diff --git a/nixos/tests/gitlab.nix b/nixos/tests/gitlab.nix index a629bf749ca..5c9aac46961 100644 --- a/nixos/tests/gitlab.nix +++ b/nixos/tests/gitlab.nix @@ -51,10 +51,11 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : with lib; { host = "localhost"; port = 143; }; - pages = { - enabled = true; - host = "localhost"; - }; + # https://github.com/NixOS/nixpkgs/issues/132295 + # pages = { + # enabled = true; + # host = "localhost"; + # }; }; secrets = { secretFile = pkgs.writeText "secret" "Aig5zaic"; @@ -92,7 +93,8 @@ import ./make-test-python.nix ({ pkgs, lib, ...} : with lib; { waitForServices = '' gitlab.wait_for_unit("gitaly.service") gitlab.wait_for_unit("gitlab-workhorse.service") - gitlab.wait_for_unit("gitlab-pages.service") + # https://github.com/NixOS/nixpkgs/issues/132295 + # gitlab.wait_for_unit("gitlab-pages.service") gitlab.wait_for_unit("gitlab-mailroom.service") gitlab.wait_for_unit("gitlab.service") gitlab.wait_for_unit("gitlab-sidekiq.service") diff --git a/pkgs/applications/misc/mupdf/default.nix b/pkgs/applications/misc/mupdf/default.nix index 21c699da3fa..f23ca82074f 100644 --- a/pkgs/applications/misc/mupdf/default.nix +++ b/pkgs/applications/misc/mupdf/default.nix @@ -60,6 +60,11 @@ stdenv.mkDerivation rec { url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=cee7cefc610d42fd383b3c80c12cbc675443176a"; sha256 = "18g9jsj90jnqibaff8pqi70a7x8ygc3sh4jl4xnvlv8vr7fxxbh6"; }) + (fetchpatch { + name = "CVE-2021-37220.patch"; + url = "http://git.ghostscript.com/?p=mupdf.git;a=patch;h=f5712c9949d026e4b891b25837edd2edc166151f"; + sha256 = "1zyw6w6zr7k2akpzkyycj2zzw3y5qc7afsn1ysklfj2rvb6cnsx3"; + }) ]; postPatch = '' diff --git a/pkgs/applications/networking/browsers/chromium/common.nix b/pkgs/applications/networking/browsers/chromium/common.nix index c2417d9f524..e24f15179f6 100644 --- a/pkgs/applications/networking/browsers/chromium/common.nix +++ b/pkgs/applications/networking/browsers/chromium/common.nix @@ -136,11 +136,9 @@ let nativeBuildInputs = [ ninja pkg-config - python2WithPackages perl nodejs + python2WithPackages python3WithPackages perl nodejs gnutar which llvmPackages.bintools - ] ++ lib.optionals (chromiumVersionAtLeast "92") [ - python3WithPackages ]; buildInputs = defaultDependencies ++ [ diff --git a/pkgs/applications/networking/browsers/chromium/upstream-info.json b/pkgs/applications/networking/browsers/chromium/upstream-info.json index a6df334a97d..4bb2cfd1291 100644 --- a/pkgs/applications/networking/browsers/chromium/upstream-info.json +++ b/pkgs/applications/networking/browsers/chromium/upstream-info.json @@ -44,19 +44,19 @@ } }, "ungoogled-chromium": { - "version": "91.0.4472.164", - "sha256": "1g96hk72ds2b0aymgw7yjr0akgx7mkp17i99nk511ncnmni6zrc4", - "sha256bin64": "1j6p2gqlikaibcwa40k46dsm9jlrpbj21lv1snnjw8apjnjfd2wr", + "version": "92.0.4515.131", + "sha256": "0fnfyh61w6dmavvfbf2x1zzrby0xpx4jd4ifjsgyc39rsl789b5n", + "sha256bin64": "04ykc7vgq47m595j0g0gl28n5rkki6aic7ck8xr08r5cia46gk3g", "deps": { "gn": { - "version": "2021-04-06", + "version": "2021-05-07", "url": "https://gn.googlesource.com/gn", - "rev": "dba01723a441c358d843a575cb7720d54ddcdf92", - "sha256": "199xkks67qrn0xa5fhp24waq2vk8qb78a96cb3kdd8v1hgacgb8x" + "rev": "39a87c0b36310bdf06b692c098f199a0d97fc810", + "sha256": "0x63jr5hssm9dl6la4q5ahy669k4gxvbapqxi5w32vv107jrj8v4" }, "ungoogled-patches": { - "rev": "91.0.4472.164-1", - "sha256": "1vlirqrsliyl1dvm511p5axzvhvqil1m1jlk5zngvl9zfbdjw910" + "rev": "92.0.4515.131-1", + "sha256": "1nbgknj5ba116y47sxbp7pbma1bp0lmkyi3vk915x837ysaf6mrd" } } } diff --git a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix index 3f79fba89e9..a3c12277b3b 100644 --- a/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix +++ b/pkgs/applications/networking/instant-messengers/signal-desktop/default.nix @@ -25,7 +25,7 @@ let else ""); in stdenv.mkDerivation rec { pname = "signal-desktop"; - version = "5.12.0"; # Please backport all updates to the stable channel. + version = "5.12.1"; # Please backport all updates to the stable channel. # All releases have a limited lifetime and "expire" 90 days after the release. # When releases "expire" the application becomes unusable until an update is # applied. The expiration date for the current release can be extracted with: @@ -35,7 +35,7 @@ in stdenv.mkDerivation rec { src = fetchurl { url = "https://updates.signal.org/desktop/apt/pool/main/s/signal-desktop/signal-desktop_${version}_amd64.deb"; - sha256 = "0cvh70ijx61rq7qjzrmn85lhkm8vkcbxvgjvkpls21v3yl5anrjb"; + sha256 = "099p0bmaa60dfij5wq9pyfxnhy77cdnfqx4dj4377rzyfmfgnhzx"; }; nativeBuildInputs = [ diff --git a/pkgs/applications/version-management/gitlab/data.json b/pkgs/applications/version-management/gitlab/data.json index c46aaffbbd2..9294700afed 100644 --- a/pkgs/applications/version-management/gitlab/data.json +++ b/pkgs/applications/version-management/gitlab/data.json @@ -1,13 +1,13 @@ { - "version": "14.1.0", - "repo_hash": "1a61jc8rsbdbyh891nwygl7qlsj0lm8v59s66hn22csg0dvn6qk6", + "version": "14.1.2", + "repo_hash": "1d28minrpgp8awcnx15bm7jv0k27i46wji3pc2d6wh1m0wk74b60", "owner": "gitlab-org", "repo": "gitlab", - "rev": "v14.1.0-ee", + "rev": "v14.1.2-ee", "passthru": { - "GITALY_SERVER_VERSION": "14.1.0", + "GITALY_SERVER_VERSION": "14.1.2", "GITLAB_PAGES_VERSION": "1.41.0", - "GITLAB_SHELL_VERSION": "13.19.0", - "GITLAB_WORKHORSE_VERSION": "14.1.0" + "GITLAB_SHELL_VERSION": "13.19.1", + "GITLAB_WORKHORSE_VERSION": "14.1.2" } } diff --git a/pkgs/applications/version-management/gitlab/default.nix b/pkgs/applications/version-management/gitlab/default.nix index 225b9f6c0cb..8753def1121 100644 --- a/pkgs/applications/version-management/gitlab/default.nix +++ b/pkgs/applications/version-management/gitlab/default.nix @@ -1,7 +1,7 @@ { stdenv, lib, fetchurl, fetchpatch, fetchFromGitLab, bundlerEnv , ruby, tzdata, git, nettools, nixosTests, nodejs, openssl , gitlabEnterprise ? false, callPackage, yarn -, fixup_yarn_lock, replace, file +, fixup_yarn_lock, replace, file, cacert }: let @@ -51,7 +51,7 @@ let pname = "gitlab-assets"; inherit version src; - nativeBuildInputs = [ rubyEnv.wrappedRuby rubyEnv.bundler nodejs yarn git ]; + nativeBuildInputs = [ rubyEnv.wrappedRuby rubyEnv.bundler nodejs yarn git cacert ]; # Since version 12.6.0, the rake tasks need the location of git, # so we have to apply the location patches here too. diff --git a/pkgs/applications/version-management/gitlab/gitaly/default.nix b/pkgs/applications/version-management/gitlab/gitaly/default.nix index bdc5eb92249..36223aa1942 100644 --- a/pkgs/applications/version-management/gitlab/gitaly/default.nix +++ b/pkgs/applications/version-management/gitlab/gitaly/default.nix @@ -21,14 +21,14 @@ let }; }; in buildGoModule rec { - version = "14.1.0"; + version = "14.1.2"; pname = "gitaly"; src = fetchFromGitLab { owner = "gitlab-org"; repo = "gitaly"; rev = "v${version}"; - sha256 = "sha256-k9Vz/b5ZKz93/7nzEA5mnQI8U++CB3E9b8gJBefl2b0="; + sha256 = "sha256-7OqTOJDQJ/ojHevj/ld8VLjm5ZRQgCGZKchPrAlOSO8="; }; vendorSha256 = "sha256-/SZJGRUg0qV7RYCUSGDE/HL9CmzGVffhL6BmZ316tU0="; diff --git a/pkgs/applications/version-management/gitlab/gitlab-shell/default.nix b/pkgs/applications/version-management/gitlab/gitlab-shell/default.nix index 704d9080331..ee039c4adb2 100644 --- a/pkgs/applications/version-management/gitlab/gitlab-shell/default.nix +++ b/pkgs/applications/version-management/gitlab/gitlab-shell/default.nix @@ -2,12 +2,12 @@ buildGoModule rec { pname = "gitlab-shell"; - version = "13.19.0"; + version = "13.19.1"; src = fetchFromGitLab { owner = "gitlab-org"; repo = "gitlab-shell"; rev = "v${version}"; - sha256 = "sha256-CmatKArkpDS3GGbIIkKjs4FwywLiU+lRL32GKEpOqZ0="; + sha256 = "sha256-F0TW0VjO5hc/lHqZhhMJJvpHazWRyR7Q7W324Fgn7fA="; }; buildInputs = [ ruby ]; diff --git a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix index 39bb89722e5..ffd6ff7d16c 100644 --- a/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix +++ b/pkgs/applications/version-management/gitlab/gitlab-workhorse/default.nix @@ -5,7 +5,7 @@ in buildGoModule rec { pname = "gitlab-workhorse"; - version = "14.1.0"; + version = "14.1.2"; src = fetchFromGitLab { owner = data.owner; diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock index 2ac92ce9ae7..d1147c55c78 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock +++ b/pkgs/applications/version-management/gitlab/rubyEnv/Gemfile.lock @@ -798,7 +798,7 @@ GEM nenv (~> 0.1) shellany (~> 0.0) numerizer (0.2.0) - oauth (0.5.4) + oauth (0.5.6) oauth2 (1.4.7) faraday (>= 0.8, < 2.0) jwt (>= 1.0, < 3.0) diff --git a/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix b/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix index 236245ca001..933776ace73 100644 --- a/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix +++ b/pkgs/applications/version-management/gitlab/rubyEnv/gemset.nix @@ -3427,10 +3427,10 @@ platforms = []; source = { remotes = ["https://rubygems.org"]; - sha256 = "1zszdg8q1b135z7l7crjj234k4j0m347hywp5kj6zsq7q78pw09y"; + sha256 = "1zwd6v39yqfdrpg1p3d9jvzs9ljg55ana2p06m0l7qn5w0lgx1a0"; type = "gem"; }; - version = "0.5.4"; + version = "0.5.6"; }; oauth2 = { dependencies = ["faraday" "jwt" "multi_json" "multi_xml" "rack"];