Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2021-05-15 06:22:25 +00:00 committed by GitHub
commit 78ae7ac75e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
84 changed files with 2099 additions and 1505 deletions

View File

@ -14,6 +14,7 @@ jobs:
- uses: actions/checkout@v2
- name: Merge master into staging-next
id: staging_next
uses: devmasx/merge-branch@v1.3.1
with:
type: now
@ -22,6 +23,7 @@ jobs:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Merge staging-next into staging
id: staging
uses: devmasx/merge-branch@v1.3.1
with:
type: now
@ -35,5 +37,5 @@ jobs:
with:
issue-number: 105153
body: |
An automatic merge [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).
An automatic merge${{ (steps.staging_next.outcome == 'failure' && ' from master to staging-next') || ((steps.staging.outcome == 'failure' && ' from staging-next to staging') || '') }} [failed](https://github.com/NixOS/nixpkgs/actions/runs/${{ github.run_id }}).

View File

@ -121,15 +121,20 @@ rec {
js = { bits = 32; significantByte = littleEndian; family = "js"; };
};
# Determine where two CPUs are compatible with each other. That is,
# can we run code built for system b on system a? For that to
# happen, then the set of all possible possible programs that system
# b accepts must be a subset of the set of all programs that system
# a accepts. This compatibility relation forms a category where each
# CPU is an object and each arrow from a to b represents
# compatibility. CPUs with multiple modes of Endianness are
# isomorphic while all CPUs are endomorphic because any program
# built for a CPU can run on that CPU.
# Determine when two CPUs are compatible with each other. That is,
# can code built for system B run on system A? For that to happen,
# the programs that system B accepts must be a subset of the
# programs that system A accepts.
#
# We have the following properties of the compatibility relation,
# which must be preserved when adding compatibility information for
# additional CPUs.
# - (reflexivity)
# Every CPU is compatible with itself.
# - (transitivity)
# If A is compatible with B and B is compatible with C then A is compatible with C.
# - (compatible under multiple endianness)
# CPUs with multiple modes of endianness are pairwise compatible.
isCompatible = a: b: with cpuTypes; lib.any lib.id [
# x86
(b == i386 && isCompatible a i486)

View File

@ -78,7 +78,7 @@
</listitem>
<listitem>
<para>
<link xlink:href="https://kodi.tv/">Kodi</link> has been updated to version 19.0 "Matrix". See
<link xlink:href="https://kodi.tv/">Kodi</link> has been updated to version 19.1 "Matrix". See
the <link xlink:href="https://kodi.tv/article/kodi-190-matrix-release">announcement</link> for
further details.
</para>
@ -738,6 +738,20 @@ environment.systemPackages = [
The <package>yadm</package> dotfile manager has been updated from 2.x to 3.x, which has new (XDG) default locations for some data/state files. Most yadm commands will fail and print a legacy path warning (which describes how to upgrade/migrate your repository). If you have scripts, daemons, scheduled jobs, shell profiles, etc. that invoke yadm, expect them to fail or misbehave until you perform this migration and prepare accordingly.
</para>
</listitem>
<listitem>
<para>
Instead of determining <option>services.radicale.package</option>
automatically based on <option>system.stateVersion</option>, the latest
version is always used because old versions are not officially supported.
</para>
<para>
Furthermore, Radicale's systemd unit was hardened which might break some
deployments. In particular, a non-default
<literal>filesystem_folder</literal> has to be added to
<option>systemd.services.radicale.serviceConfig.ReadWritePaths</option> if
the deprecated <option>services.radicale.config</option> is used.
</para>
</listitem>
</itemizedlist>
</section>

View File

@ -1,6 +1,6 @@
{
x86_64-linux = "/nix/store/iwfs2bfcy7lqwhri94p2i6jc87ih55zk-nix-2.3.10";
i686-linux = "/nix/store/a3ccfvy9i5n418d5v0bir330kbcz3vj8-nix-2.3.10";
aarch64-linux = "/nix/store/bh5g6cv7bv35iz853d3xv2sphn51ybmb-nix-2.3.10";
x86_64-darwin = "/nix/store/8c98r6zlwn2d40qm7jnnrr2rdlqviszr-nix-2.3.10";
x86_64-linux = "/nix/store/d1ppfhjhdwcsb4npfzyifv5z8i00fzsk-nix-2.3.11";
i686-linux = "/nix/store/c6ikndcrzwpfn2sb5b9xb1f17p9b8iga-nix-2.3.11";
aarch64-linux = "/nix/store/fb0lfrn0m8s197d264jzd64vhz9c8zbx-nix-2.3.11";
x86_64-darwin = "/nix/store/qvb86ffv08q3r66qbd6nqifz425lyyhf-nix-2.3.11";
}

View File

@ -34,6 +34,7 @@ let
"fritzbox"
"json"
"jitsi"
"kea"
"keylight"
"knot"
"lnd"

View File

@ -0,0 +1,38 @@
{ config
, lib
, pkgs
, options
}:
with lib;
let
cfg = config.services.prometheus.exporters.kea;
in {
port = 9547;
extraOpts = {
controlSocketPaths = mkOption {
type = types.listOf types.str;
example = literalExample ''
[
"/run/kea/kea-dhcp4.socket"
"/run/kea/kea-dhcp6.socket"
]
'';
description = ''
Paths to kea control sockets
'';
};
};
serviceOpts = {
serviceConfig = {
ExecStart = ''
${pkgs.prometheus-kea-exporter}/bin/kea-exporter \
--address ${cfg.listenAddress} \
--port ${toString cfg.port} \
${concatStringsSep " \\n" cfg.controlSocketPaths}
'';
SupplementaryGroups = [ "kea" ];
};
};
}

View File

@ -3,56 +3,103 @@
with lib;
let
cfg = config.services.radicale;
confFile = pkgs.writeText "radicale.conf" cfg.config;
defaultPackage = if versionAtLeast config.system.stateVersion "20.09" then {
pkg = pkgs.radicale3;
text = "pkgs.radicale3";
} else if versionAtLeast config.system.stateVersion "17.09" then {
pkg = pkgs.radicale2;
text = "pkgs.radicale2";
} else {
pkg = pkgs.radicale1;
text = "pkgs.radicale1";
};
in
{
options = {
services.radicale.enable = mkOption {
type = types.bool;
default = false;
description = ''
Enable Radicale CalDAV and CardDAV server.
'';
format = pkgs.formats.ini {
listToValue = concatMapStringsSep ", " (generators.mkValueStringDefault { });
};
services.radicale.package = mkOption {
type = types.package;
default = defaultPackage.pkg;
defaultText = defaultPackage.text;
description = ''
Radicale package to use. This defaults to version 1.x if
<literal>system.stateVersion &lt; 17.09</literal>, version 2.x if
<literal>17.09 system.stateVersion &lt; 20.09</literal>, and
version 3.x otherwise.
'';
pkg = if isNull cfg.package then
pkgs.radicale
else
cfg.package;
confFile = if cfg.settings == { } then
pkgs.writeText "radicale.conf" cfg.config
else
format.generate "radicale.conf" cfg.settings;
rightsFile = format.generate "radicale.rights" cfg.rights;
bindLocalhost = cfg.settings != { } && !hasAttrByPath [ "server" "hosts" ] cfg.settings;
in {
options.services.radicale = {
enable = mkEnableOption "Radicale CalDAV and CardDAV server";
package = mkOption {
description = "Radicale package to use.";
# Default cannot be pkgs.radicale because non-null values suppress
# warnings about incompatible configuration and storage formats.
type = with types; nullOr package // { inherit (package) description; };
default = null;
defaultText = "pkgs.radicale";
};
services.radicale.config = mkOption {
config = mkOption {
type = types.str;
default = "";
description = ''
Radicale configuration, this will set the service
configuration file.
This option is mutually exclusive with <option>settings</option>.
This option is deprecated. Use <option>settings</option> instead.
'';
};
services.radicale.extraArgs = mkOption {
settings = mkOption {
type = format.type;
default = { };
description = ''
Configuration for Radicale. See
<link xlink:href="https://radicale.org/3.0.html#documentation/configuration" />.
This option is mutually exclusive with <option>config</option>.
'';
example = literalExample ''
server = {
hosts = [ "0.0.0.0:5232" "[::]:5232" ];
};
auth = {
type = "htpasswd";
htpasswd_filename = "/etc/radicale/users";
htpasswd_encryption = "bcrypt";
};
storage = {
filesystem_folder = "/var/lib/radicale/collections";
};
'';
};
rights = mkOption {
type = format.type;
description = ''
Configuration for Radicale's rights file. See
<link xlink:href="https://radicale.org/3.0.html#documentation/authentication-and-rights" />.
This option only works in conjunction with <option>settings</option>.
Setting this will also set <option>settings.rights.type</option> and
<option>settings.rights.file</option> to approriate values.
'';
default = { };
example = literalExample ''
root = {
user = ".+";
collection = "";
permissions = "R";
};
principal = {
user = ".+";
collection = "{user}";
permissions = "RW";
};
calendars = {
user = ".+";
collection = "{user}/[^/]+";
permissions = "rw";
};
'';
};
extraArgs = mkOption {
type = types.listOf types.str;
default = [];
description = "Extra arguments passed to the Radicale daemon.";
@ -60,33 +107,94 @@ in
};
config = mkIf cfg.enable {
environment.systemPackages = [ cfg.package ];
assertions = [
{
assertion = cfg.settings == { } || cfg.config == "";
message = ''
The options services.radicale.config and services.radicale.settings
are mutually exclusive.
'';
}
];
users.users.radicale =
{ uid = config.ids.uids.radicale;
description = "radicale user";
home = "/var/lib/radicale";
createHome = true;
warnings = optional (isNull cfg.package && versionOlder config.system.stateVersion "17.09") ''
The configuration and storage formats of your existing Radicale
installation might be incompatible with the newest version.
For upgrade instructions see
https://radicale.org/2.1.html#documentation/migration-from-1xx-to-2xx.
Set services.radicale.package to suppress this warning.
'' ++ optional (isNull cfg.package && versionOlder config.system.stateVersion "20.09") ''
The configuration format of your existing Radicale installation might be
incompatible with the newest version. For upgrade instructions see
https://github.com/Kozea/Radicale/blob/3.0.6/NEWS.md#upgrade-checklist.
Set services.radicale.package to suppress this warning.
'' ++ optional (cfg.config != "") ''
The option services.radicale.config is deprecated.
Use services.radicale.settings instead.
'';
services.radicale.settings.rights = mkIf (cfg.rights != { }) {
type = "from_file";
file = toString rightsFile;
};
users.groups.radicale =
{ gid = config.ids.gids.radicale; };
environment.systemPackages = [ pkg ];
users.users.radicale.uid = config.ids.uids.radicale;
users.groups.radicale.gid = config.ids.gids.radicale;
systemd.services.radicale = {
description = "A Simple Calendar and Contact Server";
after = [ "network.target" ];
requires = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
ExecStart = concatStringsSep " " ([
"${cfg.package}/bin/radicale" "-C" confFile
"${pkg}/bin/radicale" "-C" confFile
] ++ (
map escapeShellArg cfg.extraArgs
));
User = "radicale";
Group = "radicale";
StateDirectory = "radicale/collections";
StateDirectoryMode = "0750";
# Hardening
CapabilityBoundingSet = [ "" ];
DeviceAllow = [ "/dev/stdin" ];
DevicePolicy = "strict";
IPAddressAllow = mkIf bindLocalhost "localhost";
IPAddressDeny = mkIf bindLocalhost "any";
LockPersonality = true;
MemoryDenyWriteExecute = true;
NoNewPrivileges = true;
PrivateDevices = true;
PrivateTmp = true;
PrivateUsers = true;
ProcSubset = "pid";
ProtectClock = true;
ProtectControlGroups = true;
ProtectHome = true;
ProtectHostname = true;
ProtectKernelLogs = true;
ProtectKernelModules = true;
ProtectKernelTunables = true;
ProtectProc = "invisible";
ProtectSystem = "strict";
ReadWritePaths = lib.optional
(hasAttrByPath [ "storage" "filesystem_folder" ] cfg.settings)
cfg.settings.storage.filesystem_folder;
RemoveIPC = true;
RestrictAddressFamilies = [ "AF_INET" "AF_INET6" ];
RestrictNamespaces = true;
RestrictRealtime = true;
RestrictSUIDSGID = true;
SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ];
UMask = "0027";
};
};
};
meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];
meta.maintainers = with lib.maintainers; [ aneeshusa infinisil dotlambda ];
}

View File

@ -15,11 +15,9 @@ let
apachectl = pkgs.runCommand "apachectl" { meta.priority = -1; } ''
mkdir -p $out/bin
cp ${pkg}/bin/apachectl $out/bin/apachectl
sed -i $out/bin/apachectl -e 's|$HTTPD -t|$HTTPD -t -f ${httpdConf}|'
sed -i $out/bin/apachectl -e 's|$HTTPD -t|$HTTPD -t -f /etc/httpd/httpd.conf|'
'';
httpdConf = cfg.configFile;
php = cfg.phpPackage.override { apacheHttpd = pkg; };
phpModuleName = let
@ -682,6 +680,8 @@ in
}) (filter (hostOpts: hostOpts.useACMEHost == null) acmeEnabledVhosts);
in listToAttrs acmePairs;
# httpd requires a stable path to the configuration file for reloads
environment.etc."httpd/httpd.conf".source = cfg.configFile;
environment.systemPackages = [
apachectl
pkg
@ -753,6 +753,7 @@ in
wants = concatLists (map (certName: [ "acme-finished-${certName}.target" ]) dependentCertNames);
after = [ "network.target" ] ++ map (certName: "acme-selfsigned-${certName}.service") dependentCertNames;
before = map (certName: "acme-${certName}.service") dependentCertNames;
restartTriggers = [ cfg.configFile ];
path = [ pkg pkgs.coreutils pkgs.gnugrep ];
@ -771,9 +772,9 @@ in
'';
serviceConfig = {
ExecStart = "@${pkg}/bin/httpd httpd -f ${httpdConf}";
ExecStop = "${pkg}/bin/httpd -f ${httpdConf} -k graceful-stop";
ExecReload = "${pkg}/bin/httpd -f ${httpdConf} -k graceful";
ExecStart = "@${pkg}/bin/httpd httpd -f /etc/httpd/httpd.conf";
ExecStop = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -k graceful-stop";
ExecReload = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -k graceful";
User = cfg.user;
Group = cfg.group;
Type = "forking";
@ -800,6 +801,7 @@ in
# certs are updated _after_ config has been reloaded.
before = sslTargets;
after = sslServices;
restartTriggers = [ cfg.configFile ];
# Block reloading if not all certs exist yet.
# Happens when config changes add new vhosts/certs.
unitConfig.ConditionPathExists = map (certName: certs.${certName}.directory + "/fullchain.pem") dependentCertNames;
@ -807,7 +809,7 @@ in
Type = "oneshot";
TimeoutSec = 60;
ExecCondition = "/run/current-system/systemd/bin/systemctl -q is-active httpd.service";
ExecStartPre = "${pkg}/bin/httpd -f ${httpdConf} -t";
ExecStartPre = "${pkg}/bin/httpd -f /etc/httpd/httpd.conf -t";
ExecStart = "/run/current-system/systemd/bin/systemctl reload httpd.service";
};
};

View File

@ -91,6 +91,7 @@ in
custom-ca = handleTest ./custom-ca.nix {};
croc = handleTest ./croc.nix {};
deluge = handleTest ./deluge.nix {};
dendrite = handleTest ./dendrite.nix {};
dhparams = handleTest ./dhparams.nix {};
discourse = handleTest ./discourse.nix {};
dnscrypt-proxy2 = handleTestOn ["x86_64-linux"] ./dnscrypt-proxy2.nix {};

99
nixos/tests/dendrite.nix Normal file
View File

@ -0,0 +1,99 @@
import ./make-test-python.nix (
{ pkgs, ... }:
let
homeserverUrl = "http://homeserver:8008";
private_key = pkgs.runCommand "matrix_key.pem" {
buildInputs = [ pkgs.dendrite ];
} "generate-keys --private-key $out";
in
{
name = "dendrite";
meta = with pkgs.lib; {
maintainers = teams.matrix.members;
};
nodes = {
homeserver = { pkgs, ... }: {
services.dendrite = {
enable = true;
settings = {
global.server_name = "test-dendrite-server.com";
global.private_key = private_key;
client_api.registration_disabled = false;
};
};
networking.firewall.allowedTCPPorts = [ 8008 ];
};
client = { pkgs, ... }: {
environment.systemPackages = [
(
pkgs.writers.writePython3Bin "do_test"
{ libraries = [ pkgs.python3Packages.matrix-nio ]; } ''
import asyncio
from nio import AsyncClient
async def main() -> None:
# Connect to dendrite
client = AsyncClient("http://homeserver:8008", "alice")
# Register as user alice
response = await client.register("alice", "my-secret-password")
# Log in as user alice
response = await client.login("my-secret-password")
# Create a new room
response = await client.room_create(federate=False)
room_id = response.room_id
# Join the room
response = await client.join(room_id)
# Send a message to the room
response = await client.room_send(
room_id=room_id,
message_type="m.room.message",
content={
"msgtype": "m.text",
"body": "Hello world!"
}
)
# Sync responses
response = await client.sync(timeout=30000)
# Check the message was received by dendrite
last_message = response.rooms.join[room_id].timeline.events[-1].body
assert last_message == "Hello world!"
# Leave the room
response = await client.room_leave(room_id)
# Close the client
await client.close()
asyncio.get_event_loop().run_until_complete(main())
''
)
];
};
};
testScript = ''
start_all()
with subtest("start the homeserver"):
homeserver.wait_for_unit("dendrite.service")
homeserver.wait_for_open_port(8008)
with subtest("ensure messages can be exchanged"):
client.succeed("do_test")
'';
}
)

View File

@ -326,6 +326,57 @@ let
'';
};
kea = {
exporterConfig = {
enable = true;
controlSocketPaths = [
"/run/kea/kea-dhcp6.sock"
];
};
metricProvider = {
users.users.kea = {
isSystemUser = true;
};
users.groups.kea = {};
systemd.services.prometheus-kea-exporter.after = [ "kea-dhcp6.service" ];
systemd.services.kea-dhcp6 = let
configFile = pkgs.writeText "kea-dhcp6.conf" (builtins.toJSON {
Dhcp6 = {
"control-socket" = {
"socket-type" = "unix";
"socket-name" = "/run/kea/kea-dhcp6.sock";
};
};
});
in
{
after = [ "network.target" ];
wantedBy = [ "multi-user.target" ];
serviceConfig = {
DynamicUser = false;
User = "kea";
Group = "kea";
ExecStart = "${pkgs.kea}/bin/kea-dhcp6 -c ${configFile}";
StateDirectory = "kea";
RuntimeDirectory = "kea";
UMask = "0007";
};
};
};
exporterTest = ''
wait_for_unit("kea-dhcp6.service")
wait_for_file("/run/kea/kea-dhcp6.sock")
wait_for_unit("prometheus-kea-exporter.service")
wait_for_open_port(9547)
succeed(
"curl --fail localhost:9547/metrics | grep 'packets_received_total'"
)
'';
};
knot = {
exporterConfig = {
enable = true;

View File

@ -1,140 +1,95 @@
import ./make-test-python.nix ({ lib, pkgs, ... }:
let
user = "someuser";
password = "some_password";
port = builtins.toString 5232;
port = "5232";
filesystem_folder = "/data/radicale";
common = { pkgs, ... }: {
cli = "${pkgs.calendar-cli}/bin/calendar-cli --caldav-user ${user} --caldav-pass ${password}";
in {
name = "radicale3";
meta.maintainers = with lib.maintainers; [ dotlambda ];
machine = { pkgs, ... }: {
services.radicale = {
enable = true;
config = ''
[auth]
type = htpasswd
htpasswd_filename = /etc/radicale/htpasswd
htpasswd_encryption = bcrypt
[storage]
filesystem_folder = /tmp/collections
'';
settings = {
auth = {
type = "htpasswd";
htpasswd_filename = "/etc/radicale/users";
htpasswd_encryption = "bcrypt";
};
storage = {
inherit filesystem_folder;
hook = "git add -A && (git diff --cached --quiet || git commit -m 'Changes by '%(user)s)";
};
logging.level = "info";
};
rights = {
principal = {
user = ".+";
collection = "{user}";
permissions = "RW";
};
calendars = {
user = ".+";
collection = "{user}/[^/]+";
permissions = "rw";
};
};
};
systemd.services.radicale.path = [ pkgs.git ];
environment.systemPackages = [ pkgs.git ];
systemd.tmpfiles.rules = [ "d ${filesystem_folder} 0750 radicale radicale -" ];
# WARNING: DON'T DO THIS IN PRODUCTION!
# This puts unhashed secrets directly into the Nix store for ease of testing.
environment.etc."radicale/htpasswd".source = pkgs.runCommand "htpasswd" {} ''
environment.etc."radicale/users".source = pkgs.runCommand "htpasswd" {} ''
${pkgs.apacheHttpd}/bin/htpasswd -bcB "$out" ${user} ${password}
'';
};
testScript = ''
machine.wait_for_unit("radicale.service")
machine.wait_for_open_port(${port})
in
import ./make-test-python.nix ({ lib, ... }@args: {
name = "radicale";
meta.maintainers = with lib.maintainers; [ aneeshusa infinisil ];
nodes = rec {
radicale = radicale1; # Make the test script read more nicely
radicale1 = lib.recursiveUpdate (common args) {
nixpkgs.overlays = [
(self: super: {
radicale1 = super.radicale1.overrideAttrs (oldAttrs: {
propagatedBuildInputs = with self.pythonPackages;
(oldAttrs.propagatedBuildInputs or []) ++ [ passlib ];
});
})
];
system.stateVersion = "17.03";
};
radicale1_export = lib.recursiveUpdate radicale1 {
services.radicale.extraArgs = [
"--export-storage" "/tmp/collections-new"
];
system.stateVersion = "17.03";
};
radicale2_verify = lib.recursiveUpdate radicale2 {
services.radicale.extraArgs = [ "--debug" "--verify-storage" ];
system.stateVersion = "17.09";
};
radicale2 = lib.recursiveUpdate (common args) {
system.stateVersion = "17.09";
};
radicale3 = lib.recursiveUpdate (common args) {
system.stateVersion = "20.09";
};
};
# This tests whether the web interface is accessible to an authenticated user
testScript = { nodes }: let
switchToConfig = nodeName: let
newSystem = nodes.${nodeName}.config.system.build.toplevel;
in "${newSystem}/bin/switch-to-configuration test";
in ''
with subtest("Check Radicale 1 functionality"):
radicale.succeed(
"${switchToConfig "radicale1"} >&2"
machine.succeed("sudo -u radicale git -C ${filesystem_folder} init")
machine.succeed(
"sudo -u radicale git -C ${filesystem_folder} config --local user.email radicale@example.com"
)
radicale.wait_for_unit("radicale.service")
radicale.wait_for_open_port(${port})
radicale.succeed(
"curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"
machine.succeed(
"sudo -u radicale git -C ${filesystem_folder} config --local user.name radicale"
)
with subtest("Export data in Radicale 2 format"):
radicale.succeed("systemctl stop radicale")
radicale.succeed("ls -al /tmp/collections")
radicale.fail("ls -al /tmp/collections-new")
with subtest("Radicale exits immediately after exporting storage"):
radicale.succeed(
"${switchToConfig "radicale1_export"} >&2"
with subtest("Test calendar and event creation"):
machine.succeed(
"${cli} --caldav-url http://localhost:${port}/${user} calendar create cal"
)
radicale.wait_until_fails("systemctl status radicale")
radicale.succeed("ls -al /tmp/collections")
radicale.succeed("ls -al /tmp/collections-new")
with subtest("Verify data in Radicale 2 format"):
radicale.succeed("rm -r /tmp/collections/${user}")
radicale.succeed("mv /tmp/collections-new/collection-root /tmp/collections")
radicale.succeed(
"${switchToConfig "radicale2_verify"} >&2"
machine.succeed("test -d ${filesystem_folder}/collection-root/${user}/cal")
machine.succeed('test -z "$(ls ${filesystem_folder}/collection-root/${user}/cal)"')
machine.succeed(
"${cli} --caldav-url http://localhost:${port}/${user}/cal calendar add 2021-04-23 testevent"
)
radicale.wait_until_fails("systemctl status radicale")
(retcode, logs) = radicale.execute("journalctl -u radicale -n 10")
assert (
retcode == 0 and "Verifying storage" in logs
), "Radicale 2 didn't verify storage"
assert (
"failed" not in logs and "exception" not in logs
), "storage verification failed"
with subtest("Check Radicale 2 functionality"):
radicale.succeed(
"${switchToConfig "radicale2"} >&2"
machine.succeed('test -n "$(ls ${filesystem_folder}/collection-root/${user}/cal)"')
(status, stdout) = machine.execute(
"sudo -u radicale git -C ${filesystem_folder} log --format=oneline | wc -l"
)
radicale.wait_for_unit("radicale.service")
radicale.wait_for_open_port(${port})
assert status == 0, "git log failed"
assert stdout == "3\n", "there should be exactly 3 commits"
(retcode, output) = radicale.execute(
"curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"
with subtest("Test rights file"):
machine.fail(
"${cli} --caldav-url http://localhost:${port}/${user} calendar create sub/cal"
)
assert (
retcode == 0 and "VCALENDAR" in output
), "Could not read calendar from Radicale 2"
radicale.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")
with subtest("Check Radicale 3 functionality"):
radicale.succeed(
"${switchToConfig "radicale3"} >&2"
machine.fail(
"${cli} --caldav-url http://localhost:${port}/otheruser calendar create cal"
)
radicale.wait_for_unit("radicale.service")
radicale.wait_for_open_port(${port})
(retcode, output) = radicale.execute(
"curl --fail http://${user}:${password}@localhost:${port}/someuser/calendar.ics/"
)
assert (
retcode == 0 and "VCALENDAR" in output
), "Could not read calendar from Radicale 3"
with subtest("Test web interface"):
machine.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")
radicale.succeed("curl --fail http://${user}:${password}@localhost:${port}/.web/")
with subtest("Test security"):
output = machine.succeed("systemd-analyze security radicale.service")
machine.log(output)
assert output[-9:-1] == "SAFE :-}"
'';
})

View File

@ -38,6 +38,9 @@ import ./make-test-python.nix ({ pkgs, lib, ...} :
programs.sway.enable = true;
# To test pinentry via gpg-agent:
programs.gnupg.agent.enable = true;
virtualisation.memorySize = 1024;
# Need to switch to a different VGA card / GPU driver than the default one (std) so that Sway can launch:
virtualisation.qemu.options = [ "-vga virtio" ];
@ -80,6 +83,17 @@ import ./make-test-python.nix ({ pkgs, lib, ...} :
machine.send_key("alt-shift-q")
machine.wait_until_fails("pgrep alacritty")
# Test gpg-agent starting pinentry-gnome3 via D-Bus (tests if
# $WAYLAND_DISPLAY is correctly imported into the D-Bus user env):
machine.succeed(
"su - alice -c 'swaymsg -- exec gpg --no-tty --yes --quick-generate-key test'"
)
machine.wait_until_succeeds("pgrep --exact gpg")
machine.wait_for_text("Passphrase")
machine.screenshot("gpg_pinentry")
machine.send_key("alt-shift-q")
machine.wait_until_fails("pgrep --exact gpg")
# Test swaynag:
machine.send_key("alt-shift-e")
machine.wait_for_text("You pressed the exit shortcut.")

View File

@ -82,10 +82,6 @@ mkDerivation rec {
util-linux
];
cmakeFlags = [
"-DUSE_SYSTEM_TAGLIB=ON"
];
postInstall = ''
qtWrapperArgs+=(--prefix GST_PLUGIN_SYSTEM_PATH_1_0 : "$GST_PLUGIN_SYSTEM_PATH_1_0")
'';

View File

@ -655,10 +655,10 @@
elpaBuild {
pname = "corfu";
ename = "corfu";
version = "0.4";
version = "0.6";
src = fetchurl {
url = "https://elpa.gnu.org/packages/corfu-0.4.tar";
sha256 = "0yaspx58w02n3liqy5i4lm6lk5f1fm6v5lfrzp7xaqnngq1f4gbj";
url = "https://elpa.gnu.org/packages/corfu-0.6.tar";
sha256 = "0zl769l3mmy4b0pj70dwjllq0224r2w4l45xvaqbj75qfqclj6cj";
};
packageRequires = [ emacs ];
meta = {
@ -1045,10 +1045,10 @@
elpaBuild {
pname = "eev";
ename = "eev";
version = "20210102";
version = "20210512";
src = fetchurl {
url = "https://elpa.gnu.org/packages/eev-20210102.tar";
sha256 = "14vpgcncmzzbv8v78v221hdhigvk00vqiizwd8dy0b7hqz6gl0rq";
url = "https://elpa.gnu.org/packages/eev-20210512.tar";
sha256 = "0dj49lpqv5vsx02h8mla8cmv5cr5f2qbz74f9dn8q4adpzxsajin";
};
packageRequires = [ emacs ];
meta = {
@ -1148,10 +1148,10 @@
elpaBuild {
pname = "elisp-benchmarks";
ename = "elisp-benchmarks";
version = "1.11";
version = "1.12";
src = fetchurl {
url = "https://elpa.gnu.org/packages/elisp-benchmarks-1.11.tar";
sha256 = "0s1mpapvcivy25zbhw6ghpg0ym23vb4dsrz876rl4z2rfyckxral";
url = "https://elpa.gnu.org/packages/elisp-benchmarks-1.12.tar";
sha256 = "0jzpzif4vrjg5hl0hxg4aqvi6nv56cxa1w0amnkgcz4hsscxkvwm";
};
packageRequires = [];
meta = {
@ -1159,16 +1159,21 @@
license = lib.licenses.free;
};
}) {};
emms = callPackage ({ cl-lib ? null, elpaBuild, fetchurl, lib, seq }:
emms = callPackage ({ cl-lib ? null
, elpaBuild
, fetchurl
, lib
, nadvice
, seq }:
elpaBuild {
pname = "emms";
ename = "emms";
version = "7.1";
version = "7.2";
src = fetchurl {
url = "https://elpa.gnu.org/packages/emms-7.1.tar";
sha256 = "1dng8dy0w0wsdvvnjnrllwv5a8wq3kj20jik994b7prdx5dn6y52";
url = "https://elpa.gnu.org/packages/emms-7.2.tar";
sha256 = "11vqqh9rnzibsfw7wx62rgzl8i8ldpf0hv1sj43nhl5c6dlc8d5z";
};
packageRequires = [ cl-lib seq ];
packageRequires = [ cl-lib nadvice seq ];
meta = {
homepage = "https://elpa.gnu.org/packages/emms.html";
license = lib.licenses.free;
@ -2824,10 +2829,10 @@
elpaBuild {
pname = "pyim";
ename = "pyim";
version = "3.7.1";
version = "3.7.5";
src = fetchurl {
url = "https://elpa.gnu.org/packages/pyim-3.7.1.tar";
sha256 = "0k73f1qdl51qshnvycjassdh70id5gp5qi5wz7k4zyl8pbampiyd";
url = "https://elpa.gnu.org/packages/pyim-3.7.5.tar";
sha256 = "09f34wgzckbxgr5xvaqrj0wdcmnfsb31a6m460f5g0acys20ams5";
};
packageRequires = [ async emacs xr ];
meta = {
@ -3950,10 +3955,10 @@
elpaBuild {
pname = "vertico";
ename = "vertico";
version = "0.6";
version = "0.8";
src = fetchurl {
url = "https://elpa.gnu.org/packages/vertico-0.6.tar";
sha256 = "19f6ffljraikz83nc2y9q83zjc4cfyzn9rnwm18lwh6sjsydz6kk";
url = "https://elpa.gnu.org/packages/vertico-0.8.tar";
sha256 = "1cdq49csd57vqhrs1nbif79yw4s8c0p2i2ww5n5znzj7rnxwpva4";
};
packageRequires = [ emacs ];
meta = {

View File

@ -4,10 +4,10 @@
elpaBuild {
pname = "org";
ename = "org";
version = "20210503";
version = "20210510";
src = fetchurl {
url = "https://orgmode.org/elpa/org-20210503.tar";
sha256 = "0j9p834c67qzxbxz8s1n8l5blylrpb3jh9wywphlb6jgbgl0mw09";
url = "https://orgmode.org/elpa/org-20210510.tar";
sha256 = "015c68pk52vksar7kpyb0nkcyjihlczmpq4h5vdv8xayas2qlzc7";
};
packageRequires = [];
meta = {
@ -19,10 +19,10 @@
elpaBuild {
pname = "org-plus-contrib";
ename = "org-plus-contrib";
version = "20210503";
version = "20210510";
src = fetchurl {
url = "https://orgmode.org/elpa/org-plus-contrib-20210503.tar";
sha256 = "0k0wmnx2g919h3s9ynv1cvdlyxvydglslamlwph4xng4kzcr5lrk";
url = "https://orgmode.org/elpa/org-plus-contrib-20210510.tar";
sha256 = "0pdwjnpcsk75jv4qs8n4xia6vspwn6dndbdx9z7kq5vqz7w4ykmw";
};
packageRequires = [];
meta = {

View File

@ -34,7 +34,7 @@ stdenv.mkDerivation rec {
meta = with lib; {
homepage = "https://github.com/sunrise-commander/sunrise-commander/";
description = "Two-pane file manager for Emacs based on Dired and inspired by MC";
description = "Orthodox (two-pane) file manager for Emacs";
license = licenses.gpl3Plus;
maintainers = [ maintainers.AndersonTorres ];
platforms = platforms.all;

View File

@ -13,10 +13,10 @@ let
archive_fmt = if system == "x86_64-darwin" then "zip" else "tar.gz";
sha256 = {
x86_64-linux = "0l4lx5h2daw9c5vl4kz6sq2i58b45xy4948x4q0wnwbqdqlqc9s4";
x86_64-darwin = "0qqgs7vns52bz9xkys822sjjkvyq4l20iipz6sx5kinxg6h04jyy";
aarch64-linux = "1gnh5kk4r0kfik9yfvvcbavhws4n8kn89kyl2qzpa2ryy52kk81j";
armv7l-linux = "0zz5fn9nxq58i3svhgc25s6fdz7i3rxc0naflyx1jzmpzipp4v6n";
x86_64-linux = "08qrag9nzmngzzvs2cgbmc4zzxlb9kwn183v8caj6dvcrjvfqgbv";
x86_64-darwin = "0rlyr08lla3xadlh373xqcks8a9akk3x2cmakgn17q2b16988fmq";
aarch64-linux = "1m277940xsasqac4i88s05xrqsab99jhl3ka0zzfbixrgr2dj8q1";
armv7l-linux = "1qm4cggjj50vdnrx848x810gz3ahh0hndra22lsvcjdbsw8g35rk";
}.${system};
in
callPackage ./generic.nix rec {
@ -25,7 +25,7 @@ in
# Please backport all compatible updates to the stable release.
# This is important for the extension ecosystem.
version = "1.56.1";
version = "1.56.2";
pname = "vscode";
executableName = "code" + lib.optionalString isInsiders "-insiders";

View File

@ -1,7 +1,7 @@
{ lib, stdenv, fetchFromGitHub, pkg-config, libtool
, bzip2, zlib, libX11, libXext, libXt, fontconfig, freetype, ghostscript, libjpeg, djvulibre
, lcms2, openexr, libpng, librsvg, libtiff, libxml2, openjpeg, libwebp, fftw, libheif, libde265
, ApplicationServices
, ApplicationServices, Foundation
}:
let
@ -50,7 +50,8 @@ stdenv.mkDerivation rec {
]
++ lib.optionals (!stdenv.hostPlatform.isMinGW)
[ openexr librsvg openjpeg ]
++ lib.optional stdenv.isDarwin ApplicationServices;
++ lib.optionals stdenv.isDarwin
[ ApplicationServices Foundation ];
propagatedBuildInputs =
[ bzip2 freetype libjpeg lcms2 fftw ]

View File

@ -90,11 +90,11 @@ in
stdenv.mkDerivation rec {
pname = "brave";
version = "1.24.82";
version = "1.24.85";
src = fetchurl {
url = "https://github.com/brave/brave-browser/releases/download/v${version}/brave-browser_${version}_amd64.deb";
sha256 = "iWUJ5yLWWQvg510Atf+Pd9ya/1NnMNW2Sp/RVFn4PCc=";
sha256 = "jE9INGYz78Vyvps4ESimtH1rL4GdboAUtMx1p31XQGk=";
};
dontConfigure = true;

View File

@ -20,13 +20,13 @@
stdenv.mkDerivation rec {
pname = "kubernetes";
version = "1.21.0";
version = "1.21.1";
src = fetchFromGitHub {
owner = "kubernetes";
repo = "kubernetes";
rev = "v${version}";
sha256 = "sha256-5IUcKVbHxL5qb7M087sZSsd50t5zSaeWATnyLHkVsRU=";
sha256 = "sha256-gJjCw28SqU49kIiRH+MZgeYN4VBgKVEaRPr5A/2c5Pc=";
};
nativeBuildInputs = [ removeReferencesTo makeWrapper which go rsync installShellFiles ];

View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "dnscontrol";
version = "3.8.1";
version = "3.9.0";
src = fetchFromGitHub {
owner = "StackExchange";
repo = pname;
rev = "v${version}";
sha256 = "sha256-x002p7wPKbcmr4uE04mgKBagHQV/maEo99Y2Jr7xgK4=";
sha256 = "sha256-9lIjQaMYy0FGMkR29Es3BMIAcn+jQYudyFJHwezlXKM=";
};
vendorSha256 = "sha256-lR5+xVi/ROOFoRWyK0h/8uiSP/joQ9Zr9kMaQ+sWNhM=";
vendorSha256 = "sha256-thvbqDhLdY+g/byFHJ9Tdiw8WYRccu4X1Rb0pdhE34E=";
subPackages = [ "." ];

View File

@ -79,7 +79,8 @@ in stdenv.mkDerivation {
NIX_LDFLAGS = lib.optionalString stdenv.isDarwin "-framework CoreFoundation";
postInstall = ''
install -D -m 644 /dev/stdin $apparmor/bin.transmission-daemon <<EOF
mkdir $apparmor
cat >$apparmor/bin.transmission-daemon <<EOF
include <tunables/global>
$out/bin/transmission-daemon {
include <abstractions/base>

View File

@ -1,4 +1,4 @@
{ lib, stdenv, fetchFromGitHub, makeWrapper, zlib, perl, perlPackages }:
{ lib, stdenv, fetchFromGitHub, makeWrapper, zlib, perl, perlPackages, openmp }:
stdenv.mkDerivation rec {
version = "4.8.1";
@ -14,8 +14,12 @@ stdenv.mkDerivation rec {
propagatedBuildInputs = [ perl perlPackages.TextNSP perlPackages.PerlMagick ];
nativeBuildInputs = [ zlib makeWrapper ];
buildInputs = lib.optional stdenv.cc.isClang openmp;
makeFlags = [ "PREFIX=$(out)/bin" ];
makeFlags = [
"CC=${stdenv.cc.targetPrefix}c++" # remove once https://github.com/weizhongli/cdhit/pull/114 is merged
"PREFIX=$(out)/bin"
];
preInstall = "mkdir -p $out/bin";

View File

@ -3,13 +3,13 @@
buildKodiBinaryAddon rec {
pname = "inputstream-ffmpegdirect";
namespace = "inputstream.ffmpegdirect";
version = "1.21.2";
version = "1.21.3";
src = fetchFromGitHub {
owner = "xbmc";
repo = "inputstream.ffmpegdirect";
rev = "${version}-${rel}";
sha256 = "sha256-FXtjR/4/f434gp78PBSt+QrYtMYcnljO3Htxss/wH7U=";
sha256 = "sha256-OShd6sPGXXu0rlSwuQFMWqrLscE6Y0I2eV2YJYyZNMs=";
};
extraBuildInputs = [ bzip2 zlib kodi.ffmpeg ];

View File

@ -6,13 +6,13 @@
buildKodiBinaryAddon rec {
pname = "pvr-iptvsimple";
namespace = "pvr.iptvsimple";
version = "7.6.2";
version = "7.6.4";
src = fetchFromGitHub {
owner = "kodi-pvr";
repo = "pvr.iptvsimple";
rev = "${version}-${rel}";
sha256 = "sha256-MdgPUKkbqNt/WKUTrYNetlyUBQcYLSn0J8EHH2Z9I+g=";
sha256 = "sha256-F2uvf3BChN4p4VV1vTMAAPwQchVI5paTdxSFEi0u9a0=";
};
extraBuildInputs = [

View File

@ -38,15 +38,15 @@ assert usbSupport -> !udevSupport; # libusb-compat-0_1 won't be used if udev is
assert gbmSupport || waylandSupport || x11Support;
let
kodiReleaseDate = "20210219";
kodiVersion = "19.0";
kodiReleaseDate = "20210508";
kodiVersion = "19.1";
rel = "Matrix";
kodi_src = fetchFromGitHub {
owner = "xbmc";
repo = "xbmc";
rev = "${kodiVersion}-${rel}";
sha256 = "097dg6a7v4ia85jx1pmlpwzdpqcqxlrmniqd005q73zvgj67zc2p";
rev = "v${kodiVersion}";
sha256 = "0jh67vw3983lnfgqzqfislawwbpq0vxxk1ljsg7mar06mlwfxb7h";
};
ffmpeg = stdenv.mkDerivation rec {

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "amber-theme";
version = "3.36-2";
version = "3.38-1";
src = fetchFromGitHub {
owner = "lassekongo83";
repo = pname;
rev = "v${version}";
sha256 = "1g0hkv9sxfxfnpv8x7g64lr2by7wd4k216s3y9xpibsycdbwpyi5";
sha256 = "sha256-OrdBeAD+gdIu6u8ESE9PtqYadSuJ8nx1Z8fB4D9y4W4=";
};
nativeBuildInputs = [ meson ninja sassc ];

View File

@ -28,5 +28,6 @@ stdenv.mkDerivation rec {
homepage = "https://tibleiz.net/copper/";
license = licenses.bsd2;
platforms = platforms.x86_64;
broken = stdenv.isDarwin;
};
}

View File

@ -1,24 +1,34 @@
{ lib, stdenv, fetchFromGitHub, cmake, llvmPackages, libxml2, zlib, substituteAll }:
{ lib
, stdenv
, fetchFromGitHub
, cmake
, llvmPackages
, libxml2
, zlib
}:
llvmPackages.stdenv.mkDerivation rec {
version = "0.7.1";
pname = "zig";
version = "0.7.1";
src = fetchFromGitHub {
owner = "ziglang";
repo = pname;
rev = version;
sha256 = "1z6c4ym9jmga46cw2arn7zv2drcpmrf3vw139gscxp27n7q2z5md";
hash = "sha256-rZYv8LFH3M70SyPwPVyul+Um9j82K8GZIepVmaonzPw=";
};
nativeBuildInputs = [ cmake llvmPackages.llvm.dev ];
nativeBuildInputs = [
cmake llvmPackages.llvm.dev
];
buildInputs = [
llvmPackages.libclang
llvmPackages.llvm
llvmPackages.lld
libxml2
zlib
];
] ++ (with llvmPackages; [
libclang
lld
llvm
]);
preBuild = ''
export HOME=$TMPDIR;
@ -33,12 +43,12 @@ llvmPackages.stdenv.mkDerivation rec {
doCheck = true;
meta = with lib; {
homepage = "https://ziglang.org/";
description =
"General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software";
homepage = "https://ziglang.org/";
license = licenses.mit;
maintainers = with maintainers; [ andrewrk AndersonTorres ];
platforms = platforms.unix;
maintainers = [ maintainers.andrewrk ];
# See https://github.com/NixOS/nixpkgs/issues/86299
broken = stdenv.isDarwin;
};

View File

@ -3,6 +3,6 @@
# How to obtain `sha256`:
# nix-prefetch-url --unpack https://github.com/erlang/otp/archive/OTP-${version}.tar.gz
mkDerivation {
version = "23.3.2";
sha256 = "eU3BmBJqrcg3FmkuAIfB3UoSNfQQfvGNyC2jBffwm/w=";
version = "23.3.4";
sha256 = "EKewwcK1Gr84mmFVxVmOLaPiFtsG3r/1ubGOUwM/EYY=";
}

View File

@ -0,0 +1,48 @@
--- a/Makefile 2021-05-14 22:39:14.407200562 +0300
+++ b/Makefile 2021-05-14 22:36:23.828513407 +0300
@@ -41,7 +41,7 @@
# What to install.
TO_BIN= lua luac
TO_INC= lua.h luaconf.h lualib.h lauxlib.h lua.hpp
-TO_LIB= liblua.a
+TO_LIB= liblua.${version}.dylib
TO_MAN= lua.1 luac.1
# Lua version and release.
@@ -60,6 +60,8 @@
cd src && $(INSTALL_DATA) $(TO_INC) $(INSTALL_INC)
cd src && $(INSTALL_DATA) $(TO_LIB) $(INSTALL_LIB)
cd doc && $(INSTALL_DATA) $(TO_MAN) $(INSTALL_MAN)
+ ln -s -f liblua.${version}.dylib $(INSTALL_LIB)/liblua.${luaversion}.dylib
+ ln -s -f liblua.${luaversion}.dylib $(INSTALL_LIB)/liblua.dylib
uninstall:
cd src && cd $(INSTALL_BIN) && $(RM) $(TO_BIN)
--- a/src/Makefile 2021-05-14 22:35:38.575051882 +0300
+++ b/src/Makefile 2021-05-14 22:35:33.584631206 +0300
@@ -32,7 +32,7 @@
PLATS= guess aix bsd c89 freebsd generic linux linux-readline macosx mingw posix solaris
-LUA_A= liblua.a
+LUA_A= liblua.${version}.dylib
CORE_O= lapi.o lcode.o lctype.o ldebug.o ldo.o ldump.o lfunc.o lgc.o llex.o lmem.o lobject.o lopcodes.o lparser.o lstate.o lstring.o ltable.o ltm.o lundump.o lvm.o lzio.o
LIB_O= lauxlib.o lbaselib.o lcorolib.o ldblib.o liolib.o lmathlib.o loadlib.o loslib.o lstrlib.o ltablib.o lutf8lib.o linit.o
BASE_O= $(CORE_O) $(LIB_O) $(MYOBJS)
@@ -57,11 +57,13 @@
a: $(ALL_A)
$(LUA_A): $(BASE_O)
- $(AR) $@ $(BASE_O)
- $(RANLIB) $@
+ $(CC) -dynamiclib -install_name $(out)/lib/liblua.${version}.dylib \
+ -compatibility_version ${version} -current_version ${version} \
+ -o liblua.${version}.dylib $^
$(LUA_T): $(LUA_O) $(LUA_A)
- $(CC) -o $@ $(LDFLAGS) $(LUA_O) $(LUA_A) $(LIBS)
+ $(CC) -fno-common $(MYLDFLAGS) \
+ -o $@ $(LUA_O) $(LUA_A) -L. -llua.${version} $(LIBS)
$(LUAC_T): $(LUAC_O) $(LUA_A)
$(CC) -o $@ $(LDFLAGS) $(LUAC_O) $(LUA_A) $(LIBS)

View File

@ -5,6 +5,12 @@ rec {
lua5_4 = callPackage ./interpreter.nix {
sourceVersion = { major = "5"; minor = "4"; patch = "2"; };
hash = "0ksj5zpj74n0jkamy3di1p6l10v4gjnd2zjnb453qc6px6bhsmqi";
patches = if stdenv.isDarwin then [ ./5.4.darwin.patch ] else [
# build lua as a shared library as well, MIT-licensed from
# https://github.com/archlinux/svntogit-packages/tree/packages/lua/trunk
./liblua.so.patch
];
};
lua5_4_compat = lua5_4.override({

View File

@ -61,7 +61,8 @@ self = stdenv.mkDerivation rec {
configurePhase = ''
runHook preConfigure
makeFlagsArray+=(CFLAGS='-O2 -fPIC${lib.optionalString compat " -DLUA_COMPAT_ALL"} $(SYSCFLAGS)' )
makeFlagsArray+=(CFLAGS='-O2 -fPIC${lib.optionalString compat " -DLUA_COMPAT_ALL"} $(${
if lib.versionAtLeast luaversion "5.2" then "SYSCFLAGS" else "MYCFLAGS"})' )
makeFlagsArray+=(${lib.optionalString stdenv.isDarwin "CC=\"$CC\""}${lib.optionalString (stdenv.buildPlatform != stdenv.hostPlatform) " 'AR=${stdenv.cc.targetPrefix}ar rcu'"})
installFlagsArray=( TO_BIN="lua luac" INSTALL_DATA='cp -d' \

View File

@ -1,7 +1,7 @@
{ lib, stdenv, fetchFromGitLab, cmake, gfortran, perl }:
let
version = "5.1.3";
version = "5.1.4";
in stdenv.mkDerivation {
pname = "libxc";
@ -11,7 +11,7 @@ in stdenv.mkDerivation {
owner = "libxc";
repo = "libxc";
rev = version;
sha256 = "14czspifznsmvvix5hcm1rk18iy590qk8p5m00p0y032gmn9i2zj";
sha256 = "0rs6v72zz3jr22r29zxxdk8wdsfv6wid6cx2661974z09dbvbr1f";
};
buildInputs = [ gfortran ];

View File

@ -1,39 +1,21 @@
{ lib, stdenv, fetchurl, cmake, fetchpatch
{ lib
, stdenv
, fetchFromGitHub
, cmake
, zlib
}:
stdenv.mkDerivation rec {
pname = "taglib";
version = "1.11.1";
version = "1.12";
src = fetchurl {
url = "http://taglib.org/releases/${pname}-${version}.tar.gz";
sha256 = "0ssjcdjv4qf9liph5ry1kngam1y7zp8fzr9xv4wzzrma22kabldn";
src = fetchFromGitHub {
owner = "taglib";
repo = "taglib";
rev = "v${version}";
sha256 = "sha256-omErajnYgxbflsbe6pS2KsexZcXisso0WGYnmIud7WA=";
};
patches = [
(fetchpatch {
# https://github.com/taglib/taglib/issues/829
name = "CVE-2017-12678.patch";
url = "https://github.com/taglib/taglib/commit/eb9ded1206f18.patch";
sha256 = "1bvpxsvmlpi3by7myzss9kkpdkv405612n8ff68mw1ambj8h1m90";
})
(fetchpatch {
# https://github.com/taglib/taglib/pull/869
name = "CVE-2018-11439.patch";
url = "https://github.com/taglib/taglib/commit/272648ccfcccae30e002ccf34a22e075dd477278.patch";
sha256 = "0p397qq4anvcm0p8xs68mxa8hg6dl07chg260lc6k2929m34xv72";
})
(fetchpatch {
# many consumers of taglib have started vendoring taglib due to this bug
name = "fix_ogg_corruption.patch";
url = "https://github.com/taglib/taglib/commit/9336c82da3a04552168f208cd7a5fa4646701ea4.patch";
sha256 = "01wlwk4gmfxdg5hjj9jmrain7kia89z0zsdaf5gn3nibmy5bq70r";
})
];
nativeBuildInputs = [ cmake ];
buildInputs = [ zlib ];
@ -51,7 +33,6 @@ stdenv.mkDerivation rec {
Speex, WavPack, TrueAudio, WAV, AIFF, MP4 and ASF files.
'';
license = with licenses; [ lgpl3 mpl11 ];
inherit (cmake.meta) platforms;
maintainers = with maintainers; [ ttuegel ];
};
}

View File

@ -6,12 +6,12 @@
buildPythonPackage rec {
pname = "adafruit-platformdetect";
version = "3.13.0";
version = "3.13.1";
src = fetchPypi {
pname = "Adafruit-PlatformDetect";
inherit version;
sha256 = "sha256-FlPd3bj2sU52nc2+XohNhBWRa+1Dr/SyaiSusxX6PeE=";
sha256 = "sha256-SUK2EpOHCFWm4zV+yRtzz81B0GMcwRsVnTOh2msSsSk=";
};
nativeBuildInputs = [ setuptools-scm ];

View File

@ -2,8 +2,8 @@
, buildPythonPackage
, isPy27
, fetchPypi
, python
, ansible
, setuptools-scm
, ansible-base
, enrich
, flaky
, pyyaml
@ -27,10 +27,12 @@ buildPythonPackage rec {
sha256 = "sha256-tnuWKEB66bwVuwu3H3mHG99ZP+/msGhMDMRL5fyQgD8=";
};
buildInputs = [ python ];
nativeBuildInputs = [
setuptools-scm
];
propagatedBuildInputs = [
ansible
ansible-base
enrich
flaky
pyyaml
@ -65,7 +67,7 @@ buildPythonPackage rec {
preCheck = ''
# ansible wants to write to $HOME and crashes if it can't
export HOME=$(mktemp -d)
export PATH=$PATH:${lib.makeBinPath [ ansible ]}
export PATH=$PATH:${lib.makeBinPath [ ansible-base ]}
# create a working ansible-lint executable
export PATH=$PATH:$PWD/src/ansiblelint
@ -82,7 +84,7 @@ buildPythonPackage rec {
"test_prerun_reqs_v2"
];
makeWrapperArgs = [ "--prefix PATH : ${lib.makeBinPath [ ansible ]}" ];
makeWrapperArgs = [ "--prefix PATH : ${lib.makeBinPath [ ansible-base ]}" ];
meta = with lib; {
homepage = "https://github.com/ansible-community/ansible-lint";

View File

@ -70,7 +70,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Radically simple IT automation";
homepage = "Radically simple IT automation";
homepage = "http://www.ansible.com";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ hexa ];
};

View File

@ -1,7 +1,11 @@
{ lib, buildPythonPackage, fetchPypi, pythonOlder
, requests
{ buildPythonPackage
, cryptography
, fetchPypi
, lib
, pythonOlder
, protobuf
, pycryptodome
, requests
}:
buildPythonPackage rec {
@ -14,11 +18,17 @@ buildPythonPackage rec {
sha256 = "0ampvsv97r3hy1cakif4kmyk1ynf3scbvh4fbk02x7xrxn4kl38w";
};
propagatedBuildInputs = [ requests protobuf pycryptodome ];
# package doesn't contain unit tests
# scripts in ./test require networking
doCheck = false;
pythonImportsCheck = [ "gpapi.googleplay" ];
propagatedBuildInputs = [ cryptography protobuf pycryptodome requests ];
meta = with lib; {
homepage = "https://github.com/NoMore201/googleplay-api";
license = licenses.gpl3;
license = licenses.gpl3Only;
description = "Google Play Unofficial Python API";
maintainers = with maintainers; [ ];
};

View File

@ -1,11 +1,12 @@
{ buildPythonPackage
{ lib
, buildPythonPackage
, isPyPy
, fetchPypi
, pythonOlder
, curl
, openssl
, bottle
, pytest
, pytestCheckHook
, nose
, flaky
}:
@ -20,6 +21,11 @@ buildPythonPackage rec {
sha256 = "8301518689daefa53726b59ded6b48f33751c383cf987b0ccfbbc4ed40281325";
};
preConfigure = ''
substituteInPlace setup.py --replace '--static-libs' '--libs'
export PYCURL_SSL_LIBRARY=openssl
'';
buildInputs = [
curl
openssl.out
@ -31,34 +37,48 @@ buildPythonPackage rec {
checkInputs = [
bottle
pytest
pytestCheckHook
nose
flaky
];
# skip impure or flakey tests
# See also:
# * https://github.com/NixOS/nixpkgs/issues/77304
checkPhase = ''
HOME=$TMPDIR pytest tests -k "not test_ssl_in_static_libs \
and not test_keyfunction \
and not test_keyfunction_bogus_return \
and not test_libcurl_ssl_gnutls \
and not test_libcurl_ssl_nss \
and not test_libcurl_ssl_openssl" \
--ignore=tests/getinfo_test.py \
--ignore=tests/memory_mgmt_test.py \
--ignore=tests/multi_memory_mgmt_test.py \
--ignore=tests/multi_timer_test.py
pytestFlagsArray = [
# don't pick up the tests directory below examples/
"tests"
];
preCheck = ''
export HOME=$TMPDIR
'';
preConfigure = ''
substituteInPlace setup.py --replace '--static-libs' '--libs'
export PYCURL_SSL_LIBRARY=openssl
'';
disabledTests = [
# libcurl stopped passing the reason phrase from the HTTP status line
# https://github.com/pycurl/pycurl/issues/679
"test_failonerror"
"test_failonerror_status_line_invalid_utf8_python3"
# bottle>=0.12.17 escapes utf8 properly, so these test don't work anymore
# https://github.com/pycurl/pycurl/issues/669
"test_getinfo_content_type_invalid_utf8_python3"
"test_getinfo_cookie_invalid_utf8_python3"
"test_getinfo_raw_content_type_invalid_utf8"
"test_getinfo_raw_cookie_invalid_utf8"
# tests that require network access
"test_keyfunction"
"test_keyfunction_bogus_return"
# OSError: tests/fake-curl/libcurl/with_openssl.so: cannot open shared object file: No such file or directory
"test_libcurl_ssl_openssl"
# OSError: tests/fake-curl/libcurl/with_nss.so: cannot open shared object file: No such file or directory
"test_libcurl_ssl_nss"
# OSError: tests/fake-curl/libcurl/with_gnutls.so: cannot open shared object file: No such file or directory
"test_libcurl_ssl_gnutls"
# AssertionError: assert 'crypto' in ['curl']
"test_ssl_in_static_libs"
];
meta = {
meta = with lib; {
homepage = "http://pycurl.sourceforge.net/";
description = "Python wrapper for libcurl";
license = licenses.lgpl2Only;
maintainers = with maintainers; [];
};
}

View File

@ -1,4 +1,5 @@
{ lib
, stdenv
, buildPythonPackage
, fetchFromGitHub
, isPy27
@ -49,6 +50,9 @@ buildPythonPackage {
# This test try to remove a dicom inside $HOME/.pydicom/data/ and download it again.
disabledTests = [
"test_fetch_data_files"
] ++ lib.optionals stdenv.isAarch64 [
# https://github.com/pydicom/pydicom/issues/1386
"test_array"
];
meta = with lib; {

View File

@ -1,22 +1,14 @@
{ lib, buildPythonPackage, fetchPypi, fetchpatch, pkg-config, fuse3, trio, pytestCheckHook, pytest-trio, which }:
{ lib, buildPythonPackage, fetchPypi, pkg-config, fuse3, trio, pytestCheckHook, pytest-trio, which }:
buildPythonPackage rec {
pname = "pyfuse3";
version = "3.1.1";
version = "3.2.0";
src = fetchPypi {
inherit pname version;
sha256 = "9feb42a8639dc4815522ee6af6f7221552cfd2df1c7a7e9df96767be65e18667";
sha256 = "45f0053ad601b03a36e2c283a5271403674245a66a0daf50e3deaab0ea4fa82f";
};
patches = [
# Fixes tests with pytest 6, to be removed in next stable version
(fetchpatch {
url = "https://github.com/libfuse/pyfuse3/commit/0070eddfc33fc2fba8eb4fe9353a2d2fa1ae575b.patch";
sha256 = "0lb4x1j31ihs3qkn61x41k2vqwcjl2fp1c2qx2jg9br6yqhjmg3b";
})
];
nativeBuildInputs = [ pkg-config ];
buildInputs = [ fuse3 ];
@ -36,7 +28,7 @@ buildPythonPackage rec {
meta = with lib; {
description = "Python 3 bindings for libfuse 3 with async I/O support";
homepage = "https://github.com/libfuse/pyfuse3";
license = licenses.gpl2;
license = licenses.lgpl2Plus;
maintainers = with maintainers; [ nyanloutre ];
};
}

View File

@ -3,56 +3,35 @@
, fetchFromGitHub
, taglib
, cython
, pytest
, glibcLocales
, fetchpatch
, pytestCheckHook
}:
buildPythonPackage rec {
pname = "pytaglib";
version = "1.4.5";
version = "1.4.6";
src = fetchFromGitHub {
owner = "supermihi";
repo = pname;
rev = "v${version}";
sha256 = "1gvvadlgk8ny8bg76gwvvfcwp1nfgrjphi60h5f9ha7h5ff1g2wb";
sha256 = "sha256-UAWXR1MCxEB48n7oQE+L545F+emlU3HErzLX6YTRteg=";
};
patches = [
# fix tests on python 2.7
(fetchpatch {
url = "https://github.com/supermihi/pytaglib/commit/0c4ae750fcd5b18d2553975c7e3e183e9dca5bf1.patch";
sha256 = "1kv3c68vimx5dc8aacvzphiaq916avmprxddi38wji8p2ql6vngj";
})
# properly install pyprinttags
(fetchpatch {
url = "https://github.com/supermihi/pytaglib/commit/ba7a1406ddf35ddc41ed57f1c8d1f2bc2ed2c93a.patch";
sha256 = "0pi0dcq7db5fd3jnbwnfsfsgxvlhnm07z5yhpp93shk0s7ci2bwp";
})
(fetchpatch {
url = "https://github.com/supermihi/pytaglib/commit/28772f6f94d37f05728071381a0fa04c6a14783a.patch";
sha256 = "0h259vzj1l0gpibdf322yclyd10x5rh1anzhsjj2ghm6rj6q0r0m";
})
buildInputs = [
cython
taglib
];
postPatch = ''
substituteInPlace setup.py --replace "'pytest-runner', " ""
'';
checkInputs = [
pytestCheckHook
];
buildInputs = [ taglib cython ];
pythonImportsCheck = [ "taglib" ];
checkInputs = [ pytest glibcLocales ];
checkPhase = ''
LC_ALL=en_US.utf-8 pytest .
'';
meta = {
meta = with lib; {
description = "Python bindings for the Taglib audio metadata library";
homepage = "https://github.com/supermihi/pytaglib";
description = "Python 2.x/3.x bindings for the Taglib audio metadata library";
license = lib.licenses.gpl3;
maintainers = [ lib.maintainers.mrkkrp ];
license = licenses.gpl3Plus;
maintainers = with maintainers; [ mrkkrp ];
};
}

View File

@ -10,23 +10,14 @@
buildPythonPackage rec {
pname = "rfc3339-validator";
version = "0.1.3";
version = "0.1.4";
src = fetchPypi {
pname = "rfc3339_validator";
inherit version;
sha256 = "7a578aa0740e9ee2b48356fe1f347139190c4c72e27f303b3617054efd15df32";
sha256 = "0srg0b89aikzinw72s433994k5gv5lfyarq1adhas11kz6yjm2hk";
};
patches = [
# Fixes test failure on darwin. Filed upstream: https://github.com/naimetti/rfc3339-validator/pull/3.
# Not yet merged.
(fetchpatch {
url = "https://github.com/rmcgibbo/rfc3339-validator/commit/4b6bb62c30bd158d3b4663690dcba1084ac31770.patch";
sha256 = "0h9k82hhmp2xfzn49n3i47ws3rpm9lvfs2rjrds7hgx5blivpwl6";
})
];
propagatedBuildInputs = [ six ];
checkInputs = [ pytestCheckHook hypothesis strict-rfc3339 ];

View File

@ -17,6 +17,8 @@ buildPythonPackage {
sha256 = "jNu6qm8Q/UyJVaCqwFOPX02xAR5DwvCK3PaH6Fvmakk=";
};
patches = [ ./telfhash-new-tlsh-hash.patch ];
# The tlsh library's name is just "tlsh"
postPatch = ''
substituteInPlace requirements.txt --replace "python-tlsh" "tlsh"

View File

@ -0,0 +1,30 @@
diff --git a/telfhash/grouping.py b/telfhash/grouping.py
index c62f8d9..4ee9f0b 100644
--- a/telfhash/grouping.py
+++ b/telfhash/grouping.py
@@ -32,10 +32,10 @@ import tlsh
def get_combination(telfhash_data):
#
- # TLSH hash is 70 characters long. if the telfhash is not 70
+ # The new TLSH hash is 72 characters long. if the telfhash is not 72
# characters in length, exclude from the list
#
- files_list = [x for x in list(telfhash_data.keys()) if telfhash_data[x]["telfhash"] is not None and len(telfhash_data[x]["telfhash"]) == 70]
+ files_list = [x for x in list(telfhash_data.keys()) if telfhash_data[x]["telfhash"] is not None and len(telfhash_data[x]["telfhash"]) == 72]
#
# get the combination of all the possible pairs of filenames
diff --git a/telfhash/telfhash.py b/telfhash/telfhash.py
index f2bbd25..c6e346c 100755
--- a/telfhash/telfhash.py
+++ b/telfhash/telfhash.py
@@ -132,7 +132,7 @@ def get_hash(symbols_list):
symbol_string = ",".join(symbols_list)
encoded_symbol_string = symbol_string.encode("ascii")
- return tlsh.forcehash(encoded_symbol_string).lower()
+ return tlsh.forcehash(encoded_symbol_string)
def elf_get_imagebase(elf):

View File

@ -1,4 +1,4 @@
{ lib, fetchFromGitHub, rustPlatform, pkg-config, libusb1 }:
{ lib, stdenv, fetchFromGitHub, rustPlatform, pkg-config, libusb1, AppKit }:
rustPlatform.buildRustPackage rec {
pname = "ecpdap";
@ -15,7 +15,8 @@ rustPlatform.buildRustPackage rec {
nativeBuildInputs = [ pkg-config ];
buildInputs = [ libusb1 ];
buildInputs = [ libusb1 ]
++ lib.optional stdenv.isDarwin AppKit;
postInstall = ''
mkdir -p $out/etc/udev/rules.d

View File

@ -0,0 +1,31 @@
{ lib, buildGoModule, fetchFromGitHub, jq, makeWrapper }:
buildGoModule rec {
pname = "jiq";
version = "0.7.1";
src = fetchFromGitHub {
owner = "fiatjaf";
repo = pname;
rev = version;
sha256 = "sha256-EPhnfgmn0AufuxwcwRrEEQk+RD97akFJSzngkTl4LmY=";
};
vendorSha256 = "sha256-ZUmOhPGy+24AuxdeRVF0Vnu8zDGFrHoUlYiDdfIV5lc=";
nativeBuildInputs = [ makeWrapper ];
checkInputs = [ jq ];
postInstall = ''
wrapProgram $out/bin/jiq \
--prefix PATH : ${lib.makeBinPath [ jq ]}
'';
meta = with lib; {
homepage = "https://github.com/fiatjaf/jiq";
license = licenses.mit;
description = "jid on jq - interactive JSON query tool using jq expressions";
maintainers = with maintainers; [ ma27 ];
};
}

View File

@ -20,4 +20,6 @@ pkgs.buildPythonApplication rec {
toml
jsonschema
];
# https://github.com/nix-community/pypi2nix/issues/460
meta.broken = true;
}

View File

@ -11,16 +11,16 @@
rustPlatform.buildRustPackage rec {
pname = "cargo-msrv";
version = "0.4.0";
version = "0.5.0";
src = fetchFromGitHub {
owner = "foresterre";
repo = pname;
rev = "v${version}";
sha256 = "1ynv5d2rxlc1gzq93v8qjyl5063w7q42g9m95250yh2lmf9hdj5i";
sha256 = "sha256-7XOpK6+JVV/p+g/Lb/ORUC9msME0vtuDbmiCBmuOJ8w=";
};
cargoSha256 = "03rphdps17gzcmf8n5w14x5i5rjnfznsl150s3cz5vzhbmnlpszf";
cargoSha256 = "sha256-KYITZHBcb5G+7PW8kwbHSsereVjH39cVLQjqNaCq2iU=";
passthru = {
updateScript = nix-update-script {

View File

@ -2,16 +2,16 @@
, atk, at-spi2-atk, at-spi2-core, alsaLib, cairo, cups, dbus, expat, gdk-pixbuf, glib, gtk3
, freetype, fontconfig, nss, nspr, pango, udev, libuuid, libX11, libxcb, libXi
, libXcursor, libXdamage, libXrandr, libXcomposite, libXext, libXfixes
, libXrender, libXtst, libXScrnSaver
, libXrender, libXtst, libXScrnSaver, libdrm, mesa
}:
stdenv.mkDerivation rec {
pname = "postman";
version = "7.36.1";
version = "8.4.0";
src = fetchurl {
url = "https://dl.pstmn.io/download/version/${version}/linux64";
sha256 = "sha256-6brThKTAQI3cu3SSqvEIT1nwlQ/jPTP+d/Q/m/Ez5nQ=";
sha256 = "040l0g6m8lmjrm0wvq8z13xyddasz7v95v54d658w14gv0n713vw";
name = "${pname}.tar.gz";
};
@ -43,10 +43,12 @@ stdenv.mkDerivation rec {
gtk3
freetype
fontconfig
mesa
nss
nspr
pango
udev
libdrm
libuuid
libX11
libxcb

View File

@ -38,8 +38,8 @@ in ((vscode-utils.override { stdenv = gccStdenv; }).buildVscodeMarketplaceExtens
mktplcRef = {
name = "vsliveshare";
publisher = "ms-vsliveshare";
version = "1.0.4131";
sha256 = "167fwb1nri9xs5bx14zdg2q3fsmlbihcvnk90fv9av8zirpwa3vs";
version = "1.0.4272";
sha256 = "kH8ZiNzpAfR1BnKjYc+hcNMEmhBNyHlnOlj8fCdNGjY=";
};
}).overrideAttrs({ nativeBuildInputs ? [], buildInputs ? [], ... }: {
nativeBuildInputs = nativeBuildInputs ++ [

View File

@ -41,13 +41,13 @@ in vscode-utils.buildVscodeMarketplaceExtension rec {
mktplcRef = {
name = "python";
publisher = "ms-python";
version = "2021.4.765268190";
version = "2021.5.829140558";
};
vsix = fetchurl {
name = "${mktplcRef.publisher}-${mktplcRef.name}.zip";
url = "https://github.com/microsoft/vscode-python/releases/download/${mktplcRef.version}/ms-python-release.vsix";
sha256 = "0x7dn3vc83mph2gaxgx26bn7g71hqdpp1mpizmd4jqcrknc4d7ci";
sha256 = "0y2HN4WGYUUXBfqp8Xb4oaA0hbLZmE3kDUXMBAOjvPQ=";
};
buildInputs = [

View File

@ -7,14 +7,14 @@
stdenv.mkDerivation rec {
pname = "ell";
version = "0.38";
version = "0.40";
outputs = [ "out" "dev" ];
src = fetchgit {
url = "https://git.kernel.org/pub/scm/libs/${pname}/${pname}.git";
rev = version;
sha256 = "sha256-UR6NHIO/L/QbuVerXe32RNT33wwrDvIZpV6nlYaImI8=";
sha256 = "sha256-Yr08Kb8YU7xqBnhhS8rn+GFXAV68Hgj4aY26eptb9/8=";
};
nativeBuildInputs = [

View File

@ -38,7 +38,8 @@ in stdenv.mkDerivation rec {
buildInputs = [ libcap ]
++ lib.optional (!stdenv.hostPlatform.isMusl) libidn2;
postInstall = ''
install -D -m 644 /dev/stdin $apparmor/bin.ping <<EOF
mkdir $apparmor
cat >$apparmor/bin.ping <<EOF
include <tunables/global>
$out/bin/ping {
include <abstractions/base>

View File

@ -12,12 +12,12 @@
stdenv.mkDerivation rec {
pname = "iwd";
version = "1.12";
version = "1.14";
src = fetchgit {
url = "https://git.kernel.org/pub/scm/network/wireless/iwd.git";
rev = version;
sha256 = "sha256-o3Vc5p/AFZwbkEWJZzO6wWAJ/BmSh0eKxdnjm5B9BFU=";
sha256 = "sha256-uGe4TO1/bs8k2z3wOJqaZgT6u6yX/7wx4HMSS2hN4XE=";
};
outputs = [ "out" "man" ]
@ -57,6 +57,8 @@ stdenv.mkDerivation rec {
];
postUnpack = ''
mkdir -p iwd/ell
ln -s ${ell.src}/ell/useful.h iwd/ell/useful.h
patchShebangs .
'';

View File

@ -9,7 +9,7 @@
stdenv.mkDerivation rec {
pname = "slurm";
version = "20.11.6.1";
version = "20.11.7.1";
# N.B. We use github release tags instead of https://www.schedmd.com/downloads.php
# because the latter does not keep older releases.
@ -18,7 +18,7 @@ stdenv.mkDerivation rec {
repo = "slurm";
# The release tags use - instead of .
rev = "${pname}-${builtins.replaceStrings ["."] ["-"] version}";
sha256 = "1c2dqqddw5bfb27smq7rqa7v1wymdj155ky50rbyvl36pmhc9djp";
sha256 = "0ril6k4dj96qhx5x7r4nc2ghp7n9700808731v4qn9yvcslqzg9a";
};
outputs = [ "out" "dev" ];

View File

@ -1,4 +1,4 @@
{ lib, buildGoModule, fetchFromGitHub}:
{ lib, buildGoModule, fetchFromGitHub, nixosTests }:
buildGoModule rec {
pname = "matrix-dendrite";
@ -13,6 +13,10 @@ buildGoModule rec {
vendorSha256 = "1l1wydvi0yalas79cvhrqg563cvs57hg9rv6qnkw879r6smb2x1n";
passthru.tests = {
inherit (nixosTests) dendrite;
};
meta = with lib; {
homepage = "https://matrix.org";
description = "Dendrite is a second-generation Matrix homeserver written in Go!";

View File

@ -142,13 +142,13 @@ in
stdenv.mkDerivation rec {
pname = "inspircd";
version = "3.9.0";
version = "3.10.0";
src = fetchFromGitHub {
owner = pname;
repo = pname;
rev = "v${version}";
sha256 = "0x3paasf4ynx4ddky2nq613vyirbhfnxzkjq148k7154pz3q426s";
sha256 = "1817gmxk4v7k5398d2fb6qkwadg0fd980gqmr80wdnppx450ikn7";
};
outputs = [ "bin" "lib" "man" "doc" "out" ];
@ -160,6 +160,8 @@ stdenv.mkDerivation rec {
buildInputs = extraInputs;
configurePhase = ''
runHook preConfigure
patchShebangs configure make/*.pl
# configure is executed twice, once to set the extras
@ -183,6 +185,8 @@ stdenv.mkDerivation rec {
--module-dir ${placeholder "lib"}/lib/inspircd \
--runtime-dir /var/run \
--script-dir ${placeholder "bin"}/share/inspircd \
runHook postConfigure
'';
postInstall = ''

View File

@ -0,0 +1,33 @@
{ lib, python3Packages, nixosTests }:
python3Packages.buildPythonApplication rec {
pname = "kea-exporter";
version = "0.4.2";
src = python3Packages.fetchPypi {
inherit pname version;
sha256 = "0dpzicv0ksyda2lprldkj452c23qycl5c9avca6x7f7rbqry9pnd";
};
propagatedBuildInputs = with python3Packages; [
click
prometheus_client
];
checkPhase = ''
$out/bin/kea-exporter --help > /dev/null
$out/bin/kea-exporter --version | grep -q ${version}
'';
passthru.tests = {
inherit (nixosTests.prometheus-exporters) kea;
};
meta = with lib; {
description = "Export Kea Metrics in the Prometheus Exposition Format";
homepage = "https://github.com/mweinelt/kea-exporter";
license = licenses.mit;
maintainers = with maintainers; [ hexa ];
};
}

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "wallabag";
version = "2.4.1";
version = "2.4.2";
# remember to rm -r var/cache/* after a rebuild or unexpected errors will occur
src = fetchurl {
url = "https://static.wallabag.org/releases/wallabag-release-${version}.tar.gz";
sha256 = "1dqf5ia66kjsnfad2xkm8w6jgs976mf9x0dcd73jybqfgs4j09kj";
sha256 = "1n39flqqqjih0lc86vxdzbp44x4rqj5292if2fsa8y1xxlvyqmns";
};
outputs = [ "out" ];

View File

@ -15,7 +15,7 @@ with lib;
stdenv.mkDerivation rec {
version = "0.11.8"; # also update communityModules
version = "0.11.9"; # also update communityModules
pname = "prosody";
# The following community modules are necessary for the nixos module
# prosody module to comply with XEP-0423 and provide a working
@ -29,7 +29,7 @@ stdenv.mkDerivation rec {
];
src = fetchurl {
url = "https://prosody.im/downloads/source/${pname}-${version}.tar.gz";
sha256 = "1y38a33wab2vv9pz04blmn6m66wg4pixilh8x60jsx6mk0xih3w3";
sha256 = "02gzvsaq0l5lx608sfh7hfz14s6yfsr4sr4kzcsqd1cxljp35h6c";
};
# A note to all those merging automated updates: Please also update this
@ -37,8 +37,8 @@ stdenv.mkDerivation rec {
# version.
communityModules = fetchhg {
url = "https://hg.prosody.im/prosody-modules";
rev = "f210f242cf17";
sha256 = "0ls45zfhhv8k1aywq3fvrh4ab7g4g1z1ma9mbcf2ch73m6aqhbyl";
rev = "c149edb37349";
sha256 = "1njw17k0nhf15hc20l28v0xzcc7jha85lqy3j97nspv9zdxmshk1";
};
buildInputs = [

View File

@ -2,11 +2,11 @@
stdenv.mkDerivation rec {
pname = "oil";
version = "0.8.10";
version = "0.8.11";
src = fetchurl {
url = "https://www.oilshell.org/download/oil-${version}.tar.xz";
sha256 = "sha256-ETB8BirlEqro8CUdRM+AsZ/ugFa/fj52wCV9pInvMB0=";
sha256 = "sha256-GVV+532dPrXkQ3X2+wa4u6aCPBvQAIiypeoqzJqvk9Y=";
};
postPatch = ''

View File

@ -2,16 +2,16 @@
buildGoModule rec {
pname = "clair";
version = "4.0.5";
version = "4.1.0";
src = fetchFromGitHub {
owner = "quay";
repo = pname;
rev = "v${version}";
sha256 = "sha256-tpk5Avx2bRQlhOnHpmpDG14X9nk3x68TST+VtIW8rL8=";
sha256 = "sha256-Ns02Yi0FJPOCpjr1P5c1KOkRZ8saxQzXg/Zn5vYLztU=";
};
vendorSha256 = "sha256-O9SEVyBFnmyrQCmccXLyeOqlTwWHzICTLVKGO7rerjI=";
vendorSha256 = "sha256-aFaeRhg+aLOmS7VFbgdxaEtZcBKn9zCVINad6ahpDCo=";
doCheck = false;

View File

@ -2,13 +2,13 @@
python3Packages.buildPythonApplication rec {
pname = "volctl";
version = "0.8.0";
version = "0.8.2";
src = fetchFromGitHub {
owner = "buzz";
repo = pname;
rev = "v${version}";
sha256 = "02scfscf4mdrphzrd7cbwbhpig9bhvaws8qk4zc81z8vvf3mcfv2";
sha256 = "1cx27j83pz2qffnzb85fbl1x6pp3irv1kbw7g1hri7kaw6ky4xiz";
};
postPatch = ''

View File

@ -5,6 +5,7 @@
, pkg-config
, libdmtx
, imagemagick
, Foundation
}:
stdenv.mkDerivation rec {
@ -20,7 +21,8 @@ stdenv.mkDerivation rec {
nativeBuildInputs = [ autoreconfHook pkg-config ];
buildInputs = [ libdmtx imagemagick ];
buildInputs = [ libdmtx imagemagick ]
++ lib.optional stdenv.isDarwin Foundation;
meta = {
description = "Data matrix command-line utilities";

View File

@ -1,6 +1,8 @@
{ lib
, stdenv
, rustPlatform
, fetchFromGitHub
, libiconv
}:
rustPlatform.buildRustPackage rec {
@ -16,6 +18,8 @@ rustPlatform.buildRustPackage rec {
cargoSha256 = "sha256-xp1ei41HdbSxq8hoQB4JFtYZLb4bIKSlwEwwxUcjojE=";
buildInputs = lib.optional stdenv.isDarwin libiconv;
meta = with lib; {
description = "A high performance code minimap render";
homepage = "https://github.com/wfxr/code-minimap";

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "jdupes";
version = "1.19.2";
version = "1.20.0";
src = fetchFromGitHub {
owner = "jbruchon";
repo = "jdupes";
rev = "v${version}";
sha256 = "sha256-3lWrSybYp3RrUnydosgsNkGQjrk7JvxuxjMslN4cGfk=";
sha256 = "sha256-G6ixqSIdDoM/OVlPfv2bI4MA/k0x3Jic/kFo5XEsN/M=";
# Unicode file names lead to different checksums on HFS+ vs. other
# filesystems because of unicode normalisation. The testdir
# directories have such files and will be removed.

View File

@ -12,10 +12,10 @@
let
# Run `eval $(nix-build -A lorri.updater)` after updating the revision!
version = "1.4.0";
gitRev = "fee4ffac9ee16fc921d413789cc059b043f2db3d";
sha256 = "sha256:0ix0k85ywlvkxsampajkq521d290gb0n60qwhnk6j0sc55yn558h";
cargoSha256 = "sha256:1ngn4wnyh6cjnyg7mb48zvng0zn5fcn8s75y88nh91xq9x1bi2d9";
version = "1.5.0";
gitRev = "f4b6a135e2efb18b3a679e3946d4d070a1c45a2c";
sha256 = "0irgzw7vwhvm97nmylj44x2dnd8pwf47gvlgw7fj58fj67a0l8fr";
cargoSha256 = "18l7yxciqcvagsg9lykilfhr104a4qqdydjkjysxgd197xalxgzr";
in (rustPlatform.buildRustPackage rec {
pname = "lorri";

View File

@ -2,13 +2,13 @@
stdenv.mkDerivation rec {
pname = "nix-direnv";
version = "1.2.5";
version = "1.2.6";
src = fetchFromGitHub {
owner = "nix-community";
repo = "nix-direnv";
rev = version;
sha256 = "sha256-sqEodshg6nm3O4RK63ht8u6FU98bF/1i6frS50oyZY8=";
sha256 = "sha256-0dCIHgoyNgpxbrPDv26oLdU+npcIgpCQdpX4HzS0vN0=";
};
# Substitute instead of wrapping because the resulting file is

View File

@ -0,0 +1,34 @@
{ lib
, python3
, fetchFromGitHub
}:
python3.pkgs.buildPythonApplication rec {
pname = "calendar-cli";
version = "0.12.0";
src = fetchFromGitHub {
owner = "tobixen";
repo = "calendar-cli";
rev = "v${version}";
sha256 = "0qjld2m7hl3dx90491pqbjcja82c1f5gwx274kss4lkb8aw0kmlv";
};
propagatedBuildInputs = with python3.pkgs; [
icalendar
caldav
pytz
tzlocal
six
];
# tests require networking
doCheck = false;
meta = with lib; {
description = "Simple command-line CalDav client";
homepage = "https://github.com/tobixen/calendar-cli";
license = licenses.gpl3Plus;
maintainers = with maintainers; [ dotlambda ];
};
}

View File

@ -5,11 +5,11 @@ assert stdenv.isLinux -> libcap != null;
stdenv.mkDerivation rec {
pname = "chrony";
version = "4.0";
version = "4.1";
src = fetchurl {
url = "https://download.tuxfamily.org/chrony/${pname}-${version}.tar.gz";
sha256 = "09f6w2x5h5kamb4rhcbaz911q1f730qdalgsn8s48yjyqlafl9xy";
sha256 = "sha256-7Xby0/k0esYiGpGtS9VT3QVlrBiM10kNCAHQj3FxFkw=";
};
postPatch = ''

View File

@ -4,24 +4,25 @@
, rustPlatform
, installShellFiles
, perl
, libiconv
, Security
}:
rustPlatform.buildRustPackage rec {
pname = "findomain";
version = "4.1.1";
version = "4.2.0";
src = fetchFromGitHub {
owner = "Edu4rdSHL";
repo = pname;
rev = version;
sha256 = "sha256-ySpkWAhLS4jPFviKnzcnW7vuUFyojTBhooq7CFz/y3w=";
sha256 = "sha256-bNvgENyBa+BOY7QVPbBGKFKqYd9JNek+fyPnCT9+PUs=";
};
cargoSha256 = "sha256-KWh++MHaCJpJq7mS2lRCUh0nN+e8McKWcTknUC8VFuo=";
cargoSha256 = "sha256-FDiIM1LlWEFmiIvebdCsznkB7egspNKhY6xUXB838g8=";
nativeBuildInputs = [ installShellFiles perl ];
buildInputs = lib.optional stdenv.isDarwin Security;
buildInputs = lib.optionals stdenv.isDarwin [ libiconv Security ];
postInstall = ''
installManPage ${pname}.1

View File

@ -46,7 +46,8 @@ stdenv.mkDerivation rec {
installFlags = [ "SUIDMODE=" ];
postInstall = ''
install -D -m 644 /dev/stdin $apparmor/bin.ping <<EOF
mkdir $apparmor
cat >$apparmor/bin.ping <<EOF
$out/bin/ping {
include <abstractions/base>
include <abstractions/consoles>

View File

@ -12,14 +12,14 @@
stdenv.mkDerivation rec {
pname = "ofono";
version = "1.31";
version = "1.32";
outputs = [ "out" "dev" ];
src = fetchgit {
url = "git://git.kernel.org/pub/scm/network/ofono/ofono.git";
rev = version;
sha256 = "033y3vggjxn1c7mw75j452idp7arrdv51axs727f7l3c5lnxqdjy";
sha256 = "sha256-bJ7Qgau5soPiptrhcMZ8rWxfprRCTeR7OjQ5HZQ9hbc=";
};
patches = [

View File

@ -196,19 +196,12 @@ in rec {
nixStable = callPackage common (rec {
pname = "nix";
version = "2.3.10";
version = "2.3.11";
src = fetchurl {
url = "https://nixos.org/releases/nix/${pname}-${version}/${pname}-${version}.tar.xz";
sha256 = "a8a85e55de43d017abbf13036edfb58674ca136691582f17080c1cd12787b7ab";
sha256 = "89a8d7995305a78b1561e6670bbf1879c791fc4904eb094bc4f180775a61c128";
};
patches = [(
fetchpatch {
url = "https://github.com/NixOS/nix/pull/4316.patch";
sha256 = "0bqlm4n9sac9prgr9xlfng92arisp1hiqvc9pfh4fibsppkgdfc5";
}
)];
inherit storeDir stateDir confDir boehmgc;
});

View File

@ -1,4 +1,4 @@
# frozen_string_literal: true
source "https://rubygems.org"
gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.43"
gem "metasploit-framework", git: "https://github.com/rapid7/metasploit-framework", ref: "refs/tags/6.0.44"

View File

@ -1,9 +1,9 @@
GIT
remote: https://github.com/rapid7/metasploit-framework
revision: 08fd394933eadca2b90e4de4ecce7f478af1f161
ref: refs/tags/6.0.43
revision: dbc17d32977b2e36ead8dafff4f41c607a8bec88
ref: refs/tags/6.0.44
specs:
metasploit-framework (6.0.43)
metasploit-framework (6.0.44)
actionpack (~> 5.2.2)
activerecord (~> 5.2.2)
activesupport (~> 5.2.2)
@ -80,6 +80,7 @@ GIT
sinatra
sqlite3
sshkey
swagger-blocks
thin
tzinfo
tzinfo-data
@ -124,13 +125,13 @@ GEM
arel-helpers (2.12.0)
activerecord (>= 3.1.0, < 7)
aws-eventstream (1.1.1)
aws-partitions (1.452.0)
aws-partitions (1.455.0)
aws-sdk-core (3.114.0)
aws-eventstream (~> 1, >= 1.0.2)
aws-partitions (~> 1, >= 1.239.0)
aws-sigv4 (~> 1.1)
jmespath (~> 1.0)
aws-sdk-ec2 (1.235.0)
aws-sdk-ec2 (1.236.0)
aws-sdk-core (~> 3, >= 3.112.0)
aws-sigv4 (~> 1.1)
aws-sdk-iam (1.52.0)
@ -268,7 +269,7 @@ GEM
ttfunk
pg (1.2.3)
public_suffix (4.0.6)
puma (5.3.0)
puma (5.3.1)
nio4r (~> 2.0)
racc (1.5.2)
rack (2.2.3)
@ -289,7 +290,7 @@ GEM
thor (>= 0.19.0, < 2.0)
rake (13.0.3)
rb-readline (0.5.5)
recog (2.3.19)
recog (2.3.20)
nokogiri
redcarpet (3.5.1)
reline (0.2.5)
@ -367,6 +368,7 @@ GEM
tilt (~> 2.0)
sqlite3 (1.4.2)
sshkey (2.0.0)
swagger-blocks (3.0.0)
thin (1.8.0)
daemons (~> 1.0, >= 1.0.9)
eventmachine (~> 1.0, >= 1.0.4)

View File

@ -8,13 +8,13 @@ let
};
in stdenv.mkDerivation rec {
pname = "metasploit-framework";
version = "6.0.43";
version = "6.0.44";
src = fetchFromGitHub {
owner = "rapid7";
repo = "metasploit-framework";
rev = version;
sha256 = "sha256-dj+8DodQnCJjwhxTD/TjccJvSA8KSjiwiX65V6CIpuQ=";
sha256 = "sha256-6uhqAJ7nlBROdhda9yU2IlAHZrnpKo0kpKoixXJeJYY=";
};
nativeBuildInputs = [ makeWrapper ];

View File

@ -114,10 +114,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0dsmmsk913b50rs4ihk8pafc1gp1i1k1fnbf63ki0j5xdknpli55";
sha256 = "01i0qysphs0fl7gxg23bbsyn8iwgnaif6lvbfg6rdn6gp6qc8qgx";
type = "gem";
};
version = "1.452.0";
version = "1.455.0";
};
aws-sdk-core = {
groups = ["default"];
@ -134,10 +134,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1kcnfr5rw80d46hwp185jniqvbrxcdjy7srh24x7gjm2gpxmm234";
sha256 = "1x4gq4s5d9834n2p5gm1qchm8jvin1ipirc20z1j5lszjxxpy3c2";
type = "gem";
};
version = "1.235.0";
version = "1.236.0";
};
aws-sdk-iam = {
groups = ["default"];
@ -554,12 +554,12 @@
platforms = [];
source = {
fetchSubmodules = false;
rev = "08fd394933eadca2b90e4de4ecce7f478af1f161";
sha256 = "1r56i2h5gfbyi6q3hjha1x46zhkiwgs0ylqwq9ij572hhw7bqgvn";
rev = "dbc17d32977b2e36ead8dafff4f41c607a8bec88";
sha256 = "11i5brrca8malhj8sap9p5k0fl126qjzfnhpfr719577kq06ms7a";
type = "git";
url = "https://github.com/rapid7/metasploit-framework";
};
version = "6.0.43";
version = "6.0.44";
};
metasploit-model = {
groups = ["default"];
@ -846,10 +846,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "1q34mqihyg7i46z0pbbkyw58fwmkq7a7315apaqmj41zp6akyjf1";
sha256 = "00839fhvcq73h9a4crbrk87y6bi2z4vp1zazxihn6w0mrwr51c3i";
type = "gem";
};
version = "5.3.0";
version = "5.3.1";
};
racc = {
groups = ["default"];
@ -946,10 +946,10 @@
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "00czf392immsaff10snjxky2vpnfck1bgszpckx15y2kydag5k9i";
sha256 = "11hc55mdl2d4kb8vrbazydxdnzr5l7dd4v5spqrrgnmp2d7rq3az";
type = "gem";
};
version = "2.3.19";
version = "2.3.20";
};
redcarpet = {
groups = ["default"];
@ -1281,6 +1281,16 @@
};
version = "2.0.0";
};
swagger-blocks = {
groups = ["default"];
platforms = [];
source = {
remotes = ["https://rubygems.org"];
sha256 = "0bycg5si4pr69b0qqiqzhwcich90mvmn0v0gs39slvxg5nv3h28k";
type = "gem";
};
version = "3.0.0";
};
thin = {
groups = ["default"];
platforms = [];

View File

@ -1,22 +1,24 @@
{ lib, stdenv, fetchurl, emacs, texlive, ghostscript }:
let auctex = stdenv.mkDerivation ( rec {
version = "12.3";
# Make this a valid tex(live-new) package;
# the pkgs attribute is provided with a hack below.
pname = "auctex";
version = "12.3";
tlType = "run";
outputs = [ "out" "tex" ];
src = fetchurl {
url = "mirror://gnu/${pname}/${pname}-${version}.tar.gz";
sha256 = "1pd99hbhci3l1n0lmzn803svqwl47kld6172gwkwjmwlnqqgxm1g";
hash = "sha256-L9T+MLaUV8knf+IE0+g8hHK89QDI/kqBDXREBhdMqd0=";
};
buildInputs = [ emacs texlive.combined.scheme-basic ghostscript ];
buildInputs = [
emacs
ghostscript
texlive.combined.scheme-basic
];
preConfigure = ''
mkdir -p "$tex"
@ -27,11 +29,11 @@ let auctex = stdenv.mkDerivation ( rec {
"--with-texmf-dir=\${tex}"
];
meta = {
description = "Extensible package for writing and formatting TeX files in GNU Emacs and XEmacs";
meta = with lib; {
homepage = "https://www.gnu.org/software/auctex";
platforms = lib.platforms.unix;
license = lib.licenses.gpl3;
description = "Extensible package for writing and formatting TeX files in GNU Emacs and XEmacs";
license = licenses.gpl3Plus;
platforms = platforms.unix;
};
});

View File

@ -2027,6 +2027,8 @@ in
boost = pkgs.boost.override { python = python3; };
};
calendar-cli = callPackage ../tools/networking/calendar-cli { };
candle = libsForQt5.callPackage ../applications/misc/candle { };
capstone = callPackage ../development/libraries/capstone { };
@ -5865,6 +5867,8 @@ in
jq = callPackage ../development/tools/jq { };
jiq = callPackage ../development/tools/misc/jiq { };
jql = callPackage ../development/tools/jql { };
jo = callPackage ../development/tools/jo { };
@ -19416,6 +19420,7 @@ in
prometheus-haproxy-exporter = callPackage ../servers/monitoring/prometheus/haproxy-exporter.nix { };
prometheus-jitsi-exporter = callPackage ../servers/monitoring/prometheus/jitsi-exporter.nix { };
prometheus-json-exporter = callPackage ../servers/monitoring/prometheus/json-exporter.nix { };
prometheus-kea-exporter = callPackage ../servers/monitoring/prometheus/kea-exporter.nix { };
prometheus-keylight-exporter = callPackage ../servers/monitoring/prometheus/keylight-exporter.nix { };
prometheus-knot-exporter = callPackage ../servers/monitoring/prometheus/knot-exporter.nix { };
prometheus-lnd-exporter = callPackage ../servers/monitoring/prometheus/lnd-exporter.nix { };
@ -22865,7 +22870,8 @@ in
dmrconfig = callPackage ../applications/radio/dmrconfig { };
dmtx-utils = callPackage (callPackage ../tools/graphics/dmtx-utils) {
dmtx-utils = callPackage ../tools/graphics/dmtx-utils {
inherit (darwin.apple_sdk.frameworks) Foundation;
};
inherit (callPackage ../applications/virtualization/docker {})
@ -22967,7 +22973,9 @@ in
jdk = jdk11;
});
ecpdap = callPackage ../development/tools/ecpdap { };
ecpdap = callPackage ../development/tools/ecpdap {
inherit (darwin.apple_sdk.frameworks) AppKit;
};
ecs-agent = callPackage ../applications/virtualization/ecs-agent { };
@ -24181,7 +24189,7 @@ in
};
imagemagick6 = callPackage ../applications/graphics/ImageMagick/6.x.nix {
inherit (darwin.apple_sdk.frameworks) ApplicationServices;
inherit (darwin.apple_sdk.frameworks) ApplicationServices Foundation;
ghostscript = null;
};
@ -29014,7 +29022,9 @@ in
bppsuite = callPackage ../applications/science/biology/bppsuite { };
cd-hit = callPackage ../applications/science/biology/cd-hit { };
cd-hit = callPackage ../applications/science/biology/cd-hit {
inherit (llvmPackages) openmp;
};
cmtk = callPackage ../applications/science/biology/cmtk { };