setup, read + #121294. + + + + + boot.zfs.forceImportAll + previously did nothing, but has been fixed. However its + default has been changed to false to + preserve the existing default behaviour. If you have this + explicitly set to true, please note that + your non-root pools will now be forcibly imported. + + + + + openafs now points to openafs_1_8, which is the new stable + release. OpenAFS 1.6 was removed. + + + + + The WireGuard module gained a new option + networking.wireguard.interfaces.<name>.peers.*.dynamicEndpointRefreshSeconds + that implements refreshing the IP of DNS-based endpoints + periodically (which WireGuard itself + cannot + do). + + + + + MariaDB has been updated to 10.5. Before you upgrade, it would + be best to take a backup of your database and read + + Incompatible Changes Between 10.4 and 10.5. After the + upgrade you will need to run mysql_upgrade. + + + + + The TokuDB storage engine dropped in mariadb 10.5 and removed + in mariadb 10.6. It is recommended to switch to RocksDB. See + also + TokuDB + and + MDEV-19780: + Remove the TokuDB storage engine. + + + + + The openldap module now has support for + OLC-style configuration, users of the + configDir option may wish to migrate. If + you continue to use configDir, ensure that + olcPidFile is set to + /run/slapd/slapd.pid. + + + As a result, extraConfig and + extraDatabaseConfig are removed. To help + with migration, you can convert your + slapd.conf file to OLC configuration with + the following script (find the location of this configuration + file by running systemctl status openldap, + it is the -f option. + + +$ TMPDIR=$(mktemp -d) +$ slaptest -f /path/to/slapd.conf -F $TMPDIR +$ slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))' + + + This will dump your current configuration in LDIF format, + which should be straightforward to convert into Nix settings. + This does not show your schema configuration, as this is + unnecessarily verbose for users of the default schemas and + slaptest is buggy with schemas directly in + the config file. + + + + + Amazon EC2 and OpenStack Compute (nova) images now re-fetch + instance meta data and user data from the instance metadata + service (IMDS) on each boot. For example: stopping an EC2 + instance, changing its user data, and restarting the instance + will now cause it to fetch and apply the new user data. + + + + Specifically, /etc/ec2-metadata is + re-populated on each boot. Some NixOS scripts that read from + this directory are guarded to only run if the files they + want to manipulate do not already exist, and so will not + re-apply their changes if the IMDS response changes. + Examples: root's SSH key is only added if + /root/.ssh/authorized_keys does not + exist, and SSH host keys are only set from user data if they + do not exist in /etc/ssh. + + + + + + The rspamd services is now sandboxed. It is + run as a dynamic user instead of root, so secrets and other + files may have to be moved or their permissions may have to be + fixed. The sockets are now located in + /run/rspamd instead of + /run. + + + + + Enabling the Tor client no longer silently also enables and + configures Privoxy, and the + services.tor.client.privoxy.enable option + has been removed. To enable Privoxy, and to configure it to + use Tor's faster port, use the following configuration: + + +{ + opt-services.privoxy.enable = true; + opt-services.privoxy.enableTor = true; +} + + + + + The services.tor module has a new + exhaustively typed + services.tor.settings + option following RFC 0042; backward compatibility with old + options has been preserved when aliasing was possible. The + corresponding systemd service has been hardened, but there is + a chance that the service still requires more permissions, so + please report any related trouble on the bugtracker. Onion + services v3 are now supported in + services.tor.relay.onionServices. + A new + services.tor.openFirewall + option as been introduced for allowing connections on all the + TCP ports configured. + + + + + The options + services.slurm.dbdserver.storagePass and + services.slurm.dbdserver.configFile have + been removed. Use + services.slurm.dbdserver.storagePassFile + instead to provide the database password. Extra config options + can be given via the option + services.slurm.dbdserver.extraConfig. The + actual configuration file is created on the fly on startup of + the service. This avoids that the password gets exposed in the + nix store. + + + + + The wafHook hook does not wrap Python + anymore. Packages depending on wafHook need + to include any Python into their + nativeBuildInputs. + + + + + Starting with version 1.7.0, the project formerly named + CodiMD is now named + HedgeDoc. New installations will no longer + use the old name for users, state directories and such, this + needs to be considered when moving state to a more recent + NixOS installation. Based on + system.stateVersion, + existing installations will continue to work. + + + + + The fish-foreign-env package has been replaced with + fishPlugins.foreign-env, in which the fish functions have been + relocated to the vendor_functions.d + directory to be loaded automatically. + + + + + The prometheus json exporter is now managed by the prometheus + community. Together with additional features some backwards + incompatibilities were introduced. Most importantly the + exporter no longer accepts a fixed command-line parameter to + specify the URL of the endpoint serving JSON. It now expects + this URL to be passed as an URL parameter, when scraping the + exporter's /probe endpoint. In the + prometheus scrape configuration the scrape target might look + like this: + + +http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/endpoint + + + Existing configuration for the exporter needs to be updated, + but can partially be re-used. Documentation is available in + the upstream repository and a small example for NixOS is + available in the corresponding NixOS test. + + + These changes also affect + services.prometheus.exporters.rspamd.enable, + which is just a preconfigured instance of the json exporter. + + + For more information, take a look at the + + official documentation of the json_exporter. + + + + + Androidenv was updated, removing the + includeDocs and + lldbVersions arguments. Docs only covered a + single version of the Android SDK, LLDB is now bundled with + the NDK, and both are no longer available to download from the + Android package repositories. Additionally, since the package + lists have been updated, some older versions of Android + packages may not be bundled. If you depend on older versions + of Android packages, we recommend overriding the repo. + + + Android packages are now loaded from a repo.json file created + by parsing Android repo XML files. The arguments + repoJson and repoXmls + have been added to allow overriding the built-in androidenv + repo.json with your own. Additionally, license files are now + written to allow compatibility with Gradle-based tools, and + the extraLicenses argument has been added + to accept more SDK licenses if your project requires it. See + the androidenv documentation for more details. + + + + + The attribute mpi is now consistently used + to provide a default, system-wide MPI implementation. The + default implementation is openmpi, which has been used before + by all derivations affects by this change. Note that all + packages that have used mpi ? null in the + input for optional MPI builds, have been changed to the + boolean input paramater useMpi to enable + building with MPI. Building all packages with + mpich instead of the default + openmpi can now be achived like this: + + +self: super: +{ + mpi = super.mpich; +} + + + + + The Searx module has been updated with the ability to + configure the service declaratively and uWSGI integration. The + option services.searx.configFile has been + renamed to + services.searx.settingsFile + for consistency with the new + services.searx.settings. + In addition, the searx uid and gid + reservations have been removed since they were not necessary: + the service is now running with a dynamically allocated uid. + + + + + The libinput module has been updated with the ability to + configure mouse and touchpad settings separately. The options + in services.xserver.libinput have been + renamed to + services.xserver.libinput.touchpad, while + there is a new + services.xserver.libinput.mouse for mouse + related configuration. + + + Since touchpad options no longer apply to all devices, you may + want to replicate your touchpad configuration in mouse + section. + + + + + ALSA OSS emulation + (sound.enableOSSEmulation) is now disabled + by default. + + + + + Thinkfan as been updated to 1.2.x, which + comes with a new YAML based configuration format. For this + reason, several NixOS options of the thinkfan module have been + changed to non-backward compatible types. In addition, a new + services.thinkfan.settings + option has been added. + + + Please read the + + thinkfan documentation before updating. + + + + + Adobe Flash Player support has been dropped from the tree. In + particular, the following packages no longer support it: + + + + + chromium + + + + + firefox + + + + + qt48 + + + + + qt5.qtwebkit + + + + + Additionally, packages flashplayer and hal-flash were removed + along with the services.flashpolicyd + module. + + + + + The security.rngd module has been removed. + It was disabled by default in 20.09 as it was functionally + redundant with krngd in the linux kernel. It is not necessary + for any device that the kernel recognises as an hardware RNG, + as it will automatically run the krngd task to periodically + collect random data from the device and mix it into the + kernel's RNG. + + + The default SMTP port for GitLab has been changed to + 25 from its previous default of + 465. If you depended on this default, you + should now set the + services.gitlab.smtp.port + option. + + + + + The default version of ImageMagick has been updated from 6 to + 7. You can use imagemagick6, imagemagick6_light, and + imagemagick6Big if you need the older version. + + + + + services.xserver.videoDrivers + no longer uses the deprecated cirrus and + vesa device dependent X drivers by default. + It also enables both amdgpu and + nouveau drivers by default now. + + + + + The kindlegen package is gone, because it + is no longer supported or hosted by Amazon. Sadly, its + replacement, Kindle Previewer, has no Linux support. However, + there are other ways to generate MOBI files. See + the + discussion for more info. + + + + + The apacheKafka packages are now built with version-matched + JREs. Versions 2.6 and above, the ones that recommend it, use + jdk11, while versions below remain on jdk8. The NixOS service + has been adjusted to start the service using the same version + as the package, adjustable with the new + services.apache-kafka.jre + option. Furthermore, the default list of + services.apache-kafka.jvmOptions + have been removed. You should set your own according to the + upstream + documentation for your Kafka version. + + + + + The kodi package has been modified to allow concise addon + management. Consider the following configuration from previous + releases of NixOS to install kodi, including the + kodiPackages.inputstream-adaptive and kodiPackages.vfs-sftp + addons: + + +{ + environment.systemPackages = [ + pkgs.kodi + ]; + + nixpkgs.config.kodi = { + enableInputStreamAdaptive = true; + enableVFSSFTP = true; + }; +} + + + All Kodi config flags have been removed, + and as a result the above configuration should now be written + as: + + +{ + environment.systemPackages = [ + (pkgs.kodi.withPackages (p: with p; [ + inputstream-adaptive + vfs-sftp + ])) + ]; +} + + + + + environment.defaultPackages now includes + the nano package. If pkgs.nano is not added to the list, make + sure another editor is installed and the + EDITOR environment variable is set to it. + Environment variables can be set using + environment.variables. + + + + + services.minio.dataDir changed type to a + list of paths, required for specifiyng multiple data + directories for using with erasure coding. Currently, the + service doesn't enforce nor checks the correct number of paths + to correspond to minio requirements. + + + + + All CUDA toolkit versions prior to CUDA 10 have been removed. + + + + + The kbdKeymaps package was removed since dvp and neo are now + included in kbd. If you want to use the Programmer Dvorak + Keyboard Layout, you have to use + dvorak-programmer in + console.keyMap now instead of + dvp. In + services.xserver.xkbVariant it's still + dvp. + + + + + The babeld service is now being run as an unprivileged user. + To achieve that the module configures + skip-kernel-setup true and takes care of + setting forwarding and rp_filter sysctls by itself as well as + for each interface in + services.babeld.interfaces. + + + + + The services.zigbee2mqtt.config option has + been renamed to + services.zigbee2mqtt.settings and now + follows + RFC + 0042. + + + + + The yadm dotfile manager has been updated from 2.x to 3.x, which + has new (XDG) default locations for some data/state files. Most + yadm commands will fail and print a legacy path warning (which + describes how to upgrade/migrate your repository). If you have + scripts, daemons, scheduled jobs, shell profiles, etc. that invoke + yadm, expect them to fail or misbehave until you perform this + migration and prepare accordingly. + + + + + Instead of determining + services.radicale.package automatically + based on system.stateVersion, the latest + version is always used because old versions are not officially + supported. + + + Furthermore, Radicale's systemd unit was hardened which might + break some deployments. In particular, a non-default + filesystem_folder has to be added to + systemd.services.radicale.serviceConfig.ReadWritePaths + if the deprecated services.radicale.config + is used. + + + + + In the security.acme module, use of + --reuse-key parameter for Lego has been + removed. It was introduced for HKPK, but this security feature + is now deprecated. It is a better security practice to rotate + key pairs instead of always keeping the same. If you need to + keep this parameter, you can add it back using + extraLegoRenewFlags as an option for the + appropriate certificate. + + + +
+
+ Other Notable Changes + + + + stdenv.lib has been deprecated and will + break eval in 21.11. Please use pkgs.lib + instead. See + #108938 + for details. + + + + + GNURadio + has a pkgs attribute set, and there's a + gnuradio.callPackage function that extends + pkgs with a + mkDerivation, and a + mkDerivationWith, like Qt5. Now all + gnuradio.pkgs are defined with + gnuradio.callPackage and some packages that + depend on gnuradio are defined with this as well. + + + + + Privoxy has + been updated to version 3.0.32 (See + announcement). + Compared to the previous release, Privoxy has gained support + for HTTPS inspection (still experimental), Brotli + decompression, several new filters and lots of bug fixes, + including security ones. In addition, the package is now built + with compression and external filters support, which were + previously disabled. + + + Regarding the NixOS module, new options for HTTPS inspection + have been added and + services.privoxy.extraConfig has been + replaced by the new + services.privoxy.settings + (See + RFC + 0042 for the motivation). + + + + + Kodi has been + updated to version 19.1 "Matrix". See the + announcement + for further details. + + + + + The services.packagekit.backend option has + been removed as it only supported a single setting which would + always be the default. Instead new + RFC + 0042 compliant + services.packagekit.settings + and + services.packagekit.vendorSettings + options have been introduced. + + + + + Nginx has been + updated to stable version 1.20.0. Now nginx uses the zlib-ng + library by default. + + + + + KDE Gear (formerly KDE Applications) is upgraded to 21.04, see + its + release + notes for details. + + + The kdeApplications package set is now + kdeGear, in keeping with the new name. The + old name remains for compatibility, but it is deprecated. + + + + + Libreswan has + been updated to version 4.4. The package now includes example + configurations and manual pages by default. The NixOS module + has been changed to use the upstream systemd units and write + the configuration in the /etc/ipsec.d/ + directory. In addition, two new options have been added to + specify connection policies + (services.libreswan.policies) + and disable send/receive redirects + (services.libreswan.disableRedirects). + + + + + The Mailman NixOS module (services.mailman) + has a new option + services.mailman.enablePostfix, + defaulting to true, that controls integration with Postfix. + + + If this option is disabled, default MTA config becomes not set + and you should set the options in + services.mailman.settings.mta according to + the desired configuration as described in + Mailman + documentation. + + + + + The default-version of nextcloud is + nextcloud21. Please note that it's not + possible to upgrade nextcloud across + multiple major versions! This means that it's e.g. not + possible to upgrade from nextcloud18 to nextcloud20 in a + single deploy and most 20.09 users will + have to upgrade to nextcloud20 first. + + + The package can be manually upgraded by setting + services.nextcloud.package + to nextcloud21. + + + + + The setting + services.redis.bind + defaults to 127.0.0.1 now, making Redis + listen on the loopback interface only, and not all public + network interfaces. + + + + + NixOS now emits a deprecation warning if systemd's + StartLimitInterval setting is used in a + serviceConfig section instead of in a + unitConfig; that setting is deprecated and + now undocumented for the service section by systemd upstream, + but still effective and somewhat buggy there, which can be + confusing. See + #45785 + for details. + + + All services should use + systemd.services.name.startLimitIntervalSec + or StartLimitIntervalSec in + systemd.services.name.unitConfig + instead. + + + + + The mediatomb service declares new options. + It also adapts existing options so the configuration + generation is now lazy. The existing option + customCfg (defaults to false), when + enabled, stops the service configuration generation + completely. It then expects the users to provide their own + correct configuration at the right location (whereas the + configuration was generated and not used at all before). The + new option transcodingOption (defaults to + no) allows a generated configuration. It makes the mediatomb + service pulls the necessary runtime dependencies in the nix + store (whereas it was generated with hardcoded values before). + The new option mediaDirectories allows the + users to declare autoscan media directories from their nixos + configuration: + + +{ + services.mediatomb.mediaDirectories = [ + { path = "/var/lib/mediatomb/pictures"; recursive = false; hidden-files = false; } + { path = "/var/lib/mediatomb/audio"; recursive = true; hidden-files = false; } + ]; +} + + + + + The Unbound DNS resolver service + (services.unbound) has been refactored to + allow reloading, control sockets and to fix startup ordering + issues. + + + It is now possible to enable a local UNIX control socket for + unbound by setting the + services.unbound.localControlSocketPath + option. + + + Previously we just applied a very minimal set of restrictions + and trusted unbound to properly drop root privs and + capabilities. + + + As of this we are (for the most part) just using the upstream + example unit file for unbound. The main difference is that we + start unbound as unbound user with the + required capabilities instead of letting unbound do the chroot + & uid/gid changes. + + + The upstream unit configuration this is based on is a lot + stricter with all kinds of permissions then our previous + variant. It also came with the default of having the + Type set to notify, + therefore we are now also using the + unbound-with-systemd package here. Unbound + will start up, read the configuration files and start + listening on the configured ports before systemd will declare + the unit active (running). This will likely + help with startup order and the occasional race condition + during system activation where the DNS service is started but + not yet ready to answer queries. Services depending on + nss-lookup.target or + unbound.service are now be able to use + unbound when those targets have been reached. + + + Additionally to the much stricter runtime environment the + /dev/urandom mount lines we previously had + in the code (that randomly failed during the stop-phase) have + been removed as systemd will take care of those for us. + + + The preStart script is now only required if + we enabled the trust anchor updates (which are still enabled + by default). + + + Another benefit of the refactoring is that we can now issue + reloads via either pkill -HUP unbound and + systemctl reload unbound to reload the + running configuration without taking the daemon offline. A + prerequisite of this was that unbound configuration is + available on a well known path on the file system. We are + using the path /etc/unbound/unbound.conf as + that is the default in the CLI tooling which in turn enables + us to use unbound-control without passing a + custom configuration location. + + + The module has also been reworked to be + RFC + 0042 compliant. As such, + sevices.unbound.extraConfig has been + removed and replaced by + services.unbound.settings. + services.unbound.interfaces has been + renamed to + services.unbound.settings.server.interface. + + + services.unbound.forwardAddresses and + services.unbound.allowedAccess have also + been changed to use the new settings interface. You can follow + the instructions when executing + nixos-rebuild to upgrade your configuration + to use the new interface. + + + + + The services.dnscrypt-proxy2 module now + takes the upstream's example configuration and updates it with + the user's settings. An option has been added to restore the + old behaviour if you prefer to declare the configuration from + scratch. + + + + + NixOS now defaults to the unified cgroup hierarchy + (cgroupsv2). See the + Fedora + Article for 31 for details on why this is desirable, + and how it impacts containers. + + + If you want to run containers with a runtime that does not yet + support cgroupsv2, you can switch back to the old behaviour by + setting + systemd.enableUnifiedCgroupHierarchy + = false; and rebooting. + + + + + PulseAudio was upgraded to 14.0, with changes to the handling + of default sinks. See its + release + notes. + + + + + GNOME users may wish to delete their + ~/.config/pulse due to the changes to + stream routing logic. See + PulseAudio + bug 832 for more information. + + + + + The zookeeper package does not provide + zooInspector.sh anymore, as that + "contrib" has been dropped from upstream releases. + + + + + In the ACME module, the data used to build the hash for the + account directory has changed to accomodate new features to + reduce account rate limit issues. This will trigger new + account creation on the first rebuild following this update. + No issues are expected to arise from this, thanks to the new + account creation handling. + + + + + users.users.name.createHome + now always ensures home directory permissions to be + 0700. Permissions had previously been + ignored for already existing home directories, possibly + leaving them readable by others. The option's description was + incorrect regarding ownership management and has been + simplified greatly. + + + + + When defining a new user, one of + users.users.name.isNormalUser + and + users.users.name.isSystemUser + is now required. This is to prevent accidentally giving a UID + above 1000 to system users, which could have unexpected + consequences, like running user activation scripts for system + users. Note that users defined with an explicit UID below 500 + are exempted from this check, as + users.users.name.isSystemUser + has no effect for those. + + + + + The security.apparmor module, for the + AppArmor + Mandatory Access Control system, has been substantialy + improved along with related tools, so that module maintainers + can now more easily write AppArmor profiles for NixOS. The + most notable change on the user-side is the new option + security.apparmor.policies, + replacing the previous profiles option to + provide a way to disable a profile and to select whether to + confine in enforce mode (default) or in complain mode (see + journalctl -b --grep apparmor). + Security-minded users may also want to enable + security.apparmor.killUnconfinedConfinables, + at the cost of having some of their processes killed when + updating to a NixOS version introducing new AppArmor profiles. + + + + + The GNOME desktop manager once again installs gnome.epiphany + by default. + + + + + NixOS now generates empty /etc/netgroup. + /etc/netgroup defines network-wide groups + and may affect to setups using NIS. + + + + + Platforms, like stdenv.hostPlatform, no + longer have a platform attribute. It has + been (mostly) flattened away: + + + + + platform.gcc is now + gcc + + + + + platform.kernel* is now + linux-kernel.* + + + + + Additionally, platform.kernelArch moved to + the top level as linuxArch to match the + other *Arch variables. + + + The platform grouping of these things never + meant anything, and was just a historial/implementation + artifact that was overdue removal. + + + + + services.restic now uses a dedicated cache + directory for every backup defined in + services.restic.backups. The old global + cache directory, /root/.cache/restic, is + now unused and can be removed to free up disk space. + + + + + isync: The isync + compatibility wrapper was removed and the Master/Slave + terminology has been deprecated and should be replaced with + Far/Near in the configuration file. + + + + + The nix-gc service now accepts randomizedDelaySec (default: 0) + and persistent (default: true) parameters. By default nix-gc + will now run immediately if it would have been triggered at + least once during the time when the timer was inactive. + + + + + The rustPlatform.buildRustPackage function + is split into several hooks: cargoSetupHook to set up + vendoring for Cargo-based projects, cargoBuildHook to build a + project using Cargo, cargoInstallHook to install a project + using Cargo, and cargoCheckHook to run tests in Cargo-based + projects. With this change, mixed-language projects can use + the relevant hooks within builders other than + buildRustPackage. However, these changes + also required several API changes to + buildRustPackage itself: + + + + + The target argument was removed. + Instead, buildRustPackage will always + use the same target as the C/C++ compiler that is used. + + + + + The cargoParallelTestThreads argument + was removed. Parallel tests are now disabled through + dontUseCargoParallelTests. + + + + + + + The rustPlatform.maturinBuildHook hook was + added. This hook can be used with + buildPythonPackage to build Python packages + that are written in Rust and use Maturin as their build tool. + + + + + Kubernetes has + deprecated + docker as container runtime. As a consequence, the + Kubernetes module now has support for configuration of custom + remote container runtimes and enables containerd by default. + Note that containerd is more strict regarding container image + OCI-compliance. As an example, images with CMD or ENTRYPOINT + defined as strings (not lists) will fail on containerd, while + working fine on docker. Please test your setup and container + images with containerd prior to upgrading. + + + + + The GitLab module now has support for automatic backups. A + schedule can be set with the + services.gitlab.backup.startAt + option. + + + + + Prior to this release, systemd would also read system units + from an undocumented + /etc/systemd-mutable/system path. This path + has been dropped from the defaults. That path (or others) can + be re-enabled by adding it to the + boot.extraSystemdUnitPaths + list. + + + + + PostgreSQL 9.5 is scheduled EOL during the 21.05 life cycle + and has been removed. + + + + + Xfce4 relies + on GIO/GVfs for userspace virtual filesystem access in + applications like + thunar + and + gigolo. + For that to work, the gvfs nixos service is enabled by + default, and it can be configured with the specific package + that provides GVfs. Until now Xfce4 was setting it to use a + lighter version of GVfs (without support for samba). To avoid + conflicts with other desktop environments this setting has + been dropped. Users that still want it should add the + following to their system configuration: + + +{ + services.gvfs.package = pkgs.gvfs.override { samba = null; }; +} + + + + + The newly enabled systemd-pstore.service + now automatically evacuates crashdumps and panic logs from the + persistent storage to + /var/lib/systemd/pstore. This prevents + NVRAM from filling up, which ensures the latest diagnostic + data is always stored and alleviates problems with writing new + boot configurations. + + + + + Nixpkgs now contains + automatically + packaged GNOME Shell extensions from the + GNOME + Extensions portal. You can find them, filed by their + UUID, under gnome38Extensions attribute for + GNOME 3.38 and under gnome40Extensions for + GNOME 40. Finally, the gnomeExtensions + attribute contains extensions for the latest GNOME Shell + version in Nixpkgs, listed under a more human-friendly name. + The unqualified attribute scope also contains manually + packaged extensions. Note that the automatically packaged + extensions are provided for convenience and are not checked or + guaranteed to work. + + + + + Erlang/OTP versions older than R21 got dropped. We also + dropped the cuter package, as it was purely an example of how + to build a package. We also dropped lfe_1_2 + as it could not build with R21+. Moving forward, we expect to + only support 3 yearly releases of OTP. + + + +
+
diff --git a/nixos/doc/manual/release-notes/release-notes.xml b/nixos/doc/manual/release-notes/release-notes.xml index e083d51406c..3694701e733 100644 --- a/nixos/doc/manual/release-notes/release-notes.xml +++ b/nixos/doc/manual/release-notes/release-notes.xml @@ -8,7 +8,7 @@ This section lists the release notes for each stable version of NixOS and current unstable revision. - + diff --git a/nixos/doc/manual/release-notes/rl-2105.section.md b/nixos/doc/manual/release-notes/rl-2105.section.md new file mode 100644 index 00000000000..e4565b8ca60 --- /dev/null +++ b/nixos/doc/manual/release-notes/rl-2105.section.md @@ -0,0 +1,428 @@ +# Release 21.05 ("Okapi", 2021.05/31) {#sec-release-21.05} + +Support is planned until the end of December 2021, handing over to 21.11. + +## Highlights {#sec-release-21.05-highlights} + +In addition to numerous new and upgraded packages, this release has the following highlights: + +- Core version changes: + + - gcc: 9.3.0 -\> 10.3.0 + + - glibc: 2.30 -\> 2.32 + + - default linux: 5.4 -\> 5.10, all supported kernels available + + - mesa: 20.1.7 -\> 21.0.1 + +- Desktop Environments: + + - GNOME: 3.36 -\> 40, see its [release notes](https://help.gnome.org/misc/release-notes/40.0/) + + - Plasma5: 5.18.5 -\> 5.21.3 + + - kdeApplications: 20.08.1 -\> 20.12.3 + + - cinnamon: 4.6 -\> 4.8.1 + +- Programming Languages and Frameworks: + + - Python optimizations were disabled again. Builds with optimizations enabled are not reproducible. Optimizations can now be enabled with an option. + +- The linux_latest kernel was updated to the 5.12 series. It currently is not officially supported for use with the zfs filesystem. If you use zfs, you should use a different kernel version (either the LTS kernel, or track a specific one). + +## New Services {#sec-release-21.05-new-services} + +The following new services were added since the last release: + +- [GNURadio](https://www.gnuradio.org/) 3.8 was [finally](https://github.com/NixOS/nixpkgs/issues/82263) packaged, along with a rewrite to the Nix expressions, allowing users to override the features upstream supports selecting to compile or not to. Additionally, the attribute `gnuradio` and `gnuradio3_7` now point to an externally wrapped by default derivations, that allow you to also add \`extraPythonPackages\` to the Python interpreter used by GNURadio. Missing environmental variables needed for operational GUI were also added ([\#75478](https://github.com/NixOS/nixpkgs/issues/75478)). + +- [Keycloak](https://www.keycloak.org/), an open source identity and access management server with support for [OpenID Connect](https://openid.net/connect/), [OAUTH 2.0](https://oauth.net/2/) and [SAML 2.0](https://en.wikipedia.org/wiki/SAML_2.0). + + See the [Keycloak section of the NixOS manual](#module-services-keycloak) for more information. + +- [services.samba-wsdd.enable](options.html#opt-services.samba-wsdd.enable) Web Services Dynamic Discovery host daemon + +- [Discourse](https://www.discourse.org/), a modern and open source discussion platform. + + See the [Discourse section of the NixOS manual](#module-services-discourse) for more information. + +- [services.nebula.networks](options.html#opt-services.nebula.networks) [Nebula VPN](https://github.com/slackhq/nebula) + +## Backward Incompatibilities {#sec-release-21.05-incompatibilities} + +When upgrading from a previous release, please be aware of the following incompatible changes: + +- GNOME desktop environment was upgraded to 40, see the release notes for [40.0](https://help.gnome.org/misc/release-notes/40.0/) and [3.38](https://help.gnome.org/misc/release-notes/3.38/). The `gnome3` attribute set has been renamed to `gnome` and so have been the NixOS options. + +- If you are using `services.udev.extraRules` to assign custom names to network interfaces, this may stop working due to a change in the initialisation of dhcpcd and systemd networkd. To avoid this, either move them to `services.udev.initrdRules` or see the new [Assigning custom names](#sec-custom-ifnames) section of the NixOS manual for an example using networkd links. + +- The `security.hideProcessInformation` module has been removed. It was broken since the switch to cgroups-v2. + +- The `linuxPackages.ati_drivers_x11` kernel modules have been removed. The drivers only supported kernels prior to 4.2, and thus have become obsolete. + +- The `systemConfig` kernel parameter is no longer added to boot loader entries. It has been unused since September 2010, but if do have a system generation from that era, you will now be unable to boot into them. + +- `systemd-journal2gelf` no longer parses json and expects the receiving system to handle it. How to achieve this with Graylog is described in this [GitHub issue](https://github.com/parse-nl/SystemdJournal2Gelf/issues/10). + +- If the `services.dbus` module is enabled, then the user D-Bus session is now always socket activated. The associated options `services.dbus.socketActivated` and `services.xserver.startDbusSession` have therefore been removed and you will receive a warning if they are present in your configuration. This change makes the user D-Bus session available also for non-graphical logins. + +- The `networking.wireless.iwd` module now installs the upstream-provided 80-iwd.link file, which sets the NamePolicy= for all wlan devices to \"keep kernel\", to avoid race conditions between iwd and networkd. If you don\'t want this, you can set `systemd.network.links."80-iwd" = lib.mkForce {}`. + +- `rubyMinimal` was removed due to being unused and unusable. The default ruby interpreter includes JIT support, which makes it reference it\'s compiler. Since JIT support is probably needed by some Gems, it was decided to enable this feature with all cc references by default, and allow to build a Ruby derivation without references to cc, by setting `jitSupport = false;` in an overlay. See [\#90151](https://github.com/NixOS/nixpkgs/pull/90151) for more info. + +- Setting `services.openssh.authorizedKeysFiles` now also affects which keys `security.pam.enableSSHAgentAuth` will use. WARNING: If you are using these options in combination do make sure that any key paths you use are present in `services.openssh.authorizedKeysFiles`! + +- The option `fonts.enableFontDir` has been renamed to [fonts.fontDir.enable](options.html#opt-fonts.fontDir.enable). The path of font directory has also been changed to `/run/current-system/sw/share/X11/fonts`, for consistency with other X11 resources. + +- A number of options have been renamed in the kicad interface. `oceSupport` has been renamed to `withOCE`, `withOCCT` has been renamed to `withOCC`, `ngspiceSupport` has been renamed to `withNgspice`, and `scriptingSupport` has been renamed to `withScripting`. Additionally, `kicad/base.nix` no longer provides default argument values since these are provided by `kicad/default.nix`. + +- The socket for the `pdns-recursor` module was moved from `/var/lib/pdns-recursor` to `/run/pdns-recursor` to match upstream. + +- Paperwork was updated to version 2. The on-disk format slightly changed, and it is not possible to downgrade from Paperwork 2 back to Paperwork 1.3. Back your documents up before upgrading. See [this thread](https://forum.openpaper.work/t/paperwork-2-0/112/5) for more details. + +- PowerDNS has been updated from `4.2.x` to `4.3.x`. Please be sure to review the [Upgrade Notes](https://doc.powerdns.com/authoritative/upgrading.html#x-to-4-3-0) provided by upstream before upgrading. Worth specifically noting is that the service now runs entirely as a dedicated `pdns` user, instead of starting as `root` and dropping privileges, as well as the default `socket-dir` location changing from `/var/lib/powerdns` to `/run/pdns`. + +- The `mediatomb` service is now using by default the new and maintained fork `gerbera` package instead of the unmaintained `mediatomb` package. If you want to keep the old behavior, you must declare it with: + + ```nix + { + services.mediatomb.package = pkgs.mediatomb; + } + ``` + + One new option `openFirewall` has been introduced which defaults to false. If you relied on the service declaration to add the firewall rules itself before, you should now declare it with: + + ```nix + { + services.mediatomb.openFirewall = true; + } + ``` + +- xfsprogs was update from 4.19 to 5.11. It now enables reflink support by default on filesystem creation. Support for reflinks was added with an experimental status to kernel 4.9 and deemed stable in kernel 4.16. If you want to be able to mount XFS filesystems created with this release of xfsprogs on kernel releases older than those, you need to format them with `mkfs.xfs -m reflink=0`. + +- The uWSGI server is now built with POSIX capabilities. As a consequence, root is no longer required in emperor mode and the service defaults to running as the unprivileged `uwsgi` user. Any additional capability can be added via the new option [services.uwsgi.capabilities](options.html#opt-services.uwsgi.capabilities). The previous behaviour can be restored by setting: + + ```nix + { + services.uwsgi.user = "root"; + services.uwsgi.group = "root"; + services.uwsgi.instance = + { + uid = "uwsgi"; + gid = "uwsgi"; + }; + } + ``` + + Another incompatibility from the previous release is that vassals running under a different user or group need to use `immediate-{uid,gid}` instead of the usual `uid,gid` options. + +- btc1 has been abandoned upstream, and removed. + +- cpp_ethereum (aleth) has been abandoned upstream, and removed. + +- riak-cs package removed along with `services.riak-cs` module. + +- stanchion package removed along with `services.stanchion` module. + +- mutt has been updated to a new major version (2.x), which comes with some backward incompatible changes that are described in the [release notes for Mutt 2.0](http://www.mutt.org/relnotes/2.0/). + +- `vim` and `neovim` switched to Python 3, dropping all Python 2 support. + +- [networking.wireguard.interfaces.\.generatePrivateKeyFile](options.html#opt-networking.wireguard.interfaces), which is off by default, had a `chmod` race condition fixed. As an aside, the parent directory\'s permissions were widened, and the key files were made owner-writable. This only affects newly created keys. However, if the exact permissions are important for your setup, read [\#121294](https://github.com/NixOS/nixpkgs/pull/121294). + +- [boot.zfs.forceImportAll](options.html#opt-boot.zfs.forceImportAll) previously did nothing, but has been fixed. However its default has been changed to `false` to preserve the existing default behaviour. If you have this explicitly set to `true`, please note that your non-root pools will now be forcibly imported. + +- openafs now points to openafs_1_8, which is the new stable release. OpenAFS 1.6 was removed. + +- The WireGuard module gained a new option `networking.wireguard.interfaces..peers.*.dynamicEndpointRefreshSeconds` that implements refreshing the IP of DNS-based endpoints periodically (which WireGuard itself [cannot do](https://lists.zx2c4.com/pipermail/wireguard/2017-November/002028.html)). + +- MariaDB has been updated to 10.5. Before you upgrade, it would be best to take a backup of your database and read [ Incompatible Changes Between 10.4 and 10.5](https://mariadb.com/kb/en/upgrading-from-mariadb-104-to-mariadb-105/#incompatible-changes-between-104-and-105). After the upgrade you will need to run `mysql_upgrade`. + +- The TokuDB storage engine dropped in mariadb 10.5 and removed in mariadb 10.6. It is recommended to switch to RocksDB. See also [TokuDB](https://mariadb.com/kb/en/tokudb/) and [MDEV-19780: Remove the TokuDB storage engine](https://jira.mariadb.org/browse/MDEV-19780). + +- The `openldap` module now has support for OLC-style configuration, users of the `configDir` option may wish to migrate. If you continue to use `configDir`, ensure that `olcPidFile` is set to `/run/slapd/slapd.pid`. + + As a result, `extraConfig` and `extraDatabaseConfig` are removed. To help with migration, you can convert your `slapd.conf` file to OLC configuration with the following script (find the location of this configuration file by running `systemctl status openldap`, it is the `-f` option. + + ```ShellSession + $ TMPDIR=$(mktemp -d) + $ slaptest -f /path/to/slapd.conf -F $TMPDIR + $ slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))' + ``` + + This will dump your current configuration in LDIF format, which should be straightforward to convert into Nix settings. This does not show your schema configuration, as this is unnecessarily verbose for users of the default schemas and `slaptest` is buggy with schemas directly in the config file. + +- Amazon EC2 and OpenStack Compute (nova) images now re-fetch instance meta data and user data from the instance metadata service (IMDS) on each boot. For example: stopping an EC2 instance, changing its user data, and restarting the instance will now cause it to fetch and apply the new user data. + + ::: {.warning} + Specifically, `/etc/ec2-metadata` is re-populated on each boot. Some NixOS scripts that read from this directory are guarded to only run if the files they want to manipulate do not already exist, and so will not re-apply their changes if the IMDS response changes. Examples: `root`\'s SSH key is only added if `/root/.ssh/authorized_keys` does not exist, and SSH host keys are only set from user data if they do not exist in `/etc/ssh`. + ::: + +- The `rspamd` services is now sandboxed. It is run as a dynamic user instead of root, so secrets and other files may have to be moved or their permissions may have to be fixed. The sockets are now located in `/run/rspamd` instead of `/run`. + +- Enabling the Tor client no longer silently also enables and configures Privoxy, and the `services.tor.client.privoxy.enable` option has been removed. To enable Privoxy, and to configure it to use Tor\'s faster port, use the following configuration: + + ```nix + { + opt-services.privoxy.enable = true; + opt-services.privoxy.enableTor = true; + } + ``` + +- The `services.tor` module has a new exhaustively typed [services.tor.settings](options.html#opt-services.tor.settings) option following RFC 0042; backward compatibility with old options has been preserved when aliasing was possible. The corresponding systemd service has been hardened, but there is a chance that the service still requires more permissions, so please report any related trouble on the bugtracker. Onion services v3 are now supported in [services.tor.relay.onionServices](options.html#opt-services.tor.relay.onionServices). A new [services.tor.openFirewall](options.html#opt-services.tor.openFirewall) option as been introduced for allowing connections on all the TCP ports configured. + +- The options `services.slurm.dbdserver.storagePass` and `services.slurm.dbdserver.configFile` have been removed. Use `services.slurm.dbdserver.storagePassFile` instead to provide the database password. Extra config options can be given via the option `services.slurm.dbdserver.extraConfig`. The actual configuration file is created on the fly on startup of the service. This avoids that the password gets exposed in the nix store. + +- The `wafHook` hook does not wrap Python anymore. Packages depending on `wafHook` need to include any Python into their `nativeBuildInputs`. + +- Starting with version 1.7.0, the project formerly named `CodiMD` is now named `HedgeDoc`. New installations will no longer use the old name for users, state directories and such, this needs to be considered when moving state to a more recent NixOS installation. Based on [system.stateVersion](options.html#opt-system.stateVersion), existing installations will continue to work. + +- The fish-foreign-env package has been replaced with fishPlugins.foreign-env, in which the fish functions have been relocated to the `vendor_functions.d` directory to be loaded automatically. + +- The prometheus json exporter is now managed by the prometheus community. Together with additional features some backwards incompatibilities were introduced. Most importantly the exporter no longer accepts a fixed command-line parameter to specify the URL of the endpoint serving JSON. It now expects this URL to be passed as an URL parameter, when scraping the exporter\'s `/probe` endpoint. In the prometheus scrape configuration the scrape target might look like this: + + ``` + http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/endpoint + ``` + + Existing configuration for the exporter needs to be updated, but can partially be re-used. Documentation is available in the upstream repository and a small example for NixOS is available in the corresponding NixOS test. + + These changes also affect [services.prometheus.exporters.rspamd.enable](options.html#opt-services.prometheus.exporters.rspamd.enable), which is just a preconfigured instance of the json exporter. + + For more information, take a look at the [ official documentation](https://github.com/prometheus-community/json_exporter) of the json_exporter. + +- Androidenv was updated, removing the `includeDocs` and `lldbVersions` arguments. Docs only covered a single version of the Android SDK, LLDB is now bundled with the NDK, and both are no longer available to download from the Android package repositories. Additionally, since the package lists have been updated, some older versions of Android packages may not be bundled. If you depend on older versions of Android packages, we recommend overriding the repo. + + Android packages are now loaded from a repo.json file created by parsing Android repo XML files. The arguments `repoJson` and `repoXmls` have been added to allow overriding the built-in androidenv repo.json with your own. Additionally, license files are now written to allow compatibility with Gradle-based tools, and the `extraLicenses` argument has been added to accept more SDK licenses if your project requires it. See the androidenv documentation for more details. + +- The attribute `mpi` is now consistently used to provide a default, system-wide MPI implementation. The default implementation is openmpi, which has been used before by all derivations affects by this change. Note that all packages that have used `mpi ? null` in the input for optional MPI builds, have been changed to the boolean input paramater `useMpi` to enable building with MPI. Building all packages with `mpich` instead of the default `openmpi` can now be achived like this: + + ```nix + self: super: + { + mpi = super.mpich; + } + ``` + +- The Searx module has been updated with the ability to configure the service declaratively and uWSGI integration. The option `services.searx.configFile` has been renamed to [services.searx.settingsFile](options.html#opt-services.searx.settingsFile) for consistency with the new [services.searx.settings](options.html#opt-services.searx.settings). In addition, the `searx` uid and gid reservations have been removed since they were not necessary: the service is now running with a dynamically allocated uid. + +- The libinput module has been updated with the ability to configure mouse and touchpad settings separately. The options in `services.xserver.libinput` have been renamed to `services.xserver.libinput.touchpad`, while there is a new `services.xserver.libinput.mouse` for mouse related configuration. + + Since touchpad options no longer apply to all devices, you may want to replicate your touchpad configuration in mouse section. + +- ALSA OSS emulation (`sound.enableOSSEmulation`) is now disabled by default. + +- Thinkfan as been updated to `1.2.x`, which comes with a new YAML based configuration format. For this reason, several NixOS options of the thinkfan module have been changed to non-backward compatible types. In addition, a new [services.thinkfan.settings](options.html#opt-services.thinkfan.settings) option has been added. + + Please read the [ thinkfan documentation](https://github.com/vmatare/thinkfan#readme) before updating. + +- Adobe Flash Player support has been dropped from the tree. In particular, the following packages no longer support it: + + - chromium + + - firefox + + - qt48 + + - qt5.qtwebkit + + Additionally, packages flashplayer and hal-flash were removed along with the `services.flashpolicyd` module. + +- The `security.rngd` module has been removed. It was disabled by default in 20.09 as it was functionally redundant with krngd in the linux kernel. It is not necessary for any device that the kernel recognises as an hardware RNG, as it will automatically run the krngd task to periodically collect random data from the device and mix it into the kernel\'s RNG. + + The default SMTP port for GitLab has been changed to `25` from its previous default of `465`. If you depended on this default, you should now set the [services.gitlab.smtp.port](options.html#opt-services.gitlab.smtp.port) option. + +- The default version of ImageMagick has been updated from 6 to 7. You can use imagemagick6, imagemagick6_light, and imagemagick6Big if you need the older version. + +- [services.xserver.videoDrivers](options.html#opt-services.xserver.videoDrivers) no longer uses the deprecated `cirrus` and `vesa` device dependent X drivers by default. It also enables both `amdgpu` and `nouveau` drivers by default now. + +- The `kindlegen` package is gone, because it is no longer supported or hosted by Amazon. Sadly, its replacement, Kindle Previewer, has no Linux support. However, there are other ways to generate MOBI files. See [the discussion](https://github.com/NixOS/nixpkgs/issues/96439) for more info. + +- The apacheKafka packages are now built with version-matched JREs. Versions 2.6 and above, the ones that recommend it, use jdk11, while versions below remain on jdk8. The NixOS service has been adjusted to start the service using the same version as the package, adjustable with the new [services.apache-kafka.jre](options.html#opt-services.apache-kafka.jre) option. Furthermore, the default list of [services.apache-kafka.jvmOptions](options.html#opt-services.apache-kafka.jvmOptions) have been removed. You should set your own according to the [upstream documentation](https://kafka.apache.org/documentation/#java) for your Kafka version. + +- The kodi package has been modified to allow concise addon management. Consider the following configuration from previous releases of NixOS to install kodi, including the kodiPackages.inputstream-adaptive and kodiPackages.vfs-sftp addons: + + ```nix + { + environment.systemPackages = [ + pkgs.kodi + ]; + + nixpkgs.config.kodi = { + enableInputStreamAdaptive = true; + enableVFSSFTP = true; + }; + } + ``` + + All Kodi `config` flags have been removed, and as a result the above configuration should now be written as: + + ```nix + { + environment.systemPackages = [ + (pkgs.kodi.withPackages (p: with p; [ + inputstream-adaptive + vfs-sftp + ])) + ]; + } + ``` + +- `environment.defaultPackages` now includes the nano package. If pkgs.nano is not added to the list, make sure another editor is installed and the `EDITOR` environment variable is set to it. Environment variables can be set using `environment.variables`. + +- `services.minio.dataDir` changed type to a list of paths, required for specifiyng multiple data directories for using with erasure coding. Currently, the service doesn\'t enforce nor checks the correct number of paths to correspond to minio requirements. + +- All CUDA toolkit versions prior to CUDA 10 have been removed. + +- The kbdKeymaps package was removed since dvp and neo are now included in kbd. If you want to use the Programmer Dvorak Keyboard Layout, you have to use `dvorak-programmer` in `console.keyMap` now instead of `dvp`. In `services.xserver.xkbVariant` it\'s still `dvp`. + +- The babeld service is now being run as an unprivileged user. To achieve that the module configures `skip-kernel-setup true` and takes care of setting forwarding and rp_filter sysctls by itself as well as for each interface in `services.babeld.interfaces`. + +- The `services.zigbee2mqtt.config` option has been renamed to `services.zigbee2mqtt.settings` and now follows [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md). + + The yadm dotfile manager has been updated from 2.x to 3.x, which has new (XDG) default locations for some data/state files. Most yadm commands will fail and print a legacy path warning (which describes how to upgrade/migrate your repository). If you have scripts, daemons, scheduled jobs, shell profiles, etc. that invoke yadm, expect them to fail or misbehave until you perform this migration and prepare accordingly. + +- Instead of determining `services.radicale.package` automatically based on `system.stateVersion`, the latest version is always used because old versions are not officially supported. + + Furthermore, Radicale\'s systemd unit was hardened which might break some deployments. In particular, a non-default `filesystem_folder` has to be added to `systemd.services.radicale.serviceConfig.ReadWritePaths` if the deprecated `services.radicale.config` is used. + +- In the `security.acme` module, use of `--reuse-key` parameter for Lego has been removed. It was introduced for HKPK, but this security feature is now deprecated. It is a better security practice to rotate key pairs instead of always keeping the same. If you need to keep this parameter, you can add it back using `extraLegoRenewFlags` as an option for the appropriate certificate. + +## Other Notable Changes {#sec-release-21.05-notable-changes} + +- `stdenv.lib` has been deprecated and will break eval in 21.11. Please use `pkgs.lib` instead. See [\#108938](https://github.com/NixOS/nixpkgs/issues/108938) for details. + +- [GNURadio](https://www.gnuradio.org/) has a `pkgs` attribute set, and there\'s a `gnuradio.callPackage` function that extends `pkgs` with a `mkDerivation`, and a `mkDerivationWith`, like Qt5. Now all `gnuradio.pkgs` are defined with `gnuradio.callPackage` and some packages that depend on gnuradio are defined with this as well. + +- [Privoxy](https://www.privoxy.org/) has been updated to version 3.0.32 (See [announcement](https://lists.privoxy.org/pipermail/privoxy-announce/2021-February/000007.html)). Compared to the previous release, Privoxy has gained support for HTTPS inspection (still experimental), Brotli decompression, several new filters and lots of bug fixes, including security ones. In addition, the package is now built with compression and external filters support, which were previously disabled. + + Regarding the NixOS module, new options for HTTPS inspection have been added and `services.privoxy.extraConfig` has been replaced by the new [services.privoxy.settings](options.html#opt-services.privoxy.settings) (See [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) for the motivation). + +- [Kodi](https://kodi.tv/) has been updated to version 19.1 \"Matrix\". See the [announcement](https://kodi.tv/article/kodi-190-matrix-release) for further details. + +- The `services.packagekit.backend` option has been removed as it only supported a single setting which would always be the default. Instead new [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) compliant [services.packagekit.settings](options.html#opt-services.packagekit.settings) and [services.packagekit.vendorSettings](options.html#opt-services.packagekit.vendorSettings) options have been introduced. + +- [Nginx](https://nginx.org) has been updated to stable version 1.20.0. Now nginx uses the zlib-ng library by default. + +- KDE Gear (formerly KDE Applications) is upgraded to 21.04, see its [release notes](https://kde.org/announcements/gear/21.04/) for details. + + The `kdeApplications` package set is now `kdeGear`, in keeping with the new name. The old name remains for compatibility, but it is deprecated. + +- [Libreswan](https://libreswan.org/) has been updated to version 4.4. The package now includes example configurations and manual pages by default. The NixOS module has been changed to use the upstream systemd units and write the configuration in the `/etc/ipsec.d/ ` directory. In addition, two new options have been added to specify connection policies ([services.libreswan.policies](options.html#opt-services.libreswan.policies)) and disable send/receive redirects ([services.libreswan.disableRedirects](options.html#opt-services.libreswan.disableRedirects)). + +- The Mailman NixOS module (`services.mailman`) has a new option [services.mailman.enablePostfix](options.html#opt-services.mailman.enablePostfix), defaulting to true, that controls integration with Postfix. + + If this option is disabled, default MTA config becomes not set and you should set the options in `services.mailman.settings.mta` according to the desired configuration as described in [Mailman documentation](https://mailman.readthedocs.io/en/latest/src/mailman/docs/mta.html). + +- The default-version of `nextcloud` is nextcloud21. Please note that it\'s _not_ possible to upgrade `nextcloud` across multiple major versions! This means that it\'s e.g. not possible to upgrade from nextcloud18 to nextcloud20 in a single deploy and most `20.09` users will have to upgrade to nextcloud20 first. + + The package can be manually upgraded by setting [services.nextcloud.package](options.html#opt-services.nextcloud.package) to nextcloud21. + +- The setting [services.redis.bind](options.html#opt-services.redis.bind) defaults to `127.0.0.1` now, making Redis listen on the loopback interface only, and not all public network interfaces. + +- NixOS now emits a deprecation warning if systemd\'s `StartLimitInterval` setting is used in a `serviceConfig` section instead of in a `unitConfig`; that setting is deprecated and now undocumented for the service section by systemd upstream, but still effective and somewhat buggy there, which can be confusing. See [\#45785](https://github.com/NixOS/nixpkgs/issues/45785) for details. + + All services should use [systemd.services._name_.startLimitIntervalSec](options.html#opt-systemd.services._name_.startLimitIntervalSec) or `StartLimitIntervalSec` in [systemd.services._name_.unitConfig](options.html#opt-systemd.services._name_.unitConfig) instead. + +- The `mediatomb` service declares new options. It also adapts existing options so the configuration generation is now lazy. The existing option `customCfg` (defaults to false), when enabled, stops the service configuration generation completely. It then expects the users to provide their own correct configuration at the right location (whereas the configuration was generated and not used at all before). The new option `transcodingOption` (defaults to no) allows a generated configuration. It makes the mediatomb service pulls the necessary runtime dependencies in the nix store (whereas it was generated with hardcoded values before). The new option `mediaDirectories` allows the users to declare autoscan media directories from their nixos configuration: + + ```nix + { + services.mediatomb.mediaDirectories = [ + { path = "/var/lib/mediatomb/pictures"; recursive = false; hidden-files = false; } + { path = "/var/lib/mediatomb/audio"; recursive = true; hidden-files = false; } + ]; + } + ``` + +- The Unbound DNS resolver service (`services.unbound`) has been refactored to allow reloading, control sockets and to fix startup ordering issues. + + It is now possible to enable a local UNIX control socket for unbound by setting the [services.unbound.localControlSocketPath](options.html#opt-services.unbound.localControlSocketPath) option. + + Previously we just applied a very minimal set of restrictions and trusted unbound to properly drop root privs and capabilities. + + As of this we are (for the most part) just using the upstream example unit file for unbound. The main difference is that we start unbound as `unbound` user with the required capabilities instead of letting unbound do the chroot & uid/gid changes. + + The upstream unit configuration this is based on is a lot stricter with all kinds of permissions then our previous variant. It also came with the default of having the `Type` set to `notify`, therefore we are now also using the `unbound-with-systemd` package here. Unbound will start up, read the configuration files and start listening on the configured ports before systemd will declare the unit `active (running)`. This will likely help with startup order and the occasional race condition during system activation where the DNS service is started but not yet ready to answer queries. Services depending on `nss-lookup.target` or `unbound.service` are now be able to use unbound when those targets have been reached. + + Additionally to the much stricter runtime environment the `/dev/urandom` mount lines we previously had in the code (that randomly failed during the stop-phase) have been removed as systemd will take care of those for us. + + The `preStart` script is now only required if we enabled the trust anchor updates (which are still enabled by default). + + Another benefit of the refactoring is that we can now issue reloads via either `pkill -HUP unbound` and `systemctl reload unbound` to reload the running configuration without taking the daemon offline. A prerequisite of this was that unbound configuration is available on a well known path on the file system. We are using the path `/etc/unbound/unbound.conf` as that is the default in the CLI tooling which in turn enables us to use `unbound-control` without passing a custom configuration location. + + The module has also been reworked to be [RFC 0042](https://github.com/NixOS/rfcs/blob/master/rfcs/0042-config-option.md) compliant. As such, `sevices.unbound.extraConfig` has been removed and replaced by [services.unbound.settings](options.html#opt-services.unbound.settings). `services.unbound.interfaces` has been renamed to `services.unbound.settings.server.interface`. + + `services.unbound.forwardAddresses` and `services.unbound.allowedAccess` have also been changed to use the new settings interface. You can follow the instructions when executing `nixos-rebuild` to upgrade your configuration to use the new interface. + +- The `services.dnscrypt-proxy2` module now takes the upstream\'s example configuration and updates it with the user\'s settings. An option has been added to restore the old behaviour if you prefer to declare the configuration from scratch. + +- NixOS now defaults to the unified cgroup hierarchy (cgroupsv2). See the [Fedora Article for 31](https://www.redhat.com/sysadmin/fedora-31-control-group-v2) for details on why this is desirable, and how it impacts containers. + + If you want to run containers with a runtime that does not yet support cgroupsv2, you can switch back to the old behaviour by setting [systemd.enableUnifiedCgroupHierarchy](options.html#opt-systemd.enableUnifiedCgroupHierarchy) = `false`; and rebooting. + +- PulseAudio was upgraded to 14.0, with changes to the handling of default sinks. See its [release notes](https://www.freedesktop.org/wiki/Software/PulseAudio/Notes/14.0/). + +- GNOME users may wish to delete their `~/.config/pulse` due to the changes to stream routing logic. See [PulseAudio bug 832](https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/issues/832) for more information. + +- The zookeeper package does not provide `zooInspector.sh` anymore, as that \"contrib\" has been dropped from upstream releases. + +- In the ACME module, the data used to build the hash for the account directory has changed to accomodate new features to reduce account rate limit issues. This will trigger new account creation on the first rebuild following this update. No issues are expected to arise from this, thanks to the new account creation handling. + +- [users.users._name_.createHome](options.html#opt-users.users._name_.createHome) now always ensures home directory permissions to be `0700`. Permissions had previously been ignored for already existing home directories, possibly leaving them readable by others. The option\'s description was incorrect regarding ownership management and has been simplified greatly. + +- When defining a new user, one of [users.users._name_.isNormalUser](options.html#opt-users.users._name_.isNormalUser) and [users.users._name_.isSystemUser](options.html#opt-users.users._name_.isSystemUser) is now required. This is to prevent accidentally giving a UID above 1000 to system users, which could have unexpected consequences, like running user activation scripts for system users. Note that users defined with an explicit UID below 500 are exempted from this check, as [users.users._name_.isSystemUser](options.html#opt-users.users._name_.isSystemUser) has no effect for those. + +- The `security.apparmor` module, for the [AppArmor](https://gitlab.com/apparmor/apparmor/-/wikis/Documentation) Mandatory Access Control system, has been substantialy improved along with related tools, so that module maintainers can now more easily write AppArmor profiles for NixOS. The most notable change on the user-side is the new option [security.apparmor.policies](options.html#opt-security.apparmor.policies), replacing the previous `profiles` option to provide a way to disable a profile and to select whether to confine in enforce mode (default) or in complain mode (see `journalctl -b --grep apparmor`). Security-minded users may also want to enable [security.apparmor.killUnconfinedConfinables](options.html#opt-security.apparmor.killUnconfinedConfinables), at the cost of having some of their processes killed when updating to a NixOS version introducing new AppArmor profiles. + +- The GNOME desktop manager once again installs gnome.epiphany by default. + +- NixOS now generates empty `/etc/netgroup`. `/etc/netgroup` defines network-wide groups and may affect to setups using NIS. + +- Platforms, like `stdenv.hostPlatform`, no longer have a `platform` attribute. It has been (mostly) flattened away: + + - `platform.gcc` is now `gcc` + + - `platform.kernel*` is now `linux-kernel.*` + + Additionally, `platform.kernelArch` moved to the top level as `linuxArch` to match the other `*Arch` variables. + + The `platform` grouping of these things never meant anything, and was just a historial/implementation artifact that was overdue removal. + +- `services.restic` now uses a dedicated cache directory for every backup defined in `services.restic.backups`. The old global cache directory, `/root/.cache/restic`, is now unused and can be removed to free up disk space. + +- `isync`: The `isync` compatibility wrapper was removed and the Master/Slave terminology has been deprecated and should be replaced with Far/Near in the configuration file. + +- The nix-gc service now accepts randomizedDelaySec (default: 0) and persistent (default: true) parameters. By default nix-gc will now run immediately if it would have been triggered at least once during the time when the timer was inactive. + +- The `rustPlatform.buildRustPackage` function is split into several hooks: cargoSetupHook to set up vendoring for Cargo-based projects, cargoBuildHook to build a project using Cargo, cargoInstallHook to install a project using Cargo, and cargoCheckHook to run tests in Cargo-based projects. With this change, mixed-language projects can use the relevant hooks within builders other than `buildRustPackage`. However, these changes also required several API changes to `buildRustPackage` itself: + + - The `target` argument was removed. Instead, `buildRustPackage` will always use the same target as the C/C++ compiler that is used. + + - The `cargoParallelTestThreads` argument was removed. Parallel tests are now disabled through `dontUseCargoParallelTests`. + +- The `rustPlatform.maturinBuildHook` hook was added. This hook can be used with `buildPythonPackage` to build Python packages that are written in Rust and use Maturin as their build tool. + +- Kubernetes has [deprecated docker](https://kubernetes.io/blog/2020/12/02/dont-panic-kubernetes-and-docker/) as container runtime. As a consequence, the Kubernetes module now has support for configuration of custom remote container runtimes and enables containerd by default. Note that containerd is more strict regarding container image OCI-compliance. As an example, images with CMD or ENTRYPOINT defined as strings (not lists) will fail on containerd, while working fine on docker. Please test your setup and container images with containerd prior to upgrading. + +- The GitLab module now has support for automatic backups. A schedule can be set with the [services.gitlab.backup.startAt](options.html#opt-services.gitlab.backup.startAt) option. + +- Prior to this release, systemd would also read system units from an undocumented `/etc/systemd-mutable/system` path. This path has been dropped from the defaults. That path (or others) can be re-enabled by adding it to the [boot.extraSystemdUnitPaths](options.html#opt-boot.extraSystemdUnitPaths) list. + +- PostgreSQL 9.5 is scheduled EOL during the 21.05 life cycle and has been removed. + +- [Xfce4](https://www.xfce.org/) relies on GIO/GVfs for userspace virtual filesystem access in applications like [thunar](https://docs.xfce.org/xfce/thunar/) and [gigolo](https://docs.xfce.org/apps/gigolo/). For that to work, the gvfs nixos service is enabled by default, and it can be configured with the specific package that provides GVfs. Until now Xfce4 was setting it to use a lighter version of GVfs (without support for samba). To avoid conflicts with other desktop environments this setting has been dropped. Users that still want it should add the following to their system configuration: + + ```nix + { + services.gvfs.package = pkgs.gvfs.override { samba = null; }; + } + ``` + +- The newly enabled `systemd-pstore.service` now automatically evacuates crashdumps and panic logs from the persistent storage to `/var/lib/systemd/pstore`. This prevents NVRAM from filling up, which ensures the latest diagnostic data is always stored and alleviates problems with writing new boot configurations. + +- Nixpkgs now contains [automatically packaged GNOME Shell extensions](https://github.com/NixOS/nixpkgs/pull/118232) from the [GNOME Extensions](https://extensions.gnome.org/) portal. You can find them, filed by their UUID, under `gnome38Extensions` attribute for GNOME 3.38 and under `gnome40Extensions` for GNOME 40. Finally, the `gnomeExtensions` attribute contains extensions for the latest GNOME Shell version in Nixpkgs, listed under a more human-friendly name. The unqualified attribute scope also contains manually packaged extensions. Note that the automatically packaged extensions are provided for convenience and are not checked or guaranteed to work. + +- Erlang/OTP versions older than R21 got dropped. We also dropped the cuter package, as it was purely an example of how to build a package. We also dropped `lfe_1_2` as it could not build with R21+. Moving forward, we expect to only support 3 yearly releases of OTP. diff --git a/nixos/doc/manual/release-notes/rl-2105.xml b/nixos/doc/manual/release-notes/rl-2105.xml deleted file mode 100644 index 8246f982190..00000000000 --- a/nixos/doc/manual/release-notes/rl-2105.xml +++ /dev/null @@ -1,1257 +0,0 @@ -
- Release 21.05 (“Okapi”, 2021.05/31) - - - Support is planned until the end of December 2021, handing over to 21.11. - -
- Highlights - - - In addition to numerous new and upgraded packages, this release has the - following highlights: - - - - - - - Core version changes: - - - - - gcc: 9.3.0 -> 10.3.0 - - - - - glibc: 2.30 -> 2.32 - - - - - default linux: 5.4 -> 5.10, all supported kernels available - - - - - mesa: 20.1.7 -> 21.0.1 - - - - - - - Desktop Environments: - - - - - GNOME: 3.36 -> 40, see its release notes - - - - - Plasma5: 5.18.5 -> 5.21.3 - - - - - kdeApplications: 20.08.1 -> 20.12.3 - - - - - cinnamon: 4.6 -> 4.8.1 - - - - - - - - Programming Languages and Frameworks: - - - - - - Python optimizations were disabled again. Builds with optimizations enabled - are not reproducible. Optimizations can now be enabled with an option. - - - - - - - The linux_latest kernel was updated to the 5.12 series. It currently is not officially supported for use with the zfs filesystem. If you use zfs, you should use a different kernel version (either the LTS kernel, or track a specific one). - - - -
- -
- New Services - - - The following new services were added since the last release: - - - - - - GNURadio 3.8 and 3.9 were - finally - packaged, along with a rewrite to the Nix expressions, allowing users to - override the features upstream supports selecting to compile or not to. - Additionally, the attribute gnuradio (3.9), gnuradio3_8 and gnuradio3_7 - now point to an externally wrapped by default derivations, that allow you to - also add `extraPythonPackages` to the Python interpreter used by GNURadio. - Missing environmental variables needed for operational GUI were also added - (#75478). - - - - - - Keycloak, - an open source identity and access management server with - support for OpenID Connect, - OAUTH 2.0 and - SAML - 2.0. - - - See the Keycloak - section of the NixOS manual for more information. - - - - - Web Services Dynamic Discovery host daemon - - - - - Discourse, a - modern and open source discussion platform. - - - See the Discourse - section of the NixOS manual for more information. - - - - - Nebula VPN - - - - -
- -
- Backward Incompatibilities - - - When upgrading from a previous release, please be aware of the following - incompatible changes: - - - - - GNOME desktop environment was upgraded to 40, see the release notes for 40.0 and 3.38. The gnome3 attribute set has been renamed to gnome and so have been the NixOS options. - - - - - If you are using to assign - custom names to network interfaces, this may stop working due to a change - in the initialisation of dhcpcd and systemd networkd. To avoid this, either - move them to or see the new - Assigning custom names section - of the NixOS manual for an example using networkd links. - - - - - The module has been removed. - It was broken since the switch to cgroups-v2. - - - - - The linuxPackages.ati_drivers_x11 kernel modules have been removed. - The drivers only supported kernels prior to 4.2, and thus have become obsolete. - - - - - The systemConfig kernel parameter is no longer added to boot loader entries. It has been unused since September 2010, but if do have a system generation from that era, you will now be unable to boot into them. - - - - - systemd-journal2gelf no longer parses json and expects the receiving system to handle it. How to achieve this with Graylog is described in this GitHub issue. - - - - - If the services.dbus module is enabled, then - the user D-Bus session is now always socket activated. The - associated options services.dbus.socketActivated - and services.xserver.startDbusSession have - therefore been removed and you will receive a warning if - they are present in your configuration. This change makes the - user D-Bus session available also for non-graphical logins. - - - - - The networking.wireless.iwd module now installs - the upstream-provided 80-iwd.link file, which sets the NamePolicy= - for all wlan devices to "keep kernel", to avoid race conditions - between iwd and networkd. If you don't want this, you can set - systemd.network.links."80-iwd" = lib.mkForce {}. - - - - - rubyMinimal was removed due to being unused and - unusable. The default ruby interpreter includes JIT support, which makes - it reference it's compiler. Since JIT support is probably needed by some - Gems, it was decided to enable this feature with all cc references by - default, and allow to build a Ruby derivation without references to cc, - by setting jitSupport = false; in an overlay. See - #90151 - for more info. - - - - - Setting now also affects which keys will use. - - WARNING: If you are using these options in combination do make sure that any key paths you use are present in ! - - - - - The option has been renamed to - . The path of font directory - has also been changed to /run/current-system/sw/share/X11/fonts, - for consistency with other X11 resources. - - - - - A number of options have been renamed in the kicad interface. oceSupport - has been renamed to withOCE, withOCCT has been renamed - to withOCC, ngspiceSupport has been renamed to - withNgspice, and scriptingSupport has been renamed to - withScripting. Additionally, kicad/base.nix no longer - provides default argument values since these are provided by - kicad/default.nix. - - - - - The socket for the pdns-recursor module was moved from /var/lib/pdns-recursor - to /run/pdns-recursor to match upstream. - - - - - Paperwork was updated to version 2. The on-disk format slightly changed, - and it is not possible to downgrade from Paperwork 2 back to Paperwork - 1.3. Back your documents up before upgrading. See this thread for more details. - - - - - PowerDNS has been updated from 4.2.x to 4.3.x. Please - be sure to review the Upgrade Notes - provided by upstream before upgrading. Worth specifically noting is that the service now runs - entirely as a dedicated pdns user, instead of starting as root - and dropping privileges, as well as the default socket-dir location changing from - /var/lib/powerdns to /run/pdns. - - - - - The mediatomb service is - now using by default the new and maintained fork - gerbera package instead of the unmaintained - mediatomb package. If you want to keep the old - behavior, you must declare it with: - - services.mediatomb.package = pkgs.mediatomb; - - One new option openFirewall has been introduced which - defaults to false. If you relied on the service declaration to add the - firewall rules itself before, you should now declare it with: - - services.mediatomb.openFirewall = true; - - - - - - xfsprogs was update from 4.19 to 5.11. It now enables reflink support by default on filesystem creation. - Support for reflinks was added with an experimental status to kernel 4.9 and deemed stable in kernel 4.16. - If you want to be able to mount XFS filesystems created with this release of xfsprogs on kernel releases older than those, you need to format them - with mkfs.xfs -m reflink=0. - - - - - The uWSGI server is now built with POSIX capabilities. As a consequence, - root is no longer required in emperor mode and the service defaults to - running as the unprivileged uwsgi user. Any additional - capability can be added via the new option - . - The previous behaviour can be restored by setting: - - = "root"; - = "root"; - = - { - uid = "uwsgi"; - gid = "uwsgi"; - }; - - - - Another incompatibility from the previous release is that vassals running under a - different user or group need to use immediate-{uid,gid} - instead of the usual uid,gid options. - - - - - btc1 has been abandoned upstream, and removed. - - - - - cpp_ethereum (aleth) has been abandoned upstream, and removed. - - - - - riak-cs package removed along with services.riak-cs module. - - - - - stanchion package removed along with services.stanchion module. - - - - - mutt has been updated to a new major version (2.x), which comes with - some backward incompatible changes that are described in the - release notes for Mutt 2.0. - - - - - vim and neovim switched to Python 3, dropping all Python 2 support. - - - - - networking.wireguard.interfaces.<name>.generatePrivateKeyFile, - which is off by default, had a chmod race condition - fixed. As an aside, the parent directory's permissions were widened, - and the key files were made owner-writable. - This only affects newly created keys. - However, if the exact permissions are important for your setup, read - #121294. - - - - - boot.zfs.forceImportAll - previously did nothing, but has been fixed. However its default has been - changed to false to preserve the existing default - behaviour. If you have this explicitly set to true, - please note that your non-root pools will now be forcibly imported. - - - - - openafs now points to openafs_1_8, - which is the new stable release. OpenAFS 1.6 was removed. - - - - - MariaDB has been updated to 10.5. - Before you upgrade, it would be best to take a backup of your database and read - - Incompatible Changes Between 10.4 and 10.5. - After the upgrade you will need to run mysql_upgrade. - - - - - The TokuDB storage engine dropped in mariadb 10.5 and removed in mariadb 10.6. - It is recommended to switch to RocksDB. See also TokuDB and - MDEV-19780: Remove the TokuDB storage engine. - - - - - The openldap module now has support for OLC-style - configuration, users of the configDir option may wish - to migrate. If you continue to use configDir, ensure that - olcPidFile is set to /run/slapd/slapd.pid. - - - As a result, extraConfig and extraDatabaseConfig - are removed. To help with migration, you can convert your slapd.conf - file to OLC configuration with the following script (find the location of this - configuration file by running systemctl status openldap, it is the - -f option. - - - TMPDIR=$(mktemp -d) - slaptest -f /path/to/slapd.conf -F $TMPDIR - slapcat -F $TMPDIR -n0 -H 'ldap:///???(!(objectClass=olcSchemaConfig))' - - - This will dump your current configuration in LDIF format, which should be - straightforward to convert into Nix settings. This does not show your schema - configuration, as this is unnecessarily verbose for users of the default schemas - and slaptest is buggy with schemas directly in the config file. - - - - - Amazon EC2 and OpenStack Compute (nova) images now re-fetch instance meta data and user data from the instance - metadata service (IMDS) on each boot. For example: stopping an EC2 instance, changing its user data, and - restarting the instance will now cause it to fetch and apply the new user data. - - - - Specifically, /etc/ec2-metadata is re-populated on each boot. Some NixOS scripts that read - from this directory are guarded to only run if the files they want to manipulate do not already exist, and so - will not re-apply their changes if the IMDS response changes. Examples: root's SSH key is - only added if /root/.ssh/authorized_keys does not exist, and SSH host keys are only set from - user data if they do not exist in /etc/ssh. - - - - - - The rspamd services is now sandboxed. It is run as - a dynamic user instead of root, so secrets and other files may have to - be moved or their permissions may have to be fixed. The sockets are now - located in /run/rspamd instead of /run. - - - - - Enabling the Tor client no longer silently also enables and - configures Privoxy, and the - services.tor.client.privoxy.enable option has - been removed. To enable Privoxy, and to configure it to use - Tor's faster port, use the following configuration: - - - = true; - = true; - - - - - The services.tor module has a new exhaustively typed option following RFC 0042; backward compatibility with old options has been preserved when aliasing was possible. - The corresponding systemd service has been hardened, - but there is a chance that the service still requires more permissions, - so please report any related trouble on the bugtracker. - Onion services v3 are now supported in . - A new option as been introduced for allowing connections on all the TCP ports configured. - - - - - The options services.slurm.dbdserver.storagePass - and services.slurm.dbdserver.configFile have been removed. - Use services.slurm.dbdserver.storagePassFile instead to provide the database password. - Extra config options can be given via the option services.slurm.dbdserver.extraConfig. The actual configuration file is created on the fly on startup of the service. - This avoids that the password gets exposed in the nix store. - - - - - The wafHook hook does not wrap Python anymore. - Packages depending on wafHook need to include any Python into their nativeBuildInputs. - - - - - Starting with version 1.7.0, the project formerly named CodiMD - is now named HedgeDoc. - New installations will no longer use the old name for users, state directories and such, this needs to be considered when moving state to a more recent NixOS installation. - Based on , existing installations will continue to work. - - - - - The fish-foreign-env package has been replaced with - fishPlugins.foreign-env, in which the fish - functions have been relocated to the - vendor_functions.d directory to be loaded automatically. - - - - - The prometheus json exporter is now managed by the prometheus community. Together with additional features - some backwards incompatibilities were introduced. - Most importantly the exporter no longer accepts a fixed command-line parameter to specify the URL of the - endpoint serving JSON. It now expects this URL to be passed as an URL parameter, when scraping the exporter's - /probe endpoint. - In the prometheus scrape configuration the scrape target might look like this: - -http://some.json-exporter.host:7979/probe?target=https://example.com/some/json/endpoint - - - - Existing configuration for the exporter needs to be updated, but can partially be re-used. - Documentation is available in the upstream repository and a small example for NixOS is available - in the corresponding NixOS test. - - - These changes also affect , which is - just a preconfigured instance of the json exporter. - - - For more information, take a look at the - official documentation of the json_exporter. - - - - - Androidenv was updated, removing the includeDocs and lldbVersions - arguments. Docs only covered a single version of the Android SDK, LLDB is now bundled with the NDK, - and both are no longer available to download from the Android package repositories. Additionally, since - the package lists have been updated, some older versions of Android packages may not be bundled. If you - depend on older versions of Android packages, we recommend overriding the repo. - - - Android packages are now loaded from a repo.json file created by parsing Android repo XML files. The arguments - repoJson and repoXmls have been added to allow overriding the built-in - androidenv repo.json with your own. Additionally, license files are now written to allow compatibility - with Gradle-based tools, and the extraLicenses argument has been added to accept more - SDK licenses if your project requires it. See the androidenv documentation for more details. - - - - - The attribute mpi is now consistently used to - provide a default, system-wide MPI implementation. - The default implementation is openmpi, which has been used before by - all derivations affects by this change. - Note that all packages that have used mpi ? null in the input - for optional MPI builds, have been changed to the boolean input paramater - useMpi to enable building with MPI. - - Building all packages with mpich instead - of the default openmpi can now be achived like this: - -self: super: -{ - mpi = super.mpich; -} - - - - - - The Searx module has been updated with the ability to configure the - service declaratively and uWSGI integration. - The option services.searx.configFile has been renamed - to for consistency with - the new . In addition, the - searx uid and gid reservations have been removed - since they were not necessary: the service is now running with a - dynamically allocated uid. - - - - - The libinput module has been updated with the ability to configure mouse and touchpad settings separately. - The options in services.xserver.libinput have been renamed to services.xserver.libinput.touchpad, - while there is a new services.xserver.libinput.mouse for mouse related configuration. - - - Since touchpad options no longer apply to all devices, you may want to replicate your touchpad configuration in - mouse section. - - - - - ALSA OSS emulation (sound.enableOSSEmulation) is now disabled by default. - - - - - Thinkfan as been updated to 1.2.x, which comes with a - new YAML based configuration format. For this reason, several NixOS options - of the thinkfan module have been changed to non-backward compatible types. - In addition, a new option has - been added. - - - Please read the - thinkfan documentation before updating. - - - - - Adobe Flash Player support has been dropped from the tree. In particular, - the following packages no longer support it: - - chromium - firefox - qt48 - qt5.qtwebkit - - Additionally, packages flashplayer and - hal-flash were removed along with the - services.flashpolicyd module. - - - - - The security.rngd module has been removed. - It was disabled by default in 20.09 as it was functionally redundant - with krngd in the linux kernel. It is not necessary for any device that the kernel recognises - as an hardware RNG, as it will automatically run the krngd task to periodically collect random - data from the device and mix it into the kernel's RNG. - - - The default SMTP port for GitLab has been changed to - 25 from its previous default of - 465. If you depended on this default, you - should now set the - option. - - - - - The default version of ImageMagick has been updated from 6 to 7. - You can use imagemagick6, - imagemagick6_light, and - imagemagick6Big if you need the older version. - - - - - no longer uses the deprecated cirrus and vesa device dependent X drivers by default. It also enables both amdgpu and nouveau drivers by default now. - - - - - The kindlegen package is gone, because it is no longer supported or hosted by Amazon. Sadly, its replacement, Kindle Previewer, has no Linux support. However, there are other ways to generate MOBI files. See the discussion for more info. - - - - - The apacheKafka packages are now built with - version-matched JREs. Versions 2.6 and above, the ones that recommend it, - use jdk11, while versions below remain on jdk8. The NixOS service has - been adjusted to start the service using the same version as the package, - adjustable with the new - services.apache-kafka.jre - option. Furthermore, the default list of - services.apache-kafka.jvmOptions - have been removed. You should set your own according to the - upstream documentation - for your Kafka version. - - - - - The kodi package has been modified to allow concise addon management. Consider - the following configuration from previous releases of NixOS to install kodi, - including the kodiPackages.inputstream-adaptive and kodiPackages.vfs-sftp - addons: - - -environment.systemPackages = [ - pkgs.kodi -]; - -nixpkgs.config.kodi = { - enableInputStreamAdaptive = true; - enableVFSSFTP = true; -}; - - - All Kodi config flags have been removed, and as a result the above configuration - should now be written as: - - -environment.systemPackages = [ - (pkgs.kodi.withPackages (p: with p; [ - inputstream-adaptive - vfs-sftp - ])) -]; - - - - - - now includes the nano package. - If pkgs.nano is not added to the list, - make sure another editor is installed and the EDITOR - environment variable is set to it. - Environment variables can be set using . - - - - - changed type to a list of paths, required for specifiyng multiple data directories for using with erasure coding. - Currently, the service doesn't enforce nor checks the correct number of paths to correspond to minio requirements. - - - - - All CUDA toolkit versions prior to CUDA 10 have been removed. - - - - - The kbdKeymaps package was removed since dvp and neo - are now included in kbd. - - If you want to use the Programmer Dvorak Keyboard Layout, you have to use - dvorak-programmer in - now instead of dvp. - In it's still dvp. - - - - - The babeld service is now being run as an unprivileged user. To achieve that the module configures - skip-kernel-setup true and takes care of setting forwarding and rp_filter sysctls by itself as well - as for each interface in services.babeld.interfaces. - - - - - The option has been renamed to and - now follows RFC 0042. - - - - - The yadm dotfile manager has been updated from 2.x to 3.x, which has new (XDG) default locations for some data/state files. Most yadm commands will fail and print a legacy path warning (which describes how to upgrade/migrate your repository). If you have scripts, daemons, scheduled jobs, shell profiles, etc. that invoke yadm, expect them to fail or misbehave until you perform this migration and prepare accordingly. - - - - - Instead of determining - automatically based on , the latest - version is always used because old versions are not officially supported. - - - Furthermore, Radicale's systemd unit was hardened which might break some - deployments. In particular, a non-default - filesystem_folder has to be added to - if - the deprecated is used. - - - - - In the module, use of --reuse-key - parameter for Lego has been removed. It was introduced for HKPK, but this security - feature is now deprecated. It is a better security practice to rotate key pairs - instead of always keeping the same. If you need to keep this parameter, you can add - it back using extraLegoRenewFlags as an option for the - appropriate certificate. - - - -
- -
- Other Notable Changes - - - - - stdenv.lib has been deprecated and will break - eval in 21.11. Please use pkgs.lib instead. - See #108938 - for details. - - - - - - GNURadio has a - pkgs attribute set, and there's a gnuradio.callPackage - function that extends pkgs with a mkDerivation, and a - mkDerivationWith, like Qt5. Now all gnuradio.pkgs are - defined with gnuradio.callPackage and some packages that depend - on gnuradio are defined with this as well. - - - - - Privoxy has been updated - to version 3.0.32 (See announcement). - Compared to the previous release, Privoxy has gained support for HTTPS - inspection (still experimental), Brotli decompression, several new filters - and lots of bug fixes, including security ones. In addition, the package - is now built with compression and external filters support, which were - previously disabled. - - - Regarding the NixOS module, new options for HTTPS inspection have been added - and has been replaced by the new - - (See RFC 0042 - for the motivation). - - - - - Kodi has been updated to version 19.1 "Matrix". See - the announcement for - further details. - - - - - The option has been removed as - it only supported a single setting which would always be the default. - Instead new RFC - 0042 compliant - and options have - been introduced. - - - - - Nginx has been updated to stable version 1.20.0. - Now nginx uses the zlib-ng library by default. - - - - - KDE Gear (formerly KDE Applications) is upgraded to 21.04, see its - release - notes for details. - - - The kdeApplications package set is now kdeGear, - in keeping with the new name. The old name remains for compatibility, but - it is deprecated. - - - - - Libreswan has been updated - to version 4.4. The package now includes example configurations and manual - pages by default. The NixOS module has been changed to use the upstream - systemd units and write the configuration in the /etc/ipsec.d/ - directory. In addition, two new options have been added to - specify connection policies - () - and disable send/receive redirects - (). - - - - - - The Mailman NixOS module (services.mailman) has a new - option , defaulting - to true, that controls integration with Postfix. - - - If this option is disabled, default MTA config becomes not set and you - should set the options in services.mailman.settings.mta - according to the desired configuration as described in - Mailman documentation. - - - - - The default-version of nextcloud is nextcloud21. - Please note that it's not possible to upgrade nextcloud - across multiple major versions! This means that it's e.g. not possible to upgrade - from nextcloud18 to nextcloud20 in a single deploy and - most 20.09 users will have to upgrade to nextcloud20 - first. - - - The package can be manually upgraded by setting - to nextcloud21. - - - - - The setting defaults to 127.0.0.1 now, making Redis listen on the loopback interface only, and not all public network interfaces. - - - - - NixOS now emits a deprecation warning if systemd's StartLimitInterval setting is used in a serviceConfig section instead of in a unitConfig; that setting is deprecated and now undocumented for the service section by systemd upstream, but still effective and somewhat buggy there, which can be confusing. See #45785 for details. - - - All services should use or StartLimitIntervalSec in instead. - - - - - The mediatomb service - declares new options. It also adapts existing options so the - configuration generation is now lazy. The existing option - customCfg (defaults to false), when enabled, stops - the service configuration generation completely. It then expects the - users to provide their own correct configuration at the right location - (whereas the configuration was generated and not used at all before). - The new option transcodingOption (defaults to no) - allows a generated configuration. It makes the mediatomb service pulls - the necessary runtime dependencies in the nix store (whereas it was - generated with hardcoded values before). The new option - mediaDirectories allows the users to declare autoscan - media directories from their nixos configuration: - - services.mediatomb.mediaDirectories = [ - { path = "/var/lib/mediatomb/pictures"; recursive = false; hidden-files = false; } - { path = "/var/lib/mediatomb/audio"; recursive = true; hidden-files = false; } - ]; - - - - - - The Unbound DNS resolver service (services.unbound) has been refactored to allow reloading, control sockets and to fix startup ordering issues. - - - - It is now possible to enable a local UNIX control socket for unbound by setting the - option. - - - - Previously we just applied a very minimal set of restrictions and - trusted unbound to properly drop root privs and capabilities. - - - - As of this we are (for the most part) just using the upstream - example unit file for unbound. The main difference is that we start - unbound as unbound user with the required capabilities instead of - letting unbound do the chroot & uid/gid changes. - - - - The upstream unit configuration this is based on is a lot stricter with - all kinds of permissions then our previous variant. It also came with - the default of having the Type set to notify, therefore we are now also - using the unbound-with-systemd package here. Unbound will start up, - read the configuration files and start listening on the configured ports - before systemd will declare the unit active (running). - This will likely help with startup order and the occasional race condition during system - activation where the DNS service is started but not yet ready to answer - queries. Services depending on nss-lookup.target or unbound.service - are now be able to use unbound when those targets have been reached. - - - - Additionally to the much stricter runtime environment the - /dev/urandom mount lines we previously had in the code (that - randomly failed during the stop-phase) have been removed as systemd will take care of those for us. - - - - The preStart script is now only required if we enabled the trust - anchor updates (which are still enabled by default). - - - - Another benefit of the refactoring is that we can now issue reloads via - either pkill -HUP unbound and systemctl reload unbound to reload the - running configuration without taking the daemon offline. A prerequisite - of this was that unbound configuration is available on a well known path - on the file system. We are using the path /etc/unbound/unbound.conf as that is the - default in the CLI tooling which in turn enables us to use - unbound-control without passing a custom configuration location. - - - - The module has also been reworked to be RFC - 0042 compliant. As such, - has been removed and replaced - by . - has been renamed to . - - - - and - have also been changed to - use the new settings interface. You can follow the instructions when - executing nixos-rebuild to upgrade your configuration to - use the new interface. - - - - - The services.dnscrypt-proxy2 module now takes the upstream's example configuration and updates it with the user's settings. - - An option has been added to restore the old behaviour if you prefer to declare the configuration from scratch. - - - - - NixOS now defaults to the unified cgroup hierarchy (cgroupsv2). - See the Fedora Article for 31 - for details on why this is desirable, and how it impacts containers. - - - If you want to run containers with a runtime that does not yet support cgroupsv2, - you can switch back to the old behaviour by setting - = false; - and rebooting. - - - - - PulseAudio was upgraded to 14.0, with changes to the handling of default sinks. - See its release notes. - - - - - GNOME users may wish to delete their ~/.config/pulse due to the changes to stream routing - logic. See PulseAudio bug 832 - for more information. - - - - - The zookeeper package does not provide - zooInspector.sh anymore, as that "contrib" has - been dropped from upstream releases. - - - - - In the ACME module, the data used to build the hash for the account - directory has changed to accomodate new features to reduce account - rate limit issues. This will trigger new account creation on the first - rebuild following this update. No issues are expected to arise from this, - thanks to the new account creation handling. - - - - - now always ensures home directory permissions to be 0700. - Permissions had previously been ignored for already existing home directories, possibly leaving them readable by others. - The option's description was incorrect regarding ownership management and has been simplified greatly. - - - - - When defining a new user, one of and is now required. - This is to prevent accidentally giving a UID above 1000 to system users, which could have unexpected consequences, like running user activation scripts for system users. - Note that users defined with an explicit UID below 500 are exempted from this check, as has no effect for those. - - - - - The security.apparmor module, - for the AppArmor - Mandatory Access Control system, - has been substantialy improved along with related tools, - so that module maintainers can now more easily write AppArmor profiles for NixOS. - The most notable change on the user-side is the new option , - replacing the previous profiles option - to provide a way to disable a profile - and to select whether to confine in enforce mode (default) - or in complain mode (see journalctl -b --grep apparmor). - Security-minded users may also want to enable , - at the cost of having some of their processes killed - when updating to a NixOS version introducing new AppArmor profiles. - - - - - The GNOME desktop manager once again installs gnome.epiphany by default. - - - - - NixOS now generates empty /etc/netgroup. - /etc/netgroup defines network-wide groups and may affect to setups using NIS. - - - - - Platforms, like stdenv.hostPlatform, no longer have a platform attribute. - It has been (mostly) flattened away: - - - platform.gcc is now gcc - platform.kernel* is now linux-kernel.* - - - Additionally, platform.kernelArch moved to the top level as linuxArch to match the other *Arch variables. - - - The platform grouping of these things never meant anything, and was just a historial/implementation artifact that was overdue removal. - - - - - services.restic now uses a dedicated cache directory for every backup defined in services.restic.backups. The old global cache directory, /root/.cache/restic, is now unused and can be removed to free up disk space. - - - - - isync: The isync compatibility wrapper was removed and the Master/Slave - terminology has been deprecated and should be replaced with Far/Near in the configuration file. - - - - - The nix-gc service now accepts randomizedDelaySec (default: 0) and persistent (default: true) parameters. - By default nix-gc will now run immediately if it would have been triggered at least - once during the time when the timer was inactive. - - - - - The rustPlatform.buildRustPackage function is split into several hooks: - cargoSetupHook to set up vendoring for Cargo-based projects, - cargoBuildHook to build a project using Cargo, - cargoInstallHook to install a project using Cargo, and - cargoCheckHook to run tests in Cargo-based projects. With this change, - mixed-language projects can use the relevant hooks within builders other than - buildRustPackage. However, these changes also required several API changes to - buildRustPackage itself: - - - - - The target argument was removed. Instead, buildRustPackage - will always use the same target as the C/C++ compiler that is used. - - - - - The cargoParallelTestThreads argument was removed. Parallel tests are - now disabled through dontUseCargoParallelTests. - - - - - - - - The rustPlatform.maturinBuildHook hook was added. This hook can be used - with buildPythonPackage to build Python packages that are written in Rust - and use Maturin as their build tool. - - - - - Kubernetes has deprecated docker as container runtime. - As a consequence, the Kubernetes module now has support for configuration of custom remote container runtimes and enables containerd by default. - Note that containerd is more strict regarding container image OCI-compliance. - As an example, images with CMD or ENTRYPOINT defined as strings (not lists) will fail on containerd, while working fine on docker. - Please test your setup and container images with containerd prior to upgrading. - - - - - The GitLab module now has support for automatic backups. A - schedule can be set with the - services.gitlab.backup.startAt - option. - - - - - Prior to this release, systemd would also read system units from an undocumented /etc/systemd-mutable/system path. - This path has been dropped from the defaults. That path (or others) can be re-enabled by adding it to the - boot.extraSystemdUnitPaths list. - - - - - PostgreSQL 9.5 is scheduled EOL during the 21.05 life cycle and has been removed. - - - - - Xfce4 relies on - GIO/GVfs for userspace virtual filesystem access in applications - like thunar and - gigolo. - For that to work, the gvfs nixos service is enabled by default, - and it can be configured with the specific package that provides - GVfs. Until now Xfce4 was setting it to use a lighter version of - GVfs (without support for samba). To avoid conflicts with other - desktop environments this setting has been dropped. Users that - still want it should add the following to their system - configuration: - - = pkgs.gvfs.override { samba = null; }; - - - - - - The newly enabled systemd-pstore.service now automatically evacuates crashdumps and panic logs from the persistent storage to /var/lib/systemd/pstore. - This prevents NVRAM from filling up, which ensures the latest diagnostic data is always stored and alleviates problems with writing new boot configurations. - - - - - Nixpkgs now contains automatically packaged GNOME Shell extensions from the GNOME Extensions portal. You can find them, filed by their UUID, under gnome38Extensions attribute for GNOME 3.38 and under gnome40Extensions for GNOME 40. Finally, the gnomeExtensions attribute contains extensions for the latest GNOME Shell version in Nixpkgs, listed under a more human-friendly name. The unqualified attribute scope also contains manually packaged extensions. Note that the automatically packaged extensions are provided for convenience and are not checked or guaranteed to work. - - - - - Erlang/OTP versions older than R21 got dropped. We also dropped the cuter package, as it was purely an example of how to build a package. - We also dropped lfe_1_2 as it could not build with R21+. - Moving forward, we expect to only support 3 yearly releases of OTP. - - - - -
-
From 387f1644aeb5fd2ecc976fb09f699baaa28e0f66 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Wed, 23 Jun 2021 17:38:45 -0400 Subject: [PATCH 194/202] terraform-providers.grafana: 1.10.0 -> 1.12.0 Requires backport due to https://github.com/grafana/terraform-provider-grafana/issues/212 (cherry picked from commit 08931215f4574af3bf9bebdd1f87b9dd4baf2341) --- .../networking/cluster/terraform-providers/providers.json | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index a3d8a98b77f..358ad7ec49c 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -379,9 +379,10 @@ "grafana": { "owner": "terraform-providers", "repo": "terraform-provider-grafana", - "rev": "v1.5.0", - "sha256": "0zy3bqgpxymp2zygaxzllk1ysdankwxa1sy1djfgr4fs2nlggkwi", - "version": "1.5.0" + "rev": "v1.12.0", + "sha256": "0jqm8ql8kams2rh90fwdmv9nnf4npzpxaagm9725nsf0iqn3qlhn", + "vendorSha256": "0pxd3sgpkry7gik6rgfl3cpgawhvgpb0sn1rkhdp9p11iwx7xxbi", + "version": "1.12.0" }, "gridscale": { "owner": "terraform-providers", From f60fb4f6d011c89039c755ff0ba358f60679a7d7 Mon Sep 17 00:00:00 2001 From: Shea Levy Date: Wed, 23 Jun 2021 17:57:40 -0400 Subject: [PATCH 195/202] terraform-providers.grafana: Fix download URL. Apologies for the pushes straight to release without PR, I will follow the new workflow moving forward. Unfortunately my last push broke the package in a way that was invisible locally due to the source already being downloaded... A perfect example of why we should let ofborg build! --- .../networking/cluster/terraform-providers/providers.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/pkgs/applications/networking/cluster/terraform-providers/providers.json b/pkgs/applications/networking/cluster/terraform-providers/providers.json index 358ad7ec49c..bded8219b50 100644 --- a/pkgs/applications/networking/cluster/terraform-providers/providers.json +++ b/pkgs/applications/networking/cluster/terraform-providers/providers.json @@ -377,7 +377,8 @@ "version": "3.47.0" }, "grafana": { - "owner": "terraform-providers", + "owner": "grafana", + "provider-source-address": "registry.terraform.io/grafana/grafana", "repo": "terraform-provider-grafana", "rev": "v1.12.0", "sha256": "0jqm8ql8kams2rh90fwdmv9nnf4npzpxaagm9725nsf0iqn3qlhn", From eba91e45a83453ab0e0a2746c44a506831396036 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 23 Jun 2021 19:57:43 +0000 Subject: [PATCH 196/202] electron_11: 11.4.8 -> 11.4.9 https://github.com/electron/electron/releases/tag/v11.4.9 (cherry picked from commit 942f13fb873b1ad5ac6de464133b6b5f2b12be49) --- pkgs/development/tools/electron/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/pkgs/development/tools/electron/default.nix b/pkgs/development/tools/electron/default.nix index 1f10f602124..fb7a6e58093 100644 --- a/pkgs/development/tools/electron/default.nix +++ b/pkgs/development/tools/electron/default.nix @@ -95,14 +95,14 @@ rec { headers = "01x6a0r2jawjpl09ixgzap3g0z6znj34hsnnhzanavkbds0ri4k6"; }; - electron_11 = mkElectron "11.4.7" { - x86_64-linux = "05005d351a1b08a550a8186efba6f4fdd96842355a634934d9a9d7d31c2cd539"; - x86_64-darwin = "e6445ad3d7e851fc3227785788d0706d58c9c8ea3821afa7f871c6254c463043"; - i686-linux = "5473f36eb2a9772da7e4f1a162a724b4a5335e8f78fb51d585bac3bd50ff12fc"; - armv7l-linux = "0de0d74b1206f7ffd9e4c75754bbf6fdf27c83a0ce6b4cd8a6b5af81d7a20ba7"; - aarch64-linux = "f2261dde71197c358aff85d7a320cbd2315a5adf228218fd9a2f5c8561589323"; - aarch64-darwin = "a2abc83c21402e30f4f42f4615cccc4369884faa2f2fa576d71f423834988622"; - headers = "1dqkx861vfq6xbzdlbgza6h4j7bib8p3xahllrnfc0s65y8gf0ry"; + electron_11 = mkElectron "11.4.9" { + x86_64-linux = "c18ed2e16e60ca1eddd01ab2e4fff2bbfd9f197ab17b7577155f05687297d7be"; + x86_64-darwin = "ec34759ae768e55449c23244283c8af3dc5d5ab533d64cea0231be0a0878ebdd"; + i686-linux = "ef9125268e03f2f1d13c2b2505ba2529af88a8397cad640bd35116caae7ab296"; + armv7l-linux = "b43c00f4a0b4cf8affa09cedff93066d23d57a6148af383a8fc9f6d25b63d449"; + aarch64-linux = "3df038538056fc4a918afe07138052b1f53648c411add47c3a18abe8a30e6f71"; + aarch64-darwin = "acf880cfaea9ca382831df165fa7ef7e0b442c663d5a586cdfe0baa1aea4e17c"; + headers = "1wfhc22g680pvv85rq8d8lw4vphpr700fmzs3nwxixxnzhp1sb79"; }; electron_12 = mkElectron "12.0.9" { From 549c222243927fa72e439ecea74ec444bfa4c7d8 Mon Sep 17 00:00:00 2001 From: TredwellGit Date: Wed, 23 Jun 2021 19:57:04 +0000 Subject: [PATCH 197/202] electron_12: 12.0.11 -> 12.0.12 https://github.com/electron/electron/releases/tag/v12.0.12 (cherry picked from commit c1f9347282486be406bf0a226bba076dbaab5d69) --- pkgs/development/tools/electron/default.nix | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/pkgs/development/tools/electron/default.nix b/pkgs/development/tools/electron/default.nix index fb7a6e58093..8a00c82fb05 100644 --- a/pkgs/development/tools/electron/default.nix +++ b/pkgs/development/tools/electron/default.nix @@ -105,13 +105,13 @@ rec { headers = "1wfhc22g680pvv85rq8d8lw4vphpr700fmzs3nwxixxnzhp1sb79"; }; - electron_12 = mkElectron "12.0.9" { - x86_64-linux = "3ab0a873f720d3bf56cce6ca1bf9d8b956843920798f659ca0829e4cc3126f6d"; - x86_64-darwin = "b3f1e378f58e7c36b54451c5a3485adc370277827974e1eb0790b6965737c872"; - i686-linux = "37405b3b27779ad417c3ae432d7f0d969c126c958a0ad8f2585c34fc8ee6c6e6"; - armv7l-linux = "2d41ef3ed6a215efe2c7d03d8055fcfda0079f09e9580e5bf70e8ac4a22b0898"; - aarch64-linux = "22a85817ea2edbba2e17b35f6e3a8104b2165e070ea21a1f2fa3b40e8d7aecc9"; - aarch64-darwin = "cb8aa8153005ea0d801182eb714d56af0217345b1152d867317291670731daeb"; - headers = "1vwcjzkjag2wxrwnsbi8bgbv8bi6vn5iq9b04krwlk7mlhm4ax66"; + electron_12 = mkElectron "12.0.12" { + x86_64-linux = "98e7cc5dd3f161c37cbbd9aef90d55c51531a4bad8221a9d1f92e78014758054"; + x86_64-darwin = "3a39933c1c83406e4ddbce2af193e9a6b7b77f418c4f1d5e7b8f9edc348acd15"; + i686-linux = "2a06936fa13929342ebb7521d2e3e8b4a7a08ac1d757c0521a047b4cf0a979fc"; + armv7l-linux = "c0a2c13d99a1152aa6252fd8237207a6f395b70d0890eba5b7209a03beb9a6ec"; + aarch64-linux = "a92e2eaebab75b93eda0bc523ba9262a32db95c7546c095fee93d39a304521a0"; + aarch64-darwin = "810a1f36574a2db8d7d4022a042a65cceec3443644487868c5609b16b5dfe29f"; + headers = "1qis2k8yc7g1klvhiysjrgl5gclx4idxdz60kh8ldrji5a0lgha1"; }; } From c720e790dfdcae721fb874a010eade17a92fa940 Mon Sep 17 00:00:00 2001 From: Mario Rodas Date: Mon, 21 Jun 2021 04:20:00 +0000 Subject: [PATCH 198/202] entr: fix segfault on darwin (cherry picked from commit 23e36778a13ca70c16535fbbd47590ec4205178d) --- pkgs/tools/misc/entr/default.nix | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pkgs/tools/misc/entr/default.nix b/pkgs/tools/misc/entr/default.nix index dd5d960085b..abfd12523db 100644 --- a/pkgs/tools/misc/entr/default.nix +++ b/pkgs/tools/misc/entr/default.nix @@ -1,4 +1,4 @@ -{ lib, stdenv, fetchurl, coreutils, ncurses }: +{ lib, stdenv, fetchurl, coreutils, ncurses, fetchpatch }: stdenv.mkDerivation rec { pname = "entr"; @@ -9,6 +9,16 @@ stdenv.mkDerivation rec { sha256 = "sha256-4lak0vvkb2EyRggzukR+ZdfzW6nQsmXnxBUDl8xEBaI="; }; + patches = lib.optionals stdenv.isDarwin [ + # Fix v4.9 segfault on Darwin. remove with the next update + # https://github.com/eradman/entr/issues/74 + (fetchpatch { + url = "https://github.com/eradman/entr/commit/468d77d45925abba826bb1dcda01487dbe37eb33.patch"; + sha256 = "17kkcrsnac0pb930sf2kix71h4c7krzsrvz8pskx0vm39n1c9xfi"; + includes = [ "entr.c" ]; + }) + ]; + postPatch = '' substituteInPlace Makefile.bsd --replace /bin/echo echo substituteInPlace entr.c --replace /bin/cat ${coreutils}/bin/cat From 2c1a36d521fcd8e558b6842fc5fda2370e30bbe2 Mon Sep 17 00:00:00 2001 From: Maximilian Bosch Date: Thu, 24 Jun 2021 18:28:40 +0200 Subject: [PATCH 199/202] stellarium: 0.21.0 -> 0.21.1 ChangeLog: https://github.com/Stellarium/stellarium/releases/tag/v0.21.1 (cherry picked from commit ea56e08d624bdfdf271d9ee8deaa5a06d010ea24) --- pkgs/applications/science/astronomy/stellarium/default.nix | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkgs/applications/science/astronomy/stellarium/default.nix b/pkgs/applications/science/astronomy/stellarium/default.nix index 7922f4d02ad..2e28d9d83e5 100644 --- a/pkgs/applications/science/astronomy/stellarium/default.nix +++ b/pkgs/applications/science/astronomy/stellarium/default.nix @@ -6,13 +6,13 @@ mkDerivation rec { pname = "stellarium"; - version = "0.21.0"; + version = "0.21.1"; src = fetchFromGitHub { owner = "Stellarium"; repo = "stellarium"; rev = "v${version}"; - sha256 = "sha256-LOBWfKLtoFemiWBUVayIBG0DORvjI6h9kgaPH9hGmKY="; + sha256 = "sha256-dAdB57phD5phl8dQZIHtqtnA2LZqR+JoXTzIBtqBevA="; }; nativeBuildInputs = [ cmake perl wrapQtAppsHook ]; From 001f78ff0044adf3ca972643eaf3fc5cbc8f634c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20Sch=C3=BCtz?= Date: Thu, 24 Jun 2021 11:25:01 +0200 Subject: [PATCH 200/202] zfs: 2.0.4 -> 2.0.5 https://github.com/openzfs/zfs/releases/tag/zfs-2.0.5 (cherry picked from commit ec8dbc11aac4b4d7f6e9c8329952bd03dbfc98bf) --- pkgs/os-specific/linux/zfs/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/os-specific/linux/zfs/default.nix b/pkgs/os-specific/linux/zfs/default.nix index 6db953ae4ef..6977583adeb 100644 --- a/pkgs/os-specific/linux/zfs/default.nix +++ b/pkgs/os-specific/linux/zfs/default.nix @@ -193,12 +193,12 @@ in { # to be adapted zfsStable = common { # check the release notes for compatible kernels - kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.12"; + kernelCompatible = kernel.kernelAtLeast "3.10" && kernel.kernelOlder "5.13"; # this package should point to the latest release. - version = "2.0.4"; + version = "2.0.5"; - sha256 = "sha256-ySTt0K3Lc0Le35XTwjiM5l+nIf9co7wBn+Oma1r8YHo="; + sha256 = "0n0d8ab7ibxxa8znfsprh7jxwgighx5g291v7hi8272vfjrmk1mj"; }; zfsUnstable = common { From b41d5aa71543d8c616425cafe5e642e7b3c07818 Mon Sep 17 00:00:00 2001 From: "R. RyanTM" Date: Sat, 5 Jun 2021 21:26:39 +0000 Subject: [PATCH 201/202] consul: 1.9.5 -> 1.9.6 (cherry picked from commit 35ea60a0ff7e1c1a1bc7bc10515ce22c35c88ad8) --- pkgs/servers/consul/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix index fd1b14e6158..874b18ef9eb 100644 --- a/pkgs/servers/consul/default.nix +++ b/pkgs/servers/consul/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "consul"; - version = "1.9.5"; + version = "1.9.6"; rev = "v${version}"; # Note: Currently only release tags are supported, because they have the Consul UI @@ -17,7 +17,7 @@ buildGoModule rec { owner = "hashicorp"; repo = pname; inherit rev; - sha256 = "sha256-CKezHuCbL1I79gDz7ZQiSgPbSXo0NtssQro2MqqmeXw="; + sha256 = "sha256-SuG/Q5Tjet4etd4Qy5NBQLYEe2QO0K8QHKmgxYMl09U="; }; passthru.tests.consul = nixosTests.consul; @@ -26,7 +26,7 @@ buildGoModule rec { # has a split module structure in one repo subPackages = ["." "connect/certgen"]; - vendorSha256 = "sha256-YqrW3PeFv1Y6lmjVmMMP0SZao57iPqfut3a1afIWkI0="; + vendorSha256 = "sha256-jVhj7pzJ8kxZk3ViA9zhVqD314biih/sP0Ql1GXcoRY="; doCheck = false; From 8112fbe212f6086151acb19fe464b00c8ac1aebd Mon Sep 17 00:00:00 2001 From: Maxine Aubrey Date: Tue, 22 Jun 2021 17:44:50 +0200 Subject: [PATCH 202/202] consul: 1.9.6 -> 1.9.7 (cherry picked from commit 0fdfa3172d6918124370af8dc3fc394bc8b7dbdd) --- pkgs/servers/consul/default.nix | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pkgs/servers/consul/default.nix b/pkgs/servers/consul/default.nix index 874b18ef9eb..50845119599 100644 --- a/pkgs/servers/consul/default.nix +++ b/pkgs/servers/consul/default.nix @@ -2,7 +2,7 @@ buildGoModule rec { pname = "consul"; - version = "1.9.6"; + version = "1.9.7"; rev = "v${version}"; # Note: Currently only release tags are supported, because they have the Consul UI @@ -17,7 +17,7 @@ buildGoModule rec { owner = "hashicorp"; repo = pname; inherit rev; - sha256 = "sha256-SuG/Q5Tjet4etd4Qy5NBQLYEe2QO0K8QHKmgxYMl09U="; + sha256 = "sha256-+s7IwbklJ9QLe5ZagEe6+C0dx/Vvj0O5YaNUP25e9ZA="; }; passthru.tests.consul = nixosTests.consul; @@ -26,7 +26,7 @@ buildGoModule rec { # has a split module structure in one repo subPackages = ["." "connect/certgen"]; - vendorSha256 = "sha256-jVhj7pzJ8kxZk3ViA9zhVqD314biih/sP0Ql1GXcoRY="; + vendorSha256 = "sha256-HtuWfTtooD4/SzDp6yzNMI2nryOgy2e+lgz8q3M3vfw="; doCheck = false;