From 440f0ac4666724ebd6ba53228639cbaf0f0594f5 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" <nicolas.b.pierron@nbp.name>
Date: Fri, 4 Jun 2021 14:47:23 +0200
Subject: [PATCH 01/64] firefox-bin: Avoid including both the wrapped and
unwrapped version when using nix run command.
In order to make the man pages accessible, the previous code used
nix-support/propagated-user-env-packages. However this file is also used to set
the PATH when the application is executed with `nix run`, thus including the
wrapped and the wrappee in the environment.
Having the wrappee enumerated first in the environment caused `firefox` to
default to the wrappee, and as such not being able to find a proper GTK. This
was a source of failures while opening a file-picker.
This change removes the code to propagate the wrappe in the environment, as the
man pages are already linked in the wrapper output.
(cherry picked from commit efef092ba59259fb2654038bbd952baca5c8bab7)
---
pkgs/applications/networking/browsers/firefox/wrapper.nix | 4 ----
1 file changed, 4 deletions(-)
diff --git a/pkgs/applications/networking/browsers/firefox/wrapper.nix b/pkgs/applications/networking/browsers/firefox/wrapper.nix
index 793e8688a5f..13becfc4f62 100644
--- a/pkgs/applications/networking/browsers/firefox/wrapper.nix
+++ b/pkgs/applications/networking/browsers/firefox/wrapper.nix
@@ -303,10 +303,6 @@ let
ln -sLt $out/lib/mozilla/pkcs11-modules $ext/lib/mozilla/pkcs11-modules/*
done
- # For manpages, in case the program supplies them
- mkdir -p $out/nix-support
- echo ${browser} > $out/nix-support/propagated-user-env-packages
-
#########################
# #
From 1e9c68521cb4206bc9334e3635bf707b8c6775ef Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Thu, 3 Jun 2021 08:29:19 +0200
Subject: [PATCH 02/64] linux: 5.10.40 -> 5.10.41
(cherry picked from commit 78aaa23acecfbfd977d22bf3a7050c9a27c815fa)
---
pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix
index ae8f5095307..7b4636f332d 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.10.40";
+ version = "5.10.41";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "091g9g29m4vh66bxihiylyprb3cxr8cy4m494klb2lkirlx8103l";
+ sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ];
From 68f2116f109058780d5b8604bf2b6497b1519100 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Thu, 3 Jun 2021 08:29:24 +0200
Subject: [PATCH 03/64] linux: 5.12.7 -> 5.12.8
(cherry picked from commit 85b9e08436dd3cb37707fffd93b0d2dea30b99d1)
---
pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix
index 80a25ad2396..3c61889bc68 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.12.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.12.7";
+ version = "5.12.8";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "0ircrclggrbmm80vz7irhg73qvhjddsmf7zclw5cqnnmm3qfj8jk";
+ sha256 = "134g8d5zvbzdqxy7z6a527dqcmiq4ixf7s05rnnsc4qcajpbcimd";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ];
From e28f728bdf85b6a1a6e09a2b15b5dcd7a29be83a Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Thu, 3 Jun 2021 08:29:30 +0200
Subject: [PATCH 04/64] linux: 5.4.122 -> 5.4.123
(cherry picked from commit fd37913b5699c23ef59dd0bb3a38ab92d8ed82de)
---
pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix
index a245ee7c44e..85d24132b7e 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.4.122";
+ version = "5.4.123";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "00g6s3ymriwddshy5sd458b1wfvw2ynxv6dr63ziykwfq50jlr9p";
+ sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ];
From 11bdcb66bd652dba6937a0d4027180e110c619d5 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:11 +0200
Subject: [PATCH 05/64] linux: 4.14.234 -> 4.14.235
(cherry picked from commit 14c5ae2a443f4296fd37bc556b7cf7aba2ac8033)
---
pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix
index 58804158761..7c986259dff 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "4.14.234";
+ version = "4.14.235";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "1mwqb9sq6qd9angl3xysdsrfpgppf46g3kiwg1svqgpgrx7cqn1b";
+ sha256 = "03k793hj294zf7jncs1h8zh5dh6xagkfvnydd9jadxvq2z8vvl8f";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_14 ];
From e9d5f300eb188cb8f72337c72c71317faf4560f8 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:24 +0200
Subject: [PATCH 06/64] linux: 4.19.192 -> 4.19.193
(cherry picked from commit df489760a1f346e71e6d61c93f80da029128d292)
---
pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix
index 23d651e21da..3a31ad473cf 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.19.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "4.19.192";
+ version = "4.19.193";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "1680dz4wjg721a8lqwh6ijd90zcr2f3wzcvhwgn3shbwgjkwsk87";
+ sha256 = "17ci49ak5iw01kfkn3fcgncg9hm4j188417bxi3bnsq9il5ymhl4";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_19 ];
From 11c473038befc866b8d3b0636cfef76a8d90f415 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:29 +0200
Subject: [PATCH 07/64] linux: 4.4.270 -> 4.4.271
(cherry picked from commit eab8c884b84d6e89177430306a2ce8e2319a148d)
---
pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index 8320c2fb9ce..9bc01eeff49 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -1,13 +1,13 @@
{ buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args:
buildLinux (args // rec {
- version = "4.4.270";
+ version = "4.4.271";
extraMeta.branch = "4.4";
extraMeta.broken = stdenv.isAarch64;
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "1lz48gv1v3wvw9xvd3y9q4py7ii1g9fj4dwyvvjdzbipyw7s21pq";
+ sha256 = "0n5h2lv1p542a45pas3pi0vkhgrk096vwrps79a7v3a6c1q2dxx6";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_4 ];
From b21519e899125b404a3e4e4ee134019c1258097b Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:33 +0200
Subject: [PATCH 08/64] linux: 4.9.270 -> 4.9.271
(cherry picked from commit 3739547f71399e6b689682f64376ea47055563e4)
---
pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index 7dda6f5356d..4be4b6fb222 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -1,13 +1,13 @@
{ buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args:
buildLinux (args // rec {
- version = "4.9.270";
+ version = "4.9.271";
extraMeta.branch = "4.9";
extraMeta.broken = stdenv.isAarch64;
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "0ck5abzpla291gcxrxjindj5szgcvmb2fwfilvdnzc6pnqk00ay3";
+ sha256 = "1480miixphkf0b8w00m753ar7yp1rnl3zyr9wp4inngi2f90553r";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_9 ];
From 48c065427c25e604c228fd593ecf03707d8b3dea Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:39 +0200
Subject: [PATCH 09/64] linux: 5.10.41 -> 5.10.42
(cherry picked from commit 3d8eaa87efac4063cd1474e0f17078d0f16b2863)
---
pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix
index 7b4636f332d..ec7b16f9f3f 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.10.41";
+ version = "5.10.42";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n";
+ sha256 = "1r86v6q7ml7zv001f25w3h667nqqy39439s94vnqsyyn7g3jg84b";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ];
From 7a527b80a4445e8b1421649c1f02a87cc69001cd Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:45 +0200
Subject: [PATCH 10/64] linux: 5.12.8 -> 5.12.9
(cherry picked from commit 638dd47cd4adf14e8bdf7045acee10c1642528e9)
---
pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix
index 3c61889bc68..85a69f0c5ad 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.12.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.12.8";
+ version = "5.12.9";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "134g8d5zvbzdqxy7z6a527dqcmiq4ixf7s05rnnsc4qcajpbcimd";
+ sha256 = "0vg71h8r90fl01a8khyf1776y76rgqisxafky89cswa2fpsvxyn7";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ];
From 6a0f53fd68a92d2c0ca5c5015019990b2a028e13 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:10:50 +0200
Subject: [PATCH 11/64] linux: 5.4.123 -> 5.4.124
(cherry picked from commit 32d11bc730a489d79825dc6e6c3d0de1f310ebdd)
---
pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix
index 85d24132b7e..4cf7c2bfafd 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.4.123";
+ version = "5.4.124";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf";
+ sha256 = "10kxa1ng9w9xd2d5xh48fbhp1kri650p90nihrcpnb845gd9vwpp";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ];
From 6a671c3d4a8389d7b5c3da98bd5d4b42833ec4af Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:11:04 +0200
Subject: [PATCH 12/64] linux-rt_5_10: 5.10.35-rt39 -> 5.10.41-rt42
(cherry picked from commit b42424bdd0946c167becd3ffa2d169d5e08877ed)
---
pkgs/os-specific/linux/kernel/linux-rt-5.10.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
index 90c0c4e2930..5567022edcc 100644
--- a/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-rt-5.10.nix
@@ -6,7 +6,7 @@
, ... } @ args:
let
- version = "5.10.35-rt39"; # updated by ./update-rt.sh
+ version = "5.10.41-rt42"; # updated by ./update-rt.sh
branch = lib.versions.majorMinor version;
kversion = builtins.elemAt (lib.splitString "-" version) 0;
in buildLinux (args // {
@@ -18,14 +18,14 @@ in buildLinux (args // {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz";
- sha256 = "1zcqsjzqgcvlhkjwhzs6sxgbhzkfg898pbisivjqfymp8nfs2dxc";
+ sha256 = "0wb739q7dha8nxkd72x42k4in5nw633yw065ppwc8rq7x2fpa17n";
};
kernelPatches = let rt-patch = {
name = "rt";
patch = fetchurl {
url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz";
- sha256 = "03gq9y111k4js4cc87yc9y7hyg1wxwbc1bjyjdvb4nrx2wqka79y";
+ sha256 = "1z8jgsq5fkg486xxawg4c4wk1l9xra7x1cfqaf4grhw0csbbx883";
};
}; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches;
From 4a79e6ce2b2da2bf3603e3f84baacbff347d4562 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:11:27 +0200
Subject: [PATCH 13/64] linux-rt_5_4: 5.4.115-rt57 -> 5.4.123-rt59
(cherry picked from commit 759559f3d3f57aeb76a38d8d47e481fe68767d81)
---
pkgs/os-specific/linux/kernel/linux-rt-5.4.nix | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix
index 34efc8e21ee..8592ad4c3b3 100644
--- a/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-rt-5.4.nix
@@ -6,7 +6,7 @@
, ... } @ args:
let
- version = "5.4.115-rt57"; # updated by ./update-rt.sh
+ version = "5.4.123-rt59"; # updated by ./update-rt.sh
branch = lib.versions.majorMinor version;
kversion = builtins.elemAt (lib.splitString "-" version) 0;
in buildLinux (args // {
@@ -14,14 +14,14 @@ in buildLinux (args // {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${kversion}.tar.xz";
- sha256 = "1llxk04vlpi7a4ca2f5vlcxfn68n8yhmsar3hsl259i7hms28isv";
+ sha256 = "1pi223dls52piw65s3v4ml23wdyy73xpbdvp511187b6zgzk7zlf";
};
kernelPatches = let rt-patch = {
name = "rt";
patch = fetchurl {
url = "mirror://kernel/linux/kernel/projects/rt/${branch}/older/patch-${version}.patch.xz";
- sha256 = "1xh7xi27q58njhfayi2lnk4id7hnlklkgh2zx012gxv4ari76g0k";
+ sha256 = "1m1mnmk7h35p7dv6mg3pla6pw3b645hbbccjmp1jc3fyn6qiy6fq";
};
}; in [ rt-patch ] ++ lib.remove rt-patch kernelPatches;
From 8d8739976a9abdd2b7b11a40c689f501064842c9 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:11:46 +0200
Subject: [PATCH 14/64] linux_latest-libre: 18096 -> 18115
(cherry picked from commit b599c482957ff3991ee45474f02c3b617df87ece)
---
pkgs/os-specific/linux/kernel/linux-libre.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-libre.nix b/pkgs/os-specific/linux/kernel/linux-libre.nix
index 6d1c7339720..2001b350ecc 100644
--- a/pkgs/os-specific/linux/kernel/linux-libre.nix
+++ b/pkgs/os-specific/linux/kernel/linux-libre.nix
@@ -1,8 +1,8 @@
{ stdenv, lib, fetchsvn, linux
, scripts ? fetchsvn {
url = "https://www.fsfla.org/svn/fsfla/software/linux-libre/releases/branches/";
- rev = "18096";
- sha256 = "08m7afj0h9bcgg8rx8ksp85hmaqjl4k4p4q4zy6x51788xn4mycg";
+ rev = "18115";
+ sha256 = "00wsxlhz7lc4qk7jcgshb05hvv3mm4m8r3zalc9wvp4r1r6xbbjp";
}
, ...
}:
From 7da6c0c3c93cd4df0c835918dabff4220b34a450 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:11:58 +0200
Subject: [PATCH 15/64] linux/hardened/patches/4.14: 4.14.234-hardened1 ->
4.14.235-hardened1
(cherry picked from commit adb9d3b15240bc8272cfb023beee9e035df4027b)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 6cf635da18b..3763dba1559 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -1,9 +1,9 @@
{
"4.14": {
"extra": "-hardened1",
- "name": "linux-hardened-4.14.234-hardened1.patch",
- "sha256": "1vdr3j62whc2xdy1l4imkp6axpwh7r3cjp0sgsld7l5331x19qh7",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.234-hardened1/linux-hardened-4.14.234-hardened1.patch"
+ "name": "linux-hardened-4.14.235-hardened1.patch",
+ "sha256": "0m49pg27pnp6kwkbawg0fw3lzm5nchqjhqkfgprckwgb9v5bgbcc",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.235-hardened1/linux-hardened-4.14.235-hardened1.patch"
},
"4.19": {
"extra": "-hardened1",
From 6bec4b45c627316ca03ab6740d4316e9eca76425 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:12:00 +0200
Subject: [PATCH 16/64] linux/hardened/patches/4.19: 4.19.192-hardened1 ->
4.19.193-hardened1
(cherry picked from commit ac9d2af41f3ca372d50719225f7e029321312e46)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 3763dba1559..5f3e94213b7 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -7,9 +7,9 @@
},
"4.19": {
"extra": "-hardened1",
- "name": "linux-hardened-4.19.192-hardened1.patch",
- "sha256": "0gy4h73ygiqr6c9zbmfz4as18ldcnnzgc4qd2nss08m2x1cb1n76",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.192-hardened1/linux-hardened-4.19.192-hardened1.patch"
+ "name": "linux-hardened-4.19.193-hardened1.patch",
+ "sha256": "0r2rxl08x2l1yimaqksrc79s36rnp77xm5in9cvp7ff24y9r9g0j",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.193-hardened1/linux-hardened-4.19.193-hardened1.patch"
},
"5.10": {
"extra": "-hardened1",
From 961ffc28db82aad1c9ecc794a4cee4fcc869fcbe Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:12:01 +0200
Subject: [PATCH 17/64] linux/hardened/patches/5.10: 5.10.40-hardened1 ->
5.10.42-hardened1
(cherry picked from commit 9395f64db2e9e8b7c8bd72e0aa91490428b83969)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 5f3e94213b7..cd1c85c69bc 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -13,9 +13,9 @@
},
"5.10": {
"extra": "-hardened1",
- "name": "linux-hardened-5.10.40-hardened1.patch",
- "sha256": "15nprqyw9whqghpnr39wpn54snxz49wdr4dq41dbmmqmrrlfyxnr",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.40-hardened1/linux-hardened-5.10.40-hardened1.patch"
+ "name": "linux-hardened-5.10.42-hardened1.patch",
+ "sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch"
},
"5.11": {
"extra": "-hardened1",
From fd3156d46f1136d83a31646764b82664c421a4bb Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:12:03 +0200
Subject: [PATCH 18/64] linux/hardened/patches/5.12: 5.12.7-hardened1 ->
5.12.9-hardened1
(cherry picked from commit 405b66f9773fee406e1d05843e5b52d26daa4c59)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index cd1c85c69bc..271ca09d380 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -25,9 +25,9 @@
},
"5.12": {
"extra": "-hardened1",
- "name": "linux-hardened-5.12.7-hardened1.patch",
- "sha256": "1r8bf8hrxpzyxqcy3zf1m86bfi0lr4aijbrq12sqb7n2g1wc1j87",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.7-hardened1/linux-hardened-5.12.7-hardened1.patch"
+ "name": "linux-hardened-5.12.9-hardened1.patch",
+ "sha256": "08ijifhl8sl858ik32ny47h7pq0r160sv55a07igkbhrh60arfqa",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.9-hardened1/linux-hardened-5.12.9-hardened1.patch"
},
"5.4": {
"extra": "-hardened1",
From a01a6485435704fa38efc70d3546f12b9dbacd36 Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Mon, 7 Jun 2021 20:12:05 +0200
Subject: [PATCH 19/64] linux/hardened/patches/5.4: 5.4.122-hardened1 ->
5.4.124-hardened1
(cherry picked from commit 598dadab6ee7552d429db1e25a8379b4d5a518c5)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 271ca09d380..028bdbda3f2 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -31,8 +31,8 @@
},
"5.4": {
"extra": "-hardened1",
- "name": "linux-hardened-5.4.122-hardened1.patch",
- "sha256": "1wa3h18gwgn4blkidf8mlw3r0nb2asya5rbwylghq3qnaa2hc0k7",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.122-hardened1/linux-hardened-5.4.122-hardened1.patch"
+ "name": "linux-hardened-5.4.124-hardened1.patch",
+ "sha256": "1bn7fa09kzgv6v9d3gl66l8wg6z23chjhk6g219cqb7mfd4m5ykl",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.124-hardened1/linux-hardened-5.4.124-hardened1.patch"
}
}
From 48b5af66d9e89e9db4b427720f52fcd7beb76d3e Mon Sep 17 00:00:00 2001
From: Yurii Matsiuk <ymatsiuk@users.noreply.github.com>
Date: Tue, 8 Jun 2021 16:22:28 +0200
Subject: [PATCH 20/64] linux: remove 5.11
(cherry picked from commit 73f7db3ecd9f2ca744ed82d7bfc954601c591350)
---
.../linux/kernel/hardened/patches.json | 6 ------
pkgs/os-specific/linux/kernel/linux-5.11.nix | 20 -------------------
pkgs/os-specific/linux/kernel/linux-lqx.nix | 8 ++++----
pkgs/os-specific/linux/kernel/linux-zen.nix | 8 ++++----
pkgs/top-level/all-packages.nix | 10 +---------
5 files changed, 9 insertions(+), 43 deletions(-)
delete mode 100644 pkgs/os-specific/linux/kernel/linux-5.11.nix
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 028bdbda3f2..bb668a6e904 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -17,12 +17,6 @@
"sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix",
"url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch"
},
- "5.11": {
- "extra": "-hardened1",
- "name": "linux-hardened-5.11.22-hardened1.patch",
- "sha256": "1lwf56pxyzqzjqw4k1qd93vi44abmbz6hqbalamz6ancxkb800hh",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.11.22-hardened1/linux-hardened-5.11.22-hardened1.patch"
- },
"5.12": {
"extra": "-hardened1",
"name": "linux-hardened-5.12.9-hardened1.patch",
diff --git a/pkgs/os-specific/linux/kernel/linux-5.11.nix b/pkgs/os-specific/linux/kernel/linux-5.11.nix
deleted file mode 100644
index e6a8aef650b..00000000000
--- a/pkgs/os-specific/linux/kernel/linux-5.11.nix
+++ /dev/null
@@ -1,20 +0,0 @@
-{ lib, buildPackages, fetchurl, perl, buildLinux, nixosTests, modDirVersionArg ? null, ... } @ args:
-
-with lib;
-
-buildLinux (args // rec {
- version = "5.11.22";
-
- # modDirVersion needs to be x.y.z, will automatically add .0 if needed
- modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
-
- # branchVersion needs to be x.y
- extraMeta.branch = versions.majorMinor version;
-
- src = fetchurl {
- url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "003nlphkqish6l4xblhi369v4qv2zck7529prkdnx4gb2ihpq0hi";
- };
-
- kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_11 ];
-} // (args.argsOverride or {}))
diff --git a/pkgs/os-specific/linux/kernel/linux-lqx.nix b/pkgs/os-specific/linux/kernel/linux-lqx.nix
index 4bc5cee4444..609dc494c69 100644
--- a/pkgs/os-specific/linux/kernel/linux-lqx.nix
+++ b/pkgs/os-specific/linux/kernel/linux-lqx.nix
@@ -1,7 +1,7 @@
{ lib, fetchFromGitHub, buildLinux, linux_zen, ... } @ args:
let
- version = "5.11.21";
+ version = "5.12.9";
suffix = "lqx1";
in
@@ -14,13 +14,13 @@ buildLinux (args // {
owner = "zen-kernel";
repo = "zen-kernel";
rev = "v${version}-${suffix}";
- sha256 = "1klvik8nrqsqi5ijnga1li4gacsknmap75g2zp8f3hd3hz18d5n1";
+ sha256 = "sha256-qmX66nz+gVOt1RGsUT9fA3wPUT7I9Z4jhxpybP0I8Cw=";
};
extraMeta = {
- branch = "5.10/master";
+ branch = "5.12/master";
maintainers = with lib.maintainers; [ atemu ];
description = linux_zen.meta.description + " (Same as linux_zen but less aggressive release schedule)";
};
-} // (args.argsOverride or {}))
+} // (args.argsOverride or { }))
diff --git a/pkgs/os-specific/linux/kernel/linux-zen.nix b/pkgs/os-specific/linux/kernel/linux-zen.nix
index b28400819d5..47e72a61c18 100644
--- a/pkgs/os-specific/linux/kernel/linux-zen.nix
+++ b/pkgs/os-specific/linux/kernel/linux-zen.nix
@@ -1,7 +1,7 @@
{ lib, fetchFromGitHub, buildLinux, ... } @ args:
let
- version = "5.11.16";
+ version = "5.12.9";
suffix = "zen1";
in
@@ -14,13 +14,13 @@ buildLinux (args // {
owner = "zen-kernel";
repo = "zen-kernel";
rev = "v${version}-${suffix}";
- sha256 = "0jyicnpqccn194jrm1mc4zq0cil7ls9l57ws3nv783vlk7b0k3gv";
+ sha256 = "sha256-Sbe7pY/htLRRx5Qs78BpEzNCSIEsnZMj1+bkAftZdbQ=";
};
extraMeta = {
- branch = "5.10/master";
+ branch = "5.12/master";
maintainers = with lib.maintainers; [ atemu andresilva ];
description = "Built using the best configuration and kernel sources for desktop, multimedia, and gaming workloads.";
};
-} // (args.argsOverride or {}))
+} // (args.argsOverride or { }))
diff --git a/pkgs/top-level/all-packages.nix b/pkgs/top-level/all-packages.nix
index a161dee933f..2ce87c6e10c 100644
--- a/pkgs/top-level/all-packages.nix
+++ b/pkgs/top-level/all-packages.nix
@@ -20394,13 +20394,6 @@ in
];
};
- linux_5_11 = callPackage ../os-specific/linux/kernel/linux-5.11.nix {
- kernelPatches = [
- kernelPatches.bridge_stp_helper
- kernelPatches.request_key_helper
- ];
- };
-
linux_5_12 = callPackage ../os-specific/linux/kernel/linux-5.12.nix {
kernelPatches = [
kernelPatches.bridge_stp_helper
@@ -20712,7 +20705,6 @@ in
linuxPackages_4_19 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_4_19);
linuxPackages_5_4 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_4);
linuxPackages_5_10 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_10);
- linuxPackages_5_11 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_11);
linuxPackages_5_12 = recurseIntoAttrs (linuxPackagesFor pkgs.linux_5_12);
# When adding to the list above:
@@ -20746,7 +20738,7 @@ in
# Hardened Linux
hardenedLinuxPackagesFor = kernel': overrides:
let # Note: We use this hack since the hardened patches can lag behind and we don't want to delay updates:
- linux_latest_for_hardened = pkgs.linux_5_11;
+ linux_latest_for_hardened = pkgs.linux_5_12;
kernel = (if kernel' == pkgs.linux_latest then linux_latest_for_hardened else kernel').override overrides;
in linuxPackagesFor (kernel.override {
structuredExtraConfig = import ../os-specific/linux/kernel/hardened/config.nix {
From b3ec6fd9592a4285bf9e369c7f3bdacdd39220b3 Mon Sep 17 00:00:00 2001
From: Natan Lao <natanlao@users.noreply.github.com>
Date: Tue, 8 Jun 2021 16:46:45 -0700
Subject: [PATCH 21/64] nixos/nvidia: fix hardware.nvidia.package example
(cherry picked from commit 86a31cc9719ed409d523d4f738aa2a994d79ff9e)
---
nixos/modules/hardware/video/nvidia.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/nixos/modules/hardware/video/nvidia.nix b/nixos/modules/hardware/video/nvidia.nix
index 97accc7b99a..2be9da8f42a 100644
--- a/nixos/modules/hardware/video/nvidia.nix
+++ b/nixos/modules/hardware/video/nvidia.nix
@@ -92,7 +92,7 @@ in
example = "PCI:4:0:0";
description = ''
Bus ID of the AMD APU. You can find it using lspci; for example if lspci
- shows the AMD APU at "04:00.0", set this option to "PCI:4:0:0".
+ shows the AMD APU at "04:00.0", set this option to "PCI:4:0:0".
'';
};
@@ -159,7 +159,7 @@ in
description = ''
The NVIDIA X11 derivation to use.
'';
- example = "config.boot.kernelPackages.nvidiaPackages.legacy340";
+ example = "config.boot.kernelPackages.nvidiaPackages.legacy_340";
};
};
From 60cce7e5e1fdf62421ef6d4184ee399b46209366 Mon Sep 17 00:00:00 2001
From: Daniel Nagy <danielnagy@posteo.de>
Date: Tue, 8 Jun 2021 18:30:49 +0200
Subject: [PATCH 22/64] blender: add libharu as dependency
This allows to export Grease Pencil drawings as pdfs. For more
information, see:
https://wiki.blender.org/wiki/Reference/Release_Notes/2.93/Grease_Pencil
https://developer.blender.org/rBa8a92cd15a52
(cherry picked from commit d847851a3719ebc53c653250f808905d496aafc1)
---
pkgs/applications/misc/blender/default.nix | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/pkgs/applications/misc/blender/default.nix b/pkgs/applications/misc/blender/default.nix
index cf5ede1c7fe..305ab891713 100644
--- a/pkgs/applications/misc/blender/default.nix
+++ b/pkgs/applications/misc/blender/default.nix
@@ -12,7 +12,7 @@
, pugixml, llvmPackages, SDL, Cocoa, CoreGraphics, ForceFeedback, OpenAL, OpenGL
, potrace
, openxr-loader
-, embree, gmp
+, embree, gmp, libharu
}:
with lib;
@@ -48,6 +48,7 @@ stdenv.mkDerivation rec {
gmp
pugixml
potrace
+ libharu
]
++ (if (!stdenv.isDarwin) then [
libXi libX11 libXext libXrender
From 3993e891e481e69f78f879a0c44456adda92f78c Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Wed, 9 Jun 2021 11:39:53 +0200
Subject: [PATCH 23/64] nixos/tests/kernel-generic: fix evaluation
The test doesn't evaluate since #125469 because Linux 5.11 got removed
as it's EOL.
As this fixes the evaluation of the test and it only removes a
declaration that was apparently forgotten, I figured that a push to
unbreak the test is fine.
(cherry picked from commit 10eab5b6b3d1d38ffd3594fa6e4be13924dafd15)
---
nixos/tests/kernel-generic.nix | 1 -
1 file changed, 1 deletion(-)
diff --git a/nixos/tests/kernel-generic.nix b/nixos/tests/kernel-generic.nix
index a300609cf2b..cb23bb2fc2d 100644
--- a/nixos/tests/kernel-generic.nix
+++ b/nixos/tests/kernel-generic.nix
@@ -31,7 +31,6 @@ with pkgs; {
linux_4_19 = makeKernelTest "4.19" linuxPackages_4_19;
linux_5_4 = makeKernelTest "5.4" linuxPackages_5_4;
linux_5_10 = makeKernelTest "5.10" linuxPackages_5_10;
- linux_5_11 = makeKernelTest "5.11" linuxPackages_5_11;
linux_5_12 = makeKernelTest "5.12" linuxPackages_5_12;
linux_testing = makeKernelTest "testing" linuxPackages_testing;
From 8d0c4b749dc38a47751a01749482fbfdd9ed83ac Mon Sep 17 00:00:00 2001
From: Thiago Kenji Okada <thiagokokada@gmail.com>
Date: Mon, 7 Jun 2021 20:11:08 -0300
Subject: [PATCH 24/64] opentabletdriver: 0.5.3.1 -> 0.5.3.2
(cherry picked from commit 4211a977d4cd4a74652b8117ca6d45675824cc35)
---
pkgs/tools/X11/opentabletdriver/default.nix | 6 ++--
pkgs/tools/X11/opentabletdriver/deps.nix | 37 ++++++++++++---------
2 files changed, 24 insertions(+), 19 deletions(-)
diff --git a/pkgs/tools/X11/opentabletdriver/default.nix b/pkgs/tools/X11/opentabletdriver/default.nix
index 5128e4d30ca..2d1ce4a4e33 100644
--- a/pkgs/tools/X11/opentabletdriver/default.nix
+++ b/pkgs/tools/X11/opentabletdriver/default.nix
@@ -23,18 +23,18 @@
stdenv.mkDerivation rec {
pname = "OpenTabletDriver";
- version = "0.5.3.1";
+ version = "0.5.3.2";
src = fetchFromGitHub {
owner = "InfinityGhost";
repo = "OpenTabletDriver";
rev = "v${version}";
- sha256 = "OT8/c+6wNpZyq/q7uMxIqmyJKNAq0B4ynEAqFF0GWyo=";
+ sha256 = "qRc/9Edp3x7/XVEWgBbPush76MSQz4biYSk+E9Gt68w=";
};
debPkg = fetchurl {
url = "https://github.com/InfinityGhost/OpenTabletDriver/releases/download/v${version}/OpenTabletDriver.deb";
- sha256 = "0nm0v1xhphl6g6rz3li4rbdp7408g6sf9l4nh3mbbif5042xa0qh";
+ sha256 = "14k06iyc642x42yadyfmmf8ky84y8rc6kgd63b4ipskkcxyl1gvl";
};
nativeBuildInputs = [
diff --git a/pkgs/tools/X11/opentabletdriver/deps.nix b/pkgs/tools/X11/opentabletdriver/deps.nix
index 041795596b1..45ded855587 100644
--- a/pkgs/tools/X11/opentabletdriver/deps.nix
+++ b/pkgs/tools/X11/opentabletdriver/deps.nix
@@ -1,43 +1,48 @@
{ fetchNuGet }: [
(fetchNuGet {
name = "AtkSharp";
- version = "3.22.25.74";
- sha256 = "04zjpjrddw5clac0mjpk0q00rbmv45bh1bsqa4s3pc5pb7fm9cd9";
+ version = "3.24.24.34";
+ sha256 = "1jn1vgi9xm0jp7769k6sbdi8d273kigjrsh93i6s4c03hqxv7cqs";
})
(fetchNuGet {
name = "CairoSharp";
- version = "3.22.25.74";
- sha256 = "0sx7vmwcrfbkg3g887v051iklcdmdhh43ndp96nk4bccjimmmwl6";
+ version = "3.24.24.34";
+ sha256 = "0pydn1k0cam1gclg9sc1sbnmbyzh28qlc5qanyxcylwghink3kgz";
})
(fetchNuGet {
name = "Eto.Forms";
version = "2.5.10";
sha256 = "1d71wglk4ixfqfbm6sxmj753x5iwbar8i9zzjy3bh64fy1dn8lz7";
})
+ (fetchNuGet {
+ name = "Eto.Forms";
+ version = "2.5.11";
+ sha256 = "0h86jc19wy3ssj7pb34w1h02v92mg29gdipszwjs3y15piy66z3s";
+ })
(fetchNuGet {
name = "Eto.Platform.Gtk";
- version = "2.5.10";
- sha256 = "1pkqvlfx7bzracnw19bl50i9jg4ym376vihmy9qq7m5z5nfdqn4g";
+ version = "2.5.11";
+ sha256 = "1s9njz7l9zghrbzli7lbiav5ss3glqf17npj07f3jldd933nb95j";
})
(fetchNuGet {
name = "GdkSharp";
- version = "3.22.25.74";
- sha256 = "07sdfvqk2jmyjj7fyd0mikhnzsk52zd3g2dhip8kz3006cczqm81";
+ version = "3.24.24.34";
+ sha256 = "0r0x0yib7chwsyrbpvicrfwldwqx5lyqq4p86zaxpmzd6zdaj0x5";
})
(fetchNuGet {
name = "GioSharp";
- version = "3.22.25.74";
- sha256 = "01l4216bm5jxbxypkkq4d2527c6zd68kbywr3h1lr1darc9nf1d1";
+ version = "3.24.24.34";
+ sha256 = "02hxvgjd4w9jpzbkk7qf9q9bkvyp5hfzwxfqp10vg5lpl9yl3xpx";
})
(fetchNuGet {
name = "GLibSharp";
- version = "3.22.25.74";
- sha256 = "0k2p79z4wcswi528v0ykc37rsqfqi6xd6pl0j4csdj9zf19svgx2";
+ version = "3.24.24.34";
+ sha256 = "0kvp033fgdwc8p2abfp5z9pzq66cvwbnjfvr4v4bkpy5s5h181kq";
})
(fetchNuGet {
name = "GtkSharp";
- version = "3.22.25.74";
- sha256 = "0vazfvkjyzppcynqa1h70s1jmp4vq2j30v5x2scg8n2c5dxaj0k3";
+ version = "3.24.24.34";
+ sha256 = "0028hzmmqyfx87qqmaf9cgb5psn7gkbmqvixcid67x1d6mzxjicb";
})
(fetchNuGet {
name = "HidSharpCore";
@@ -126,8 +131,8 @@
})
(fetchNuGet {
name = "PangoSharp";
- version = "3.22.25.74";
- sha256 = "172i1hjpz4rgqlilir8a57kgmciw9x0shz4zwbhhlr59mndvqbih";
+ version = "3.24.24.34";
+ sha256 = "1r0h14cklglfpv1lhv93cxmzi2w7d5s03gzpq3j5dmrz43flg9zw";
})
(fetchNuGet {
name = "runtime.debian.8-x64.runtime.native.System.Security.Cryptography.OpenSsl";
From 0647103d181a7c73caa9aacce4b80b3beafb6419 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Tue, 8 Jun 2021 20:29:28 +0200
Subject: [PATCH 25/64] firefox: use nss without p11-kit
Quickfix to allow firefox to recognize certificates as trusted by
Mozilla.
Related: #126065
(cherry picked from commit 42e25d855fa959b7832fbdbc0a384294460d9258)
---
pkgs/applications/networking/browsers/firefox/common.nix | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/pkgs/applications/networking/browsers/firefox/common.nix b/pkgs/applications/networking/browsers/firefox/common.nix
index 62e641280b6..51a671cb198 100644
--- a/pkgs/applications/networking/browsers/firefox/common.nix
+++ b/pkgs/applications/networking/browsers/firefox/common.nix
@@ -122,7 +122,9 @@ let
then overrideCC stdenv llvmPackages.clangUseLLVM
else stdenv;
- nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss;
+ # Disable p11-kit support in nss until our cacert packages has caught up exposing CKA_NSS_MOZILLA_CA_POLICY
+ # https://github.com/NixOS/nixpkgs/issues/126065
+ nss_pkg = if lib.versionOlder ffversion "83" then nss_3_53 else nss.override { useP11kit = false; };
# --enable-release adds -ffunction-sections & LTO that require a big amount of
# RAM and the 32-bit memory space cannot handle that linking
From e9434d6728495be25023cc014d25bd9036eddd06 Mon Sep 17 00:00:00 2001
From: Martin Weinelt <hexa@darmstadt.ccc.de>
Date: Wed, 9 Jun 2021 00:32:53 +0200
Subject: [PATCH 26/64] nixos/tests/custom-ca: disable firefox test integration
Firefox has been decoupled from the system certificate store since the
nss p11-kit integration in combination with our cacert package does not
expose CKA_NSS_MOZILLA_CA_POLICY, which among other things is required
for addon updates.
(cherry picked from commit 2d4ed9bae6f9c80d75cf5ef18ccdac85cf889ff3)
---
nixos/tests/custom-ca.nix | 20 +++++++++++++++++---
1 file changed, 17 insertions(+), 3 deletions(-)
diff --git a/nixos/tests/custom-ca.nix b/nixos/tests/custom-ca.nix
index 7ce1101911d..26f29a3e68f 100644
--- a/nixos/tests/custom-ca.nix
+++ b/nixos/tests/custom-ca.nix
@@ -107,8 +107,15 @@ in
'';
};
- environment.systemPackages = with pkgs;
- [ xdotool firefox chromium falkon midori ];
+ environment.systemPackages = with pkgs; [
+ xdotool
+ # Firefox was disabled here, because we needed to disable p11-kit support in nss,
+ # which is why it will not use the system certificate store for the time being.
+ # firefox
+ chromium
+ falkon
+ midori
+ ];
};
testScript = ''
@@ -145,7 +152,14 @@ in
with subtest("Unknown CA is untrusted in curl"):
machine.fail("curl -fv https://bad.example.com")
- browsers = ["firefox", "chromium", "falkon", "midori"]
+ browsers = [
+ # Firefox was disabled here, because we needed to disable p11-kit support in nss,
+ # which is why it will not use the system certificate store for the time being.
+ # "firefox",
+ "chromium",
+ "falkon",
+ "midori"
+ ]
errors = ["Security Risk", "not private", "Certificate Error", "Security"]
machine.wait_for_x()
From d69ca2fb5042c84c41666d4933ea1662f8cd75e7 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Wed, 9 Jun 2021 11:59:41 +0200
Subject: [PATCH 27/64] signal-desktop: 5.4.0 -> 5.4.1
(cherry picked from commit 6a11eafbc9eede9d6f981a8d1b52fae7ccc2591b)
---
.../networking/instant-messengers/signal-desktop/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
index 19469783629..01e68e7753b 100644
--- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
+++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix
@@ -25,7 +25,7 @@ let
else "");
in stdenv.mkDerivation rec {
pname = "signal-desktop";
- version = "5.4.0"; # Please backport all updates to the stable channel.
+ version = "5.4.1"; # Please backport all updates to the stable channel.
# All releases have a limited lifetime and "expire" 90 days after the release.
# When releases "expire" the application becomes unusable until an update is
# applied. The expiration date for the current release can be extracted with:
@@ -35,7 +35,7 @@ in stdenv.mkDerivation rec {
src = fetchurl {
url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb";
- sha256 = "046xy033ars70ay5ryj39i5053py00xj92ajdg212pamq415z1zb";
+ sha256 = "1f1narpqj8gcyi4r574nqm1cbyi3azk1y7d1j300scr51gk74fq6";
};
nativeBuildInputs = [
From 93b972e2bbc29f55852a8be09ffef247a7078512 Mon Sep 17 00:00:00 2001
From: Zane van Iperen <zane@zanevaniperen.com>
Date: Wed, 9 Jun 2021 19:59:20 +1000
Subject: [PATCH 28/64] arc-theme: restore metacity theme
Fixes theme usage on MATE.
(cherry picked from commit 6aa70348df2073f117ac7de42fb7f957ad3443ab)
---
pkgs/data/themes/arc/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/data/themes/arc/default.nix b/pkgs/data/themes/arc/default.nix
index 630d928e602..ea2362c0529 100644
--- a/pkgs/data/themes/arc/default.nix
+++ b/pkgs/data/themes/arc/default.nix
@@ -46,7 +46,7 @@ stdenv.mkDerivation rec {
'';
mesonFlags = [
- "-Dthemes=cinnamon,gnome-shell,gtk2,gtk3,plank,xfwm"
+ "-Dthemes=cinnamon,gnome-shell,gtk2,gtk3,plank,xfwm,metacity"
"-Dvariants=light,darker,dark,lighter"
"-Dcinnamon_version=${cinnamon.cinnamon-common.version}"
"-Dgnome_shell_version=${gnome.gnome-shell.version}"
From ed2781ec6020e04442c63e14d860115273d72818 Mon Sep 17 00:00:00 2001
From: Thomas Gerbet <thomas@gerbet.me>
Date: Thu, 10 Jun 2021 08:28:07 +0200
Subject: [PATCH 29/64] phpPackages.composer: 2.1.2 -> 2.1.3
https://github.com/composer/composer/releases/tag/2.1.3
(cherry picked from commit 2db2aa2b957dd121dbe9fdb743fdd2a6c0df8586)
---
pkgs/development/php-packages/composer/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/php-packages/composer/default.nix b/pkgs/development/php-packages/composer/default.nix
index 23efc987a38..ff7aead0f90 100644
--- a/pkgs/development/php-packages/composer/default.nix
+++ b/pkgs/development/php-packages/composer/default.nix
@@ -1,14 +1,14 @@
{ mkDerivation, fetchurl, makeWrapper, unzip, lib, php }:
let
pname = "composer";
- version = "2.1.2";
+ version = "2.1.3";
in
mkDerivation {
inherit pname version;
src = fetchurl {
url = "https://getcomposer.org/download/${version}/composer.phar";
- sha256 = "0gd4hxkxdds3nxpbcd38chrkijha31p6nygdq3f73mbb984h3v1d";
+ sha256 = "04ad2zsnf8qi6hzs9sak6y8xxyx8l0f7crmcimnp7nn8vsc2x9zq";
};
dontUnpack = true;
From 450dd077e4c140fb077d1496293ff0dfeb9e5c01 Mon Sep 17 00:00:00 2001
From: OPNA2608 <christoph.neidahl@gmail.com>
Date: Thu, 10 Jun 2021 09:13:16 +0200
Subject: [PATCH 30/64] palemoon: 29.2.0 -> 29.2.1
(cherry picked from commit dc30d972bbaceb89fe3cd473f708e8071c70294c)
---
.../networking/browsers/palemoon/default.nix | 22 ++++++++++++-------
1 file changed, 14 insertions(+), 8 deletions(-)
diff --git a/pkgs/applications/networking/browsers/palemoon/default.nix b/pkgs/applications/networking/browsers/palemoon/default.nix
index 63f1958f4a6..e1352c9f336 100644
--- a/pkgs/applications/networking/browsers/palemoon/default.nix
+++ b/pkgs/applications/networking/browsers/palemoon/default.nix
@@ -1,6 +1,3 @@
-# Compiler in stdenv MUST be a supported one for official branding
-# See https://developer.palemoon.org/build/linux/
-# TODO assert if stdenv.cc is supported?
{ stdenv
, lib
, fetchFromGitHub
@@ -37,6 +34,15 @@
, gtk3
}:
+# Only specific GCC versions are supported with branding
+# https://developer.palemoon.org/build/linux/
+assert stdenv.cc.isGNU;
+assert with lib.strings; (
+ versionAtLeast stdenv.cc.version "4.9"
+ && !hasPrefix "6" stdenv.cc.version
+ && versionOlder stdenv.cc.version "11"
+);
+
let
libPath = lib.makeLibraryPath [
ffmpeg
@@ -46,14 +52,14 @@ let
in
stdenv.mkDerivation rec {
pname = "palemoon";
- version = "29.2.0";
+ version = "29.2.1";
src = fetchFromGitHub {
githubBase = "repo.palemoon.org";
owner = "MoonchildProductions";
repo = "Pale-Moon";
rev = "${version}_Release";
- sha256 = "0pa9j41bbfarwi60a6hxi5vpn52mwgr4p05l98acv4fcs1ccb427";
+ sha256 = "0djjl79jrnny16p32db5w7pwwv0a24dc8mg1s1bnavhlvmmk52vq";
fetchSubmodules = true;
};
@@ -142,7 +148,6 @@ stdenv.mkDerivation rec {
ac_add_options --enable-jemalloc
ac_add_options --enable-strip
ac_add_options --enable-devtools
- # Missing from build instructions, https://forum.palemoon.org/viewtopic.php?f=5&t=25843#p214767
ac_add_options --enable-av1
ac_add_options --disable-eme
@@ -188,7 +193,7 @@ stdenv.mkDerivation rec {
./mach install
# Fix missing icon due to wrong WMClass
- # TODO report upstream
+ # https://forum.palemoon.org/viewtopic.php?f=3&t=26746&p=214221#p214221
substituteInPlace ./palemoon/branding/official/palemoon.desktop \
--replace 'StartupWMClass="pale moon"' 'StartupWMClass=Pale moon'
desktop-file-install --dir=$out/share/applications \
@@ -202,7 +207,7 @@ stdenv.mkDerivation rec {
done
# Remove unneeded SDK data from installation
- # TODO: move to a separate output?
+ # https://forum.palemoon.org/viewtopic.php?f=37&t=26796&p=214676#p214729
rm -rf $out/{include,share/idl,lib/palemoon-devel-${version}}
runHook postInstall
@@ -231,6 +236,7 @@ stdenv.mkDerivation rec {
extensions and themes to make the browser truly your own.
'';
homepage = "https://www.palemoon.org/";
+ changelog = "https://repo.palemoon.org/MoonchildProductions/Pale-Moon/releases/tag/${version}_Release";
license = licenses.mpl20;
maintainers = with maintainers; [ AndersonTorres OPNA2608 ];
platforms = [ "i686-linux" "x86_64-linux" ];
From 313740d907cf6383f6f97543757f9fccf7ebb840 Mon Sep 17 00:00:00 2001
From: Stig Brautaset <stig@circleci.com>
Date: Wed, 9 Jun 2021 10:03:12 +0100
Subject: [PATCH 31/64] aws-iam-authenticator: 0.5.2 -> 0.5.3
I had to work around inconsistent vendoring; see
https://github.com/kubernetes-sigs/aws-iam-authenticator/issues/377
(cherry picked from commit 38e40a73fe3787728c4e2ded6bc2483fb81838df)
---
pkgs/tools/security/aws-iam-authenticator/default.nix | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/pkgs/tools/security/aws-iam-authenticator/default.nix b/pkgs/tools/security/aws-iam-authenticator/default.nix
index f0eda76821d..d9f4f4a0173 100644
--- a/pkgs/tools/security/aws-iam-authenticator/default.nix
+++ b/pkgs/tools/security/aws-iam-authenticator/default.nix
@@ -2,16 +2,18 @@
buildGoModule rec {
pname = "aws-iam-authenticator";
- version = "0.5.2";
+ version = "0.5.3";
src = fetchFromGitHub {
owner = "kubernetes-sigs";
repo = pname;
rev = "v${version}";
- sha256 = "1xfc3a0dik4930va30sbl6687v6i5irv96fwis9lrqh5rjqnblqp";
+ sha256 = "0ga3vf5gn7533iqnxn7kchb6xg5wvk92livlqzkhi5qvqhl1sbw0";
};
- vendorSha256 = null;
+ # Upstream has inconsistent vendoring, see https://github.com/kubernetes-sigs/aws-iam-authenticator/issues/377
+ deleteVendor = true;
+ vendorSha256 = "+Z8sENIMWXP29Piwb/W6i7UdNXVq6ZnO7AZbSaUYCME=";
buildFlagsArray = [ "-ldflags=-s -w -X main.version=v${version}" ];
From 02dc0c404eb0c226481ce778cd428dbd6d037d5f Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Sun, 23 May 2021 06:31:16 +0000
Subject: [PATCH 32/64] bemenu: 0.6.0 -> 0.6.1
(cherry picked from commit 4e8c42184f98731fbb564ade4184a4fdffe0f348)
---
pkgs/applications/misc/bemenu/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/misc/bemenu/default.nix b/pkgs/applications/misc/bemenu/default.nix
index c61b8b60101..eaad132de92 100644
--- a/pkgs/applications/misc/bemenu/default.nix
+++ b/pkgs/applications/misc/bemenu/default.nix
@@ -11,13 +11,13 @@ assert x11Support -> xorg != null;
stdenv.mkDerivation rec {
pname = "bemenu";
- version = "0.6.0";
+ version = "0.6.1";
src = fetchFromGitHub {
owner = "Cloudef";
repo = pname;
rev = version;
- sha256 = "sha256-yhUc1r7HulOUQvH7fLXaoJa0mKxJwyC3y59pnJcHUpk=";
+ sha256 = "sha256-UdsfIXlKfXmsrFwrerX1wfne4mdtd69WXnXu3EmxCBY=";
};
nativeBuildInputs = [ pkg-config pcre ];
From cd90d41ea47f0c45cd171cc22a778f9876259420 Mon Sep 17 00:00:00 2001
From: "R. RyanTM" <ryantm-bot@ryantm.com>
Date: Wed, 9 Jun 2021 02:28:20 +0000
Subject: [PATCH 33/64] bemenu: 0.6.1 -> 0.6.2
(cherry picked from commit 11925bdc3244ae4f1c0d18e5a0b9ddc55d9ab562)
---
pkgs/applications/misc/bemenu/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/misc/bemenu/default.nix b/pkgs/applications/misc/bemenu/default.nix
index eaad132de92..371bb3a3ef9 100644
--- a/pkgs/applications/misc/bemenu/default.nix
+++ b/pkgs/applications/misc/bemenu/default.nix
@@ -11,13 +11,13 @@ assert x11Support -> xorg != null;
stdenv.mkDerivation rec {
pname = "bemenu";
- version = "0.6.1";
+ version = "0.6.2";
src = fetchFromGitHub {
owner = "Cloudef";
repo = pname;
rev = version;
- sha256 = "sha256-UdsfIXlKfXmsrFwrerX1wfne4mdtd69WXnXu3EmxCBY=";
+ sha256 = "sha256-2xmi/Mh5iU50yc2R1x1yzP8Xaz+mUgLnH73tAeLwxI8=";
};
nativeBuildInputs = [ pkg-config pcre ];
From 8b1de204e5b272e93e4b6c912ae6a21d61cd89ab Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Wed, 9 Jun 2021 10:42:09 +0200
Subject: [PATCH 34/64] vorta: 0.7.5 -> 0.7.6
ChangeLog: https://github.com/borgbase/vorta/releases/tag/v0.7.6
(cherry picked from commit 7e6776d373e613566f61eccc0be86b1a8f43af8c)
---
pkgs/applications/backup/vorta/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/backup/vorta/default.nix b/pkgs/applications/backup/vorta/default.nix
index fc56d6c5400..4cb21e5267d 100644
--- a/pkgs/applications/backup/vorta/default.nix
+++ b/pkgs/applications/backup/vorta/default.nix
@@ -7,13 +7,13 @@
python3.pkgs.buildPythonApplication rec {
pname = "vorta";
- version = "0.7.5";
+ version = "0.7.6";
src = fetchFromGitHub {
owner = "borgbase";
repo = "vorta";
rev = "v${version}";
- sha256 = "sha256-qPO8qmXYDDFwV+8hAUyfF4Ins0vkwEJbw4JPguUSYOw=";
+ sha256 = "sha256-bzhabRVgl1eLTS4KtFkn4xw2KDTZJyFU6zCJdHW5IGE=";
};
postPatch = ''
From 180983e6efe180d08f13eab7702d1bc90ff657af Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Tue, 25 May 2021 11:21:14 +0200
Subject: [PATCH 35/64] chromiumBeta: 91.0.4472.69 -> 91.0.4472.77
(cherry picked from commit b6f54db787c056ead0d4bd46697d0251adb3141c)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index ab0afd9b54e..c810674fc9d 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -18,9 +18,9 @@
}
},
"beta": {
- "version": "91.0.4472.69",
- "sha256": "0yqc7py5x48wqg5x90j57vp07qfc20w1j0f30rmyxbgl6v346s0z",
- "sha256bin64": "1z82i6pq4wbx44d6ij32dkappywdpaxlfp23kl3p7x4x9hv1c0yq",
+ "version": "91.0.4472.77",
+ "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5",
+ "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0",
"deps": {
"gn": {
"version": "2021-04-06",
From ddde2dd1d20c85159a2ec7adb265a9a28af65939 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Thu, 27 May 2021 11:45:06 +0200
Subject: [PATCH 36/64] chromiumDev: 92.0.4512.4 -> 92.0.4515.20
(cherry picked from commit 136addaa6e924e642669a925a323475a2d0c207e)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index c810674fc9d..995e4c9be61 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -31,9 +31,9 @@
}
},
"dev": {
- "version": "92.0.4512.4",
- "sha256": "0ycwr11bz2hlzczs6cajxn5k32m44ndhmqh86iykcbi982dj7jq2",
- "sha256bin64": "0wv29rghcbin725qbl8cq20j8w5mlcjmjaqdcr73m753dv3jv8rq",
+ "version": "92.0.4515.20",
+ "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac",
+ "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05",
"deps": {
"gn": {
"version": "2021-05-07",
From c92cc2463d59ce03157e64fc0f8e9ee4bc625fc0 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Wed, 2 Jun 2021 12:09:52 +0200
Subject: [PATCH 37/64] chromiumDev: 92.0.4515.20 -> 92.0.4515.40
(cherry picked from commit cf6496e72bb1c698c3a1516ab6b4ed0cde516cbc)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index 995e4c9be61..51674fd7941 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -31,9 +31,9 @@
}
},
"dev": {
- "version": "92.0.4515.20",
- "sha256": "0xmpmjpxr4bgy62d71ky9asxwbgnx60mrp9f1dxm9nm92dv6w0ac",
- "sha256bin64": "1la5mrh33izl7nf1rr899ljh448ckpqz2bp0vac83vb8952krm05",
+ "version": "92.0.4515.40",
+ "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p",
+ "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx",
"deps": {
"gn": {
"version": "2021-05-07",
From b60b15b4101b3fed5b1acf8995f4c17cd3cdddbc Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Fri, 4 Jun 2021 11:51:01 +0200
Subject: [PATCH 38/64] chromiumBeta: 91.0.4472.77 -> 92.0.4515.40
(cherry picked from commit c6890330f5bb19cf561bf9e0dfc8119766be5aed)
---
.../networking/browsers/chromium/upstream-info.json | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index 51674fd7941..c66d89d4bb4 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -18,15 +18,15 @@
}
},
"beta": {
- "version": "91.0.4472.77",
- "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5",
- "sha256bin64": "1fmarrvkvfj0hgnz4qqx7b45pwkdpagfj2s2hznnanq5q5p9vay0",
+ "version": "92.0.4515.40",
+ "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p",
+ "sha256bin64": "0i3plysx51n2gsm5vbf9666rz73pqbbns7v09wznbbncvw9zngrf",
"deps": {
"gn": {
- "version": "2021-04-06",
+ "version": "2021-05-07",
"url": "https://gn.googlesource.com/gn",
- "rev": "dba01723a441c358d843a575cb7720d54ddcdf92",
- "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x"
+ "rev": "39a87c0b36310bdf06b692c098f199a0d97fc810",
+ "sha256": "0x63jr5hssm9dl6la4q5ahy669k4gxvbapqxi5w32vv107jrj8v4"
}
}
},
From c15df2350d5e0d0b07339063bf040ab8d837189e Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Fri, 4 Jun 2021 11:51:10 +0200
Subject: [PATCH 39/64] chromiumDev: 92.0.4515.40 -> 93.0.4530.5
(cherry picked from commit 2c9e2b68753d89764e7ad9a47374ad541130ba84)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index c66d89d4bb4..9762bcbbe9d 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -31,9 +31,9 @@
}
},
"dev": {
- "version": "92.0.4515.40",
- "sha256": "1v0vmnzdqq7d2rqp1sam8nk7z20xg5l9lnlpqjxj30y8k37gzh8p",
- "sha256bin64": "12kfzgg0fhlrvr3ci1gzsn5rzdwr4dc2k3sj45j4dn7wnrjlpmbx",
+ "version": "93.0.4530.5",
+ "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5",
+ "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25",
"deps": {
"gn": {
"version": "2021-05-07",
From 146ff19f4f9dc3d645bd14f6411760c8a1c9e6ba Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Tue, 8 Jun 2021 20:32:02 +0200
Subject: [PATCH 40/64] chromiumDev: 93.0.4530.5 -> 93.0.4535.3
(cherry picked from commit 5915f689b452816381e9f4e8d9cbf32ece20f467)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index 9762bcbbe9d..be7a84576b3 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -31,9 +31,9 @@
}
},
"dev": {
- "version": "93.0.4530.5",
- "sha256": "0xxnn9fbwgmfk0zz5an35na1zprhas487pbg2qpgg76g50zxnsx5",
- "sha256bin64": "14fzmfhaiish91byg7knr9nf2cigklfvy145vc7qhg17b6gzba25",
+ "version": "93.0.4535.3",
+ "sha256": "19iy4p59n0pg9s39g614y4yxh5f6h86bcp471qdnm6fvzmzcxd18",
+ "sha256bin64": "16q9s8l20bmr2n0y3pi505l5hbhbmpi8kh47aylj5gzk1nr30a8r",
"deps": {
"gn": {
"version": "2021-05-07",
From b6a71637a94c85a319342830c1002e2f27e48b8a Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Tue, 8 Jun 2021 21:12:07 +0200
Subject: [PATCH 41/64] chromiumDev: Revert a patch to fix the build with LLVM
12
The build was failing with:
clang++: error: unknown argument: '-fsanitize-ignorelist=../../tools/cfi/ignores.txt'
(cherry picked from commit 950b321244d541e3c4d05bb163912d53c6c063df)
---
.../networking/browsers/chromium/common.nix | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix
index 7e95da747d1..57cac091912 100644
--- a/pkgs/applications/networking/browsers/chromium/common.nix
+++ b/pkgs/applications/networking/browsers/chromium/common.nix
@@ -54,9 +54,9 @@ let
# source tree.
extraAttrs = buildFun base;
- githubPatch = commit: sha256: fetchpatch {
+ githubPatch = { commit, sha256, revert ? false }: fetchpatch {
url = "https://github.com/chromium/chromium/commit/${commit}.patch";
- inherit sha256;
+ inherit sha256 revert;
};
mkGnFlags =
@@ -166,6 +166,14 @@ let
# Fix the build by adding a missing dependency (s. https://crbug.com/1197837):
./patches/fix-missing-atspi2-dependency.patch
./patches/closure_compiler-Use-the-Java-binary-from-the-system.patch
+ ] ++ lib.optionals (chromiumVersionAtLeast "93") [
+ # We need to revert this patch to build M93 with LLVM 12.
+ (githubPatch {
+ # Reland "Replace 'blacklist' with 'ignorelist' in ./tools/msan/."
+ commit = "9d080c0934b848ee4a05013c78641e612fcc1e03";
+ sha256 = "1bxdhxmiy6h4acq26lq43x2mxx6rawmfmlgsh5j7w8kyhkw5af0c";
+ revert = true;
+ })
];
postPatch = ''
From ede696c79d4b08469c4b8382aaf3cf66f43a9e9e Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Thu, 10 Jun 2021 08:43:28 +0200
Subject: [PATCH 42/64] chromium: 91.0.4472.77 -> 91.0.4472.101
https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
This update includes 14 security fixes. Google is aware that an exploit
for CVE-2021-30551 exists in the wild.
CVEs:
CVE-2021-30544 CVE-2021-30545 CVE-2021-30546 CVE-2021-30547
CVE-2021-30548 CVE-2021-30549 CVE-2021-30550 CVE-2021-30551
CVE-2021-30552 CVE-2021-30553
(cherry picked from commit 053f1dc49028f8f438506b187739d80d83984c16)
---
.../networking/browsers/chromium/upstream-info.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json
index be7a84576b3..5d888fc0649 100644
--- a/pkgs/applications/networking/browsers/chromium/upstream-info.json
+++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json
@@ -1,8 +1,8 @@
{
"stable": {
- "version": "91.0.4472.77",
- "sha256": "0c8vj3gq3nmb7ssiwj6875g0a8hcprss1a4gqw9h7llqywza9ma5",
- "sha256bin64": "0caf47xam5igdnbhipal1iyicnxxvadhi61k199rwysrvyv5sdad",
+ "version": "91.0.4472.101",
+ "sha256": "1d3y621iclkq6nvxrapk5aihv50x13hjha0c2gcp2xxfma96253q",
+ "sha256bin64": "12j5q5b9v0jpiznjnh89831w8lv399vd1z4ljhbsnsidbsygrbr1",
"deps": {
"gn": {
"version": "2021-04-06",
From 06924553df21db17af0dfcf92e4d3f48fccd2802 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Thu, 10 Jun 2021 12:00:34 +0200
Subject: [PATCH 43/64] chromium: get-commit-message.py: Support a new 0-day
sentence
The current stable release announcement [0] uses a slightly different
message/structure.
[0]: https://chromereleases.googleblog.com/2021/06/stable-channel-update-for-desktop.html
(cherry picked from commit c02ac479ba55d802d6232cdb743f5228984e2ff9)
---
.../networking/browsers/chromium/get-commit-message.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/applications/networking/browsers/chromium/get-commit-message.py b/pkgs/applications/networking/browsers/chromium/get-commit-message.py
index e14e3642643..2768e31bd03 100755
--- a/pkgs/applications/networking/browsers/chromium/get-commit-message.py
+++ b/pkgs/applications/networking/browsers/chromium/get-commit-message.py
@@ -27,7 +27,7 @@ for entry in feed.entries:
print('\n' + url)
if fixes := re.search(r'This update includes .+ security fixes\.', content):
fixes = html_tags.sub('', fixes.group(0))
- zero_days = re.search(r'Google is aware of reports that .+ in the wild\.', content)
+ zero_days = re.search(r'Google is aware( of reports)? that .+ in the wild\.', content)
if zero_days:
fixes += " " + zero_days.group(0)
print('\n' + '\n'.join(textwrap.wrap(fixes, width=72)))
From 0312d6fcf77da218db48b202a0de6f7390f7eb31 Mon Sep 17 00:00:00 2001
From: Michael Weiss <dev.primeos@gmail.com>
Date: Wed, 9 Jun 2021 11:53:22 +0200
Subject: [PATCH 44/64] chromiumDev: Install crashpad_handler
This executable is required to fix a startup error:
[990:990:0609/092114.482805:FATAL:double_fork_and_exec.cc(131)] execv /nix/store/k02xhxzn6sn2cihaal68wwsyk8cg9pkg-chromium-unwrapped-93.0.4535.3/libexec/chromium/crashpad_handler: No such file or directory (2)
Unfortunately Chromium M93 still segfaults in the VM test:
machine # [0610/100626.225850:ERROR:process_memory_range.cc(75)] read out of range
machine # [0610/100626.227312:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq: No such file or directory (2)
machine # [0610/100626.240410:ERROR:file_io_posix.cc(144)] open /sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq: No such file or directory (2)
machine # [ 19.810981] systemd-coredump[1015]: Process 987 (chromium) of user 1000 dumped core.
(cherry picked from commit 1d6a0d3cf24f2edcf6755fd4db1901f9e1db1ac6)
---
pkgs/applications/networking/browsers/chromium/browser.nix | 2 ++
1 file changed, 2 insertions(+)
diff --git a/pkgs/applications/networking/browsers/chromium/browser.nix b/pkgs/applications/networking/browsers/chromium/browser.nix
index dcac873b849..cc443764447 100644
--- a/pkgs/applications/networking/browsers/chromium/browser.nix
+++ b/pkgs/applications/networking/browsers/chromium/browser.nix
@@ -62,6 +62,8 @@ mkChromiumDerivation (base: rec {
-e '/\[Desktop Entry\]/a\' \
-e 'StartupWMClass=chromium-browser' \
$out/share/applications/chromium-browser.desktop
+ '' + lib.optionalString (channel == "dev") ''
+ cp -v "$buildPath/crashpad_handler" "$libExecPath/"
'';
passthru = { inherit sandboxExecutableName; };
From c764b9f94611c90f96bb29ded52b50d9a6b3f272 Mon Sep 17 00:00:00 2001
From: Chuck <chuck@intelligence.org>
Date: Thu, 10 Jun 2021 10:27:14 -0700
Subject: [PATCH 45/64] nixos-rebuild: Pass flakes flags when doing local
flakes build
(cherry picked from commit 1c80856545fd1234ba84b8981d26ca8e786376c2)
---
pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
index 087afb5b6a6..2b94f18f538 100644
--- a/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
+++ b/pkgs/os-specific/linux/nixos-rebuild/nixos-rebuild.sh
@@ -216,7 +216,7 @@ nixBuild() {
nixFlakeBuild() {
if [ -z "$buildHost" ]; then
- nix build "$@" --out-link "${tmpDir}/result"
+ nix "${flakeFlags[@]}" build "$@" --out-link "${tmpDir}/result"
readlink -f "${tmpDir}/result"
else
local attr="$1"
From 6d9d295e388a78fbafc514cfad1b8a6dc812943f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciej=20Kr=C3=BCger?= <mkg20001@gmail.com>
Date: Thu, 10 Jun 2021 06:49:33 +0200
Subject: [PATCH 46/64] [Backport release-21.05] x2goclient:
unstable-2019-07-24 -> 4.1.2.2, fix #78907
Co-authored-by: Sandro <sandro.jaeckel@gmail.com>
(cherry picked from commit c4100d81bdbfb28f63f326204a4ee19133233a7b)
---
.../networking/remote/x2goclient/default.nix | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/pkgs/applications/networking/remote/x2goclient/default.nix b/pkgs/applications/networking/remote/x2goclient/default.nix
index 4156c82f91b..d40d8032c29 100644
--- a/pkgs/applications/networking/remote/x2goclient/default.nix
+++ b/pkgs/applications/networking/remote/x2goclient/default.nix
@@ -1,20 +1,20 @@
-{ lib, fetchgit, cups, libssh, libXpm, nx-libs, openldap, openssh
+{ lib, fetchurl, cups, libssh, libXpm, nx-libs, openldap, openssh
, mkDerivation, qtbase, qtsvg, qtx11extras, qttools, phonon, pkg-config }:
-mkDerivation {
+mkDerivation rec {
pname = "x2goclient";
- version = "unstable-2019-07-24";
+ version = "4.1.2.2";
- src = fetchgit {
- url = "git://code.x2go.org/x2goclient.git";
- rev = "704c4ab92d20070dd160824c9b66a6d1c56dcc49";
- sha256 = "1pndp3lfzwifyxqq0gps3p1bwakw06clbk6n8viv020l4bsfmq5f";
+ src = fetchurl {
+ url = "https://code.x2go.org/releases/source/${pname}/${pname}-${version}.tar.gz";
+ sha256 = "yZUyZ8QPpnEZrZanO6yx8mYZbaIFnwzc0bjVGZQh0So=";
};
buildInputs = [ cups libssh libXpm nx-libs openldap openssh
qtbase qtsvg qtx11extras qttools phonon pkg-config ];
postPatch = ''
+ substituteInPlace src/onmainwindow.cpp --replace "/usr/sbin/sshd" "${openssh}/bin/sshd"
substituteInPlace Makefile \
--replace "SHELL=/bin/bash" "SHELL=$SHELL" \
--replace "lrelease-qt4" "${qttools.dev}/bin/lrelease" \
@@ -33,6 +33,7 @@ mkDerivation {
meta = with lib; {
description = "Graphical NoMachine NX3 remote desktop client";
homepage = "http://x2go.org/";
+ maintainers = with maintainers; [ mkg20001 ];
license = licenses.gpl2;
platforms = platforms.linux;
};
From 40c83d56e0acf2936aff32c89f98a8547618ded3 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:25 +0000
Subject: [PATCH 47/64] linux: 4.14.235 -> 4.14.236
(cherry picked from commit a6d113ad1b17b731972a0550ee14fa333bac2644)
---
pkgs/os-specific/linux/kernel/linux-4.14.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.14.nix b/pkgs/os-specific/linux/kernel/linux-4.14.nix
index 7c986259dff..9f40429f0ad 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.14.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.14.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "4.14.235";
+ version = "4.14.236";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "03k793hj294zf7jncs1h8zh5dh6xagkfvnydd9jadxvq2z8vvl8f";
+ sha256 = "0albmgxj3cb1dvjagj54l0ffa7kwi8brh7bqwj6gvzpylsby5sp4";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_14 ];
From 2cfe71a2434492b33d88fecc7a5fdf556f590d4b Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:31 +0000
Subject: [PATCH 48/64] linux: 4.19.193 -> 4.19.194
(cherry picked from commit 89a533e7df2274b173dfa145eb2f224cffc2b606)
---
pkgs/os-specific/linux/kernel/linux-4.19.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.19.nix b/pkgs/os-specific/linux/kernel/linux-4.19.nix
index 3a31ad473cf..e42a1646791 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.19.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.19.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "4.19.193";
+ version = "4.19.194";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "17ci49ak5iw01kfkn3fcgncg9hm4j188417bxi3bnsq9il5ymhl4";
+ sha256 = "15l80psfgffa756vpjxmjkwjqif2gpx441hpzr473xwryp6bvbma";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_19 ];
From 52f177d27c9eb8c93ff188542b87ab62595403b1 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:38 +0000
Subject: [PATCH 49/64] linux: 4.4.271 -> 4.4.272
(cherry picked from commit a31fb792707b189b3ec4c87e9cf7afdb410db72e)
---
pkgs/os-specific/linux/kernel/linux-4.4.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.4.nix b/pkgs/os-specific/linux/kernel/linux-4.4.nix
index 9bc01eeff49..4fc2985b586 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.4.nix
@@ -1,13 +1,13 @@
{ buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args:
buildLinux (args // rec {
- version = "4.4.271";
+ version = "4.4.272";
extraMeta.branch = "4.4";
extraMeta.broken = stdenv.isAarch64;
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "0n5h2lv1p542a45pas3pi0vkhgrk096vwrps79a7v3a6c1q2dxx6";
+ sha256 = "1ar468ymk96v2pq9x209z2z4wbypppb91jpw8g22aa30pr9aagyi";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_4 ];
From 134c38917ebd47014fef8a41ef0ea4f0cc6b63eb Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:44 +0000
Subject: [PATCH 50/64] linux: 4.9.271 -> 4.9.272
(cherry picked from commit 2961093d9b231fb085d74696d09334b7a1bedbc6)
---
pkgs/os-specific/linux/kernel/linux-4.9.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-4.9.nix b/pkgs/os-specific/linux/kernel/linux-4.9.nix
index 4be4b6fb222..d0cb868f172 100644
--- a/pkgs/os-specific/linux/kernel/linux-4.9.nix
+++ b/pkgs/os-specific/linux/kernel/linux-4.9.nix
@@ -1,13 +1,13 @@
{ buildPackages, fetchurl, perl, buildLinux, nixosTests, stdenv, ... } @ args:
buildLinux (args // rec {
- version = "4.9.271";
+ version = "4.9.272";
extraMeta.branch = "4.9";
extraMeta.broken = stdenv.isAarch64;
src = fetchurl {
url = "mirror://kernel/linux/kernel/v4.x/linux-${version}.tar.xz";
- sha256 = "1480miixphkf0b8w00m753ar7yp1rnl3zyr9wp4inngi2f90553r";
+ sha256 = "0n0hrszaijdpnbdvd8bvz15m7g268is0zw84w4vaf37418whrgzq";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_4_9 ];
From a5bfe124f94f966285797d41c32d5020b1ee1626 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:52 +0000
Subject: [PATCH 51/64] linux: 5.10.42 -> 5.10.43
(cherry picked from commit 121dbb96538e04b1e54559a7728a5e4653a52e82)
---
pkgs/os-specific/linux/kernel/linux-5.10.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.10.nix b/pkgs/os-specific/linux/kernel/linux-5.10.nix
index ec7b16f9f3f..50ef93c04b9 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.10.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.10.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.10.42";
+ version = "5.10.43";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "1r86v6q7ml7zv001f25w3h667nqqy39439s94vnqsyyn7g3jg84b";
+ sha256 = "00yl1g6irpwy3sy0d43qvlk7x1gfk4v1dyv460afxy527d1ixf43";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_10 ];
From e7a8f48d6b6e2238e9e062db166774a7904a3a72 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:53:59 +0000
Subject: [PATCH 52/64] linux: 5.12.9 -> 5.12.10
(cherry picked from commit fd44ed986cad429e42cb985a78e847895438e89d)
---
pkgs/os-specific/linux/kernel/linux-5.12.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.12.nix b/pkgs/os-specific/linux/kernel/linux-5.12.nix
index 85a69f0c5ad..6ae39a84891 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.12.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.12.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.12.9";
+ version = "5.12.10";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "0vg71h8r90fl01a8khyf1776y76rgqisxafky89cswa2fpsvxyn7";
+ sha256 = "03v3wzpbxb78gf4wsnc5wv6683g439cm2bzcjj4q657dagy9km68";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_12 ];
From 0bfc50ac949bc53a918b5c48a3decab7f1b47e47 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:06 +0000
Subject: [PATCH 53/64] linux: 5.4.124 -> 5.4.125
(cherry picked from commit 7cf65d0f4a9a1200bdc2dd2d63b572dfb8350db6)
---
pkgs/os-specific/linux/kernel/linux-5.4.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/linux-5.4.nix b/pkgs/os-specific/linux/kernel/linux-5.4.nix
index 4cf7c2bfafd..94d5f6bd3ff 100644
--- a/pkgs/os-specific/linux/kernel/linux-5.4.nix
+++ b/pkgs/os-specific/linux/kernel/linux-5.4.nix
@@ -3,7 +3,7 @@
with lib;
buildLinux (args // rec {
- version = "5.4.124";
+ version = "5.4.125";
# modDirVersion needs to be x.y.z, will automatically add .0 if needed
modDirVersion = if (modDirVersionArg == null) then concatStringsSep "." (take 3 (splitVersion "${version}.0")) else modDirVersionArg;
@@ -13,7 +13,7 @@ buildLinux (args // rec {
src = fetchurl {
url = "mirror://kernel/linux/kernel/v5.x/linux-${version}.tar.xz";
- sha256 = "10kxa1ng9w9xd2d5xh48fbhp1kri650p90nihrcpnb845gd9vwpp";
+ sha256 = "0g73xfkmj4sahrk7gx72hm2i4m98gqghswqyf8yqh77b9857bvhp";
};
kernelTests = args.kernelTests or [ nixosTests.kernel-generic.linux_5_4 ];
From 2eff1ca451f508c22c9d71cd661bf377ea6b170b Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:19 +0000
Subject: [PATCH 54/64] linux/hardened/patches/4.14: 4.14.235-hardened1 ->
4.14.236-hardened1
(cherry picked from commit e77f16cbcb80456b3874b649ddf35bd6183e4b43)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index bb668a6e904..f89b85df169 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -1,9 +1,9 @@
{
"4.14": {
"extra": "-hardened1",
- "name": "linux-hardened-4.14.235-hardened1.patch",
- "sha256": "0m49pg27pnp6kwkbawg0fw3lzm5nchqjhqkfgprckwgb9v5bgbcc",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.235-hardened1/linux-hardened-4.14.235-hardened1.patch"
+ "name": "linux-hardened-4.14.236-hardened1.patch",
+ "sha256": "08wnc1acx8fnnrpaz5hxw9gakgk7qxf3kq1pycljl7396dnsy6xg",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.14.236-hardened1/linux-hardened-4.14.236-hardened1.patch"
},
"4.19": {
"extra": "-hardened1",
From e08fc97b070835629a55fddc29238207f7e15ab8 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:21 +0000
Subject: [PATCH 55/64] linux/hardened/patches/4.19: 4.19.193-hardened1 ->
4.19.194-hardened1
(cherry picked from commit 940bf55cab197e373102be460d6d7fd737fbd8e3)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index f89b85df169..e979734646f 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -7,9 +7,9 @@
},
"4.19": {
"extra": "-hardened1",
- "name": "linux-hardened-4.19.193-hardened1.patch",
- "sha256": "0r2rxl08x2l1yimaqksrc79s36rnp77xm5in9cvp7ff24y9r9g0j",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.193-hardened1/linux-hardened-4.19.193-hardened1.patch"
+ "name": "linux-hardened-4.19.194-hardened1.patch",
+ "sha256": "102w5algxybffy5176zzgz7knafpdc0lp9y5wjdrf6yr65l4j5rj",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/4.19.194-hardened1/linux-hardened-4.19.194-hardened1.patch"
},
"5.10": {
"extra": "-hardened1",
From 6d28511e7ff6873be890741c787a216a16833763 Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:22 +0000
Subject: [PATCH 56/64] linux/hardened/patches/5.10: 5.10.42-hardened1 ->
5.10.43-hardened1
(cherry picked from commit 0879f36d2b5269d1ca097761601c5b7f26c2e3d7)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index e979734646f..47239feac4d 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -13,9 +13,9 @@
},
"5.10": {
"extra": "-hardened1",
- "name": "linux-hardened-5.10.42-hardened1.patch",
- "sha256": "1hignnqy0d7nrfnh5j8h1xkj15kvx80h55qzzq1wlmyjxpr6c0ix",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.42-hardened1/linux-hardened-5.10.42-hardened1.patch"
+ "name": "linux-hardened-5.10.43-hardened1.patch",
+ "sha256": "0hx2g4brpk32phiin96w4kgsbibrcb69a22p0rsqcanxl76v48sz",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.10.43-hardened1/linux-hardened-5.10.43-hardened1.patch"
},
"5.12": {
"extra": "-hardened1",
From a4b317973223dbae2119a9dae5aac066d9733e9b Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:23 +0000
Subject: [PATCH 57/64] linux/hardened/patches/5.12: 5.12.9-hardened1 ->
5.12.10-hardened1
(cherry picked from commit 889319446ce58456ad06165748bf7d302181c3cc)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 47239feac4d..7ef8a027f5f 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -19,9 +19,9 @@
},
"5.12": {
"extra": "-hardened1",
- "name": "linux-hardened-5.12.9-hardened1.patch",
- "sha256": "08ijifhl8sl858ik32ny47h7pq0r160sv55a07igkbhrh60arfqa",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.9-hardened1/linux-hardened-5.12.9-hardened1.patch"
+ "name": "linux-hardened-5.12.10-hardened1.patch",
+ "sha256": "0wyw33kg3xih2j19hsff9mapxjll8ad38il74gkcbnhwci0ys1mc",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.12.10-hardened1/linux-hardened-5.12.10-hardened1.patch"
},
"5.4": {
"extra": "-hardened1",
From 01f05483e31a17c41895a810752da88148eed85a Mon Sep 17 00:00:00 2001
From: TredwellGit <tredwell@tutanota.com>
Date: Thu, 10 Jun 2021 20:54:24 +0000
Subject: [PATCH 58/64] linux/hardened/patches/5.4: 5.4.124-hardened1 ->
5.4.125-hardened1
(cherry picked from commit c22128ed44db5b8c2fa0c66ed8a33e1660421739)
---
pkgs/os-specific/linux/kernel/hardened/patches.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/pkgs/os-specific/linux/kernel/hardened/patches.json b/pkgs/os-specific/linux/kernel/hardened/patches.json
index 7ef8a027f5f..f9c25f12368 100644
--- a/pkgs/os-specific/linux/kernel/hardened/patches.json
+++ b/pkgs/os-specific/linux/kernel/hardened/patches.json
@@ -25,8 +25,8 @@
},
"5.4": {
"extra": "-hardened1",
- "name": "linux-hardened-5.4.124-hardened1.patch",
- "sha256": "1bn7fa09kzgv6v9d3gl66l8wg6z23chjhk6g219cqb7mfd4m5ykl",
- "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.124-hardened1/linux-hardened-5.4.124-hardened1.patch"
+ "name": "linux-hardened-5.4.125-hardened1.patch",
+ "sha256": "1vc6jgiglc4i5my9iw24yw16wi0x1lxkvyb6i619z3k3zh39gm04",
+ "url": "https://github.com/anthraxx/linux-hardened/releases/download/5.4.125-hardened1/linux-hardened-5.4.125-hardened1.patch"
}
}
From 30457b3fbd28007e9faca38ccf64f0daacbeefbb Mon Sep 17 00:00:00 2001
From: Kerstin Humm <kerstin@erictapen.name>
Date: Mon, 31 May 2021 21:24:17 +0200
Subject: [PATCH 59/64] imagemagick: 6.9.12-12 -> 6.9.12-14
(cherry picked from commit 99f12af681ebd3369a72580cccddc317841765c5)
---
pkgs/applications/graphics/ImageMagick/6.x.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/applications/graphics/ImageMagick/6.x.nix b/pkgs/applications/graphics/ImageMagick/6.x.nix
index 79fdacfaadb..7d345e8dba1 100644
--- a/pkgs/applications/graphics/ImageMagick/6.x.nix
+++ b/pkgs/applications/graphics/ImageMagick/6.x.nix
@@ -16,13 +16,13 @@ in
stdenv.mkDerivation rec {
pname = "imagemagick";
- version = "6.9.12-12";
+ version = "6.9.12-14";
src = fetchFromGitHub {
owner = "ImageMagick";
repo = "ImageMagick6";
rev = version;
- sha256 = "sha256-yqMYuayQjPlTqi3+CtwP5CdsAGud/fHR0I2LwUPIq00=";
+ sha256 = "sha256-RK6N4koHVAqol16QXLFWUgI6N5Rph2QCIHxmDFs3Jfk=";
};
outputs = [ "out" "dev" "doc" ]; # bin/ isn't really big
From a0fc6a786114f8f1743360d18824feb4c9ff3516 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Sun, 9 May 2021 11:48:31 +0200
Subject: [PATCH 60/64] nixos/jenkins-job-builder: add support for folder jobs
Add support for folder jobs
(https://plugins.jenkins.io/cloudbees-folder/) by reworking the service
to support nested jobs.
This also fixes this deprecation warning (as a happy side effect):
WARNING:jenkins_jobs.cli.subcommand.test:(Deprecated) The default output behavior of `jenkins-jobs test` when given the --output flag will change in JJB 3.0. Instead of writing jobs to OUTPUT/jobname; they will be written to OUTPUT/jobname/config.xml. The new behavior can be enabled by the passing `--config-xml` parameter
(cherry picked from commit 4bcb22e17aa8677c6b3fc4625732d4da791a576f)
---
.../jenkins/job-builder.nix | 64 +++++++++++++++----
1 file changed, 50 insertions(+), 14 deletions(-)
diff --git a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
index 5d1bfe4ec40..536d394b3fd 100644
--- a/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
+++ b/nixos/modules/services/continuous-integration/jenkins/job-builder.nix
@@ -165,6 +165,42 @@ in {
'';
in
''
+ joinByString()
+ {
+ local separator="$1"
+ shift
+ local first="$1"
+ shift
+ printf "%s" "$first" "''${@/#/$separator}"
+ }
+
+ # Map a relative directory path in the output from
+ # jenkins-job-builder (jobname) to the layout expected by jenkins:
+ # each directory level gets prepended "jobs/".
+ getJenkinsJobDir()
+ {
+ IFS='/' read -ra input_dirs <<< "$1"
+ printf "jobs/"
+ joinByString "/jobs/" "''${input_dirs[@]}"
+ }
+
+ # The inverse of getJenkinsJobDir (remove the "jobs/" prefixes)
+ getJobname()
+ {
+ IFS='/' read -ra input_dirs <<< "$1"
+ local i=0
+ local nelem=''${#input_dirs[@]}
+ for e in "''${input_dirs[@]}"; do
+ if [ $((i % 2)) -eq 1 ]; then
+ printf "$e"
+ if [ $i -lt $(( nelem - 1 )) ]; then
+ printf "/"
+ fi
+ fi
+ i=$((i + 1))
+ done
+ }
+
rm -rf ${jobBuilderOutputDir}
cur_decl_jobs=/run/jenkins-job-builder/declarative-jobs
rm -f "$cur_decl_jobs"
@@ -172,27 +208,27 @@ in {
# Create / update jobs
mkdir -p ${jobBuilderOutputDir}
for inputFile in ${yamlJobsFile} ${concatStringsSep " " jsonJobsFiles}; do
- HOME="${jenkinsCfg.home}" "${pkgs.jenkins-job-builder}/bin/jenkins-jobs" --ignore-cache test -o "${jobBuilderOutputDir}" "$inputFile"
+ HOME="${jenkinsCfg.home}" "${pkgs.jenkins-job-builder}/bin/jenkins-jobs" --ignore-cache test --config-xml -o "${jobBuilderOutputDir}" "$inputFile"
done
- for file in "${jobBuilderOutputDir}/"*; do
- test -f "$file" || continue
- jobname="$(basename $file)"
- jobdir="${jenkinsCfg.home}/jobs/$jobname"
+ find "${jobBuilderOutputDir}" -type f -name config.xml | while read -r f; do echo "$(dirname "$f")"; done | sort | while read -r dir; do
+ jobname="$(realpath --relative-to="${jobBuilderOutputDir}" "$dir")"
+ jenkinsjobname=$(getJenkinsJobDir "$jobname")
+ jenkinsjobdir="${jenkinsCfg.home}/$jenkinsjobname"
echo "Creating / updating job \"$jobname\""
- mkdir -p "$jobdir"
- touch "$jobdir/${ownerStamp}"
- cp "$file" "$jobdir/config.xml"
- echo "$jobname" >> "$cur_decl_jobs"
+ mkdir -p "$jenkinsjobdir"
+ touch "$jenkinsjobdir/${ownerStamp}"
+ cp "$dir"/config.xml "$jenkinsjobdir/config.xml"
+ echo "$jenkinsjobname" >> "$cur_decl_jobs"
done
# Remove stale jobs
- for file in "${jenkinsCfg.home}"/jobs/*/${ownerStamp}; do
- test -f "$file" || continue
- jobdir="$(dirname $file)"
- jobname="$(basename "$jobdir")"
- grep --quiet --line-regexp "$jobname" "$cur_decl_jobs" 2>/dev/null && continue
+ find "${jenkinsCfg.home}" -type f -name "${ownerStamp}" | while read -r f; do echo "$(dirname "$f")"; done | sort --reverse | while read -r dir; do
+ jenkinsjobname="$(realpath --relative-to="${jenkinsCfg.home}" "$dir")"
+ grep --quiet --line-regexp "$jenkinsjobname" "$cur_decl_jobs" 2>/dev/null && continue
+ jobname=$(getJobname "$jenkinsjobname")
echo "Deleting stale job \"$jobname\""
+ jobdir="${jenkinsCfg.home}/$jenkinsjobname"
rm -rf "$jobdir"
done
'' + (if cfg.accessUser != "" then reloadScript else "");
From 0d417a343cff0090c69c92ecfc9208245d4d5b6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Sat, 29 May 2021 18:17:36 +0200
Subject: [PATCH 61/64] nixos/jenkins: test declarative jobs
(cherry picked from commit a655b712015f1a37466371234620b8958887e9bf)
---
nixos/tests/jenkins.nix | 85 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 83 insertions(+), 2 deletions(-)
diff --git a/nixos/tests/jenkins.nix b/nixos/tests/jenkins.nix
index 5898adab759..cb4207c6e77 100644
--- a/nixos/tests/jenkins.nix
+++ b/nixos/tests/jenkins.nix
@@ -2,6 +2,7 @@
# 1. jenkins service starts on master node
# 2. jenkins user can be extended on both master and slave
# 3. jenkins service not started on slave node
+# 4. declarative jobs can be added and removed
import ./make-test-python.nix ({ pkgs, ...} : {
name = "jenkins";
@@ -13,7 +14,45 @@ import ./make-test-python.nix ({ pkgs, ...} : {
master =
{ ... }:
- { services.jenkins.enable = true;
+ { services.jenkins = {
+ enable = true;
+ jobBuilder = {
+ enable = true;
+ nixJobs = [
+ { job = {
+ name = "job-1";
+ builders = [
+ { shell = ''
+ echo "Running job-1"
+ '';
+ }
+ ];
+ };
+ }
+
+ { job = {
+ name = "folder-1";
+ project-type = "folder";
+ };
+ }
+
+ { job = {
+ name = "folder-1/job-2";
+ builders = [
+ { shell = ''
+ echo "Running job-2"
+ '';
+ }
+ ];
+ };
+ }
+ ];
+ };
+ };
+
+ specialisation.noJenkinsJobs.configuration = {
+ services.jenkins.jobBuilder.nixJobs = pkgs.lib.mkForce [];
+ };
# should have no effect
services.jenkinsSlave.enable = true;
@@ -32,7 +71,12 @@ import ./make-test-python.nix ({ pkgs, ...} : {
};
- testScript = ''
+ testScript = { nodes, ... }:
+ let
+ configWithoutJobs = "${nodes.master.config.system.build.toplevel}/specialisation/noJenkinsJobs";
+ jenkinsPort = nodes.master.config.services.jenkins.port;
+ jenkinsUrl = "http://localhost:${toString jenkinsPort}";
+ in ''
start_all()
master.wait_for_unit("jenkins")
@@ -45,5 +89,42 @@ import ./make-test-python.nix ({ pkgs, ...} : {
assert "users" in groups
slave.fail("systemctl is-enabled jenkins.service")
+
+ with subtest("jobs are declarative"):
+ # Check that jobs are created on disk.
+ master.wait_for_unit("jenkins-job-builder")
+ master.wait_until_fails("systemctl is-active jenkins-job-builder")
+ master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/job-1/config.xml")
+ master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/config.xml")
+ master.wait_until_succeeds("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml")
+
+ # Wait until jenkins is ready, reload configuration and verify it also
+ # sees the jobs.
+ master.succeed("curl --fail ${jenkinsUrl}/cli")
+ master.succeed("curl ${jenkinsUrl}/jnlpJars/jenkins-cli.jar -O")
+ master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) reload-configuration")
+ out = master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) list-jobs")
+ jobs = [x.strip() for x in out.splitlines()]
+ # Seeing jobs inside folders requires the Folders plugin
+ # (https://plugins.jenkins.io/cloudbees-folder/), which we don't have
+ # in this vanilla jenkins install, so limit ourself to non-folder jobs.
+ assert jobs == ['job-1'], f"jobs != ['job-1']: {jobs}"
+
+ master.succeed(
+ "${configWithoutJobs}/bin/switch-to-configuration test >&2"
+ )
+
+ # Check that jobs are removed from disk.
+ master.wait_for_unit("jenkins-job-builder")
+ master.wait_until_fails("systemctl is-active jenkins-job-builder")
+ master.wait_until_fails("test -f /var/lib/jenkins/jobs/job-1/config.xml")
+ master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/config.xml")
+ master.wait_until_fails("test -f /var/lib/jenkins/jobs/folder-1/jobs/job-2/config.xml")
+
+ # Reload jenkins' configuration and verify it also sees the jobs as removed.
+ master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) reload-configuration")
+ out = master.succeed("${pkgs.jre}/bin/java -jar jenkins-cli.jar -s ${jenkinsUrl} -auth admin:$(cat /var/lib/jenkins/secrets/initialAdminPassword) list-jobs")
+ jobs = [x.strip() for x in out.splitlines()]
+ assert jobs == [], f"jobs != []: {jobs}"
'';
})
From bfff2cbbcd14d4e614dff9c344d634e669a4a017 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Wed, 9 Jun 2021 21:01:16 +0200
Subject: [PATCH 62/64] qcachegrind: fix fatal Could not find the Qt platform
plugin "xcb" in ""
(cherry picked from commit 16cbc80a9370b13db95a75b74d20e1d2beb578b3)
---
pkgs/development/tools/analysis/qcachegrind/default.nix | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/tools/analysis/qcachegrind/default.nix b/pkgs/development/tools/analysis/qcachegrind/default.nix
index 75729d1eea4..195596d3c19 100644
--- a/pkgs/development/tools/analysis/qcachegrind/default.nix
+++ b/pkgs/development/tools/analysis/qcachegrind/default.nix
@@ -1,4 +1,4 @@
-{ lib, stdenv, qmake, qtbase, perl, python, php, kcachegrind }:
+{ lib, stdenv, qmake, qtbase, perl, python, php, kcachegrind, wrapQtAppsHook }:
let
name = lib.replaceStrings ["kcachegrind"] ["qcachegrind"] kcachegrind.name;
@@ -10,7 +10,7 @@ in stdenv.mkDerivation {
buildInputs = [ qtbase perl python php ];
- nativeBuildInputs = [ qmake ];
+ nativeBuildInputs = [ qmake wrapQtAppsHook ];
dontWrapQtApps = true;
@@ -33,6 +33,10 @@ in stdenv.mkDerivation {
install -Dm644 kcachegrind/48-apps-kcachegrind.png "$out/share/icons/hicolor/48x48/apps/kcachegrind.png"
'');
+ preFixup = ''
+ wrapQtApp "$out/bin/qcachegrind"
+ '';
+
meta = with lib; {
description = "A Qt GUI to visualize profiling data";
license = licenses.gpl2;
From c3094b06ce98bd6e195decc4f730adba2b745c48 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B8rn=20Forsman?= <bjorn.forsman@gmail.com>
Date: Thu, 10 Jun 2021 07:20:50 +0200
Subject: [PATCH 63/64] qcachegrind: license gpl2 -> gpl2Plus
According to https://apps.kde.org/kcachegrind/.
(cherry picked from commit 1b1f196fe6f46e6f713946e5c423bbbc90771328)
---
pkgs/development/tools/analysis/qcachegrind/default.nix | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pkgs/development/tools/analysis/qcachegrind/default.nix b/pkgs/development/tools/analysis/qcachegrind/default.nix
index 195596d3c19..1f7c6641b1c 100644
--- a/pkgs/development/tools/analysis/qcachegrind/default.nix
+++ b/pkgs/development/tools/analysis/qcachegrind/default.nix
@@ -39,7 +39,7 @@ in stdenv.mkDerivation {
meta = with lib; {
description = "A Qt GUI to visualize profiling data";
- license = licenses.gpl2;
+ license = licenses.gpl2Plus;
platforms = platforms.unix;
maintainers = with maintainers; [ periklis ];
};
From 20fb5871648830ba1d96929042b99d1ba09baf5d Mon Sep 17 00:00:00 2001
From: Timothy Klim <git@timothyklim.com>
Date: Tue, 1 Jun 2021 23:12:57 +0700
Subject: [PATCH 64/64] sbt: 1.5.1 -> 1.5.3
(cherry picked from commit 7c74293590f5ff12920d9a46da84983b6c156e04)
---
pkgs/development/tools/build-managers/sbt/default.nix | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pkgs/development/tools/build-managers/sbt/default.nix b/pkgs/development/tools/build-managers/sbt/default.nix
index 7b9c6bca7e2..89628b81fbc 100644
--- a/pkgs/development/tools/build-managers/sbt/default.nix
+++ b/pkgs/development/tools/build-managers/sbt/default.nix
@@ -8,11 +8,11 @@
stdenv.mkDerivation rec {
pname = "sbt";
- version = "1.5.1";
+ version = "1.5.3";
src = fetchurl {
url = "https://github.com/sbt/sbt/releases/download/v${version}/sbt-${version}.tgz";
- sha256 = "0dsbqipr549awv584fyl227s1gknlpsf5krp990w7w3bbxl3avb7";
+ sha256 = "10kIQNy+3V1SD4uEZs/BJ4E6bTCRV3wjBN8gw9jr9VQ=";
};
postPatch = ''