gitlab: 9.3.4 -> 9.4.3
This commit is contained in:
@ -1,14 +1,14 @@
{ stdenv, fetchFromGitLab, git, go }:
stdenv.mkDerivation rec {
version = "0.9.0";
version = "0.21.2";
name = "gitaly-${version}";
srcs = fetchFromGitLab {
owner = "gitlab-org";
repo = "gitaly";
rev = "v${version}";
sha256 = "0dydlq33ly2f2b3iyg967i2fq1alh6wa7hsq4nh7lmgy8v0w38ab";
sha256 = "025r6vcra2bjm6xggcgnsqgkpvd7y2w73ff6lxrn06lbr4dfbfrf";
buildInputs = [ git go ];
@ -1,14 +1,14 @@
{ stdenv, ruby, bundler, fetchFromGitLab, go }:
stdenv.mkDerivation rec {
version = "5.1.1";
version = "5.3.1";
name = "gitlab-shell-${version}";
srcs = fetchFromGitLab {
owner = "gitlab-org";
repo = "gitlab-shell";
rev = "v${version}";
sha256 = "0prpn1icdz8rq6kyk3rv1kd1ckgngf18gnpb86w1ncg78kb9azsl";
sha256 = "1w5j66qq9kzcjzz9hhd2zdmvffzk9986m8nprfy5q4k9kglph53q";
buildInputs = [
@ -50,7 +50,7 @@ stdenv.mkDerivation rec {
# TODO: Are there any security implications? The commit adding
# unsetenv_others didn't mention anything...
# Kernel::exec({'PATH' => ENV['PATH'], 'LD_LIBRARY_PATH' => ENV['LD_LIBRARY_PATH'], 'GL_ID' => ENV['GL_ID']}, *args, unsetenv_others: true)
substituteInPlace lib/gitlab_shell.rb --replace\
" *args, unsetenv_others: true)"\
@ -1,14 +1,14 @@
{ stdenv, fetchFromGitLab, git, go }:
stdenv.mkDerivation rec {
version = "2.2.0";
version = "2.3.0";
name = "gitlab-workhorse-${version}";
srcs = fetchFromGitLab {
owner = "gitlab-org";
repo = "gitlab-workhorse";
rev = "v${version}";
sha256 = "18cf34b8651ilxfgzmxlcd9cw7b7kgndfw9k83f6fwm8j7mdisn9";
sha256 = "07b82kjfm8r3ql55ifl0zbifnnsbvng4zlzjpbsb7lisg26s97w8";
buildInputs = [ git go ];
@ -17,7 +17,7 @@ gem 'pg', '~> 0.18.2', group: :postgres
gem 'rugged', '~>'
gem 'faraday', '~> 0.11.0'
gem 'faraday', '~> 0.12'
# Authentication libraries
gem 'devise', '~> 4.2'
@ -60,7 +60,8 @@ gem 'browser', '~> 2.2'
# LDAP Auth
# GitLab fork with several improvements to original library. For full list of changes
# see
gem 'gitlab_omniauth-ldap', '~> 1.2.1', require: 'omniauth-ldap'
gem 'gitlab_omniauth-ldap', '~> 2.0.2', require: 'omniauth-ldap'
gem 'net-ldap'
# Git Wiki
# Required manually in config/initializers/gollum.rb to control load order
@ -85,7 +86,7 @@ gem 'kaminari', '~> 0.17.0'
gem 'hamlit', '~> 2.6.1'
# Files attachments
gem 'carrierwave', '~> 1.0'
gem 'carrierwave', '~> 1.1'
# Drag and Drop UI
gem 'dropzonejs-rails', '~> 0.7.1'
@ -122,6 +123,7 @@ gem 'asciidoctor', '~> 1.5.2'
gem 'asciidoctor-plantuml', '0.0.7'
gem 'rouge', '~> 2.0'
gem 'truncato', '~> 0.7.8'
gem 'bootstrap_form', '~> 2.7.0'
# See!topic/ruby-security-ann/aSbgDiwb24s
# and!topic/ruby-security-ann/Dy7YiKb_pMM
@ -157,11 +159,14 @@ gem 'rufus-scheduler', '~> 3.4'
gem 'httparty', '~> 0.13.3'
# Colored output to console
gem 'rainbow', '~> 2.1.0'
gem 'rainbow', '~> 2.2'
# GitLab settings
gem 'settingslogic', '~> 2.0.9'
# Linear-time regex library for untrusted regular expressions
gem 're2', '~> 1.0.0'
# Misc
gem 'version_sorter', '~> 2.1.0'
@ -253,12 +258,13 @@ gem 'net-ssh', '~> 3.0.1'
gem 'base32', '~> 0.3.0'
# Sentry integration
gem 'sentry-raven', '~> 2.4.0'
gem 'sentry-raven', '~> 2.5.3'
gem 'premailer-rails', '~> 1.9.7'
# I18n
gem 'ruby_parser', '~> 3.8.4', require: false
gem 'ruby_parser', '~> 3.8', require: false
gem 'rails-i18n', '~> 4.0.9'
gem 'gettext_i18n_rails', '~> 1.8.0'
gem 'gettext_i18n_rails_js', '~> 1.2.0'
gem 'gettext', '~> 3.2.2', require: false, group: :development
@ -281,7 +287,8 @@ group :metrics do
gem 'influxdb', '~> 0.2', require: false
# Prometheus
gem 'prometheus-client-mmap', '~>0.7.0.beta5'
gem 'prometheus-client-mmap', '~>0.7.0.beta11'
gem 'raindrops', '~> 0.18'
group :development do
@ -352,7 +359,7 @@ group :test do
gem 'shoulda-matchers', '~> 2.8.0', require: false
gem 'email_spec', '~> 1.6.0'
gem 'json-schema', '~> 2.6.2'
gem 'webmock', '~> 1.24.0'
gem 'webmock', '~> 2.3.2'
gem 'test_after_commit', '~> 1.1'
gem 'sham_rack', '~> 1.3.6'
gem 'timecop', '~> 0.8.0'
@ -369,10 +376,10 @@ gem 'html2text'
gem 'ruby-prof', '~> 0.16.2'
# OAuth
gem 'oauth2', '~> 1.3.0'
gem 'oauth2', '~> 1.4'
# Soft deletion
gem 'paranoia', '~> 2.2'
gem 'paranoia', '~> 2.3.1'
# Health check
gem 'health_check', '~> 2.6.0'
@ -382,7 +389,7 @@ gem 'vmstat', '~> 2.3.0'
gem 'sys-filesystem', '~> 1.1.6'
# Gitaly GRPC client
gem 'gitaly', '~> 0.8.0'
gem 'gitaly', '~> 0.14.0'
gem 'toml-rb', '~> 0.3.15', require: false
@ -88,6 +88,7 @@ GEM
bootstrap-sass (3.3.6)
autoprefixer-rails (>= 5.2.1)
sass (>= 3.3.4)
bootstrap_form (2.7.0)
brakeman (3.6.1)
browser (2.2.0)
builder (3.2.3)
@ -108,7 +109,7 @@ GEM
capybara-screenshot (1.0.14)
capybara (>= 1.0, < 3)
carrierwave (1.0.0)
carrierwave (1.1.0)
activemodel (>= 4.0.0)
activesupport (>= 4.0.0)
mime-types (>= 1.16)
@ -196,7 +197,7 @@ GEM
factory_girl_rails (4.7.0)
factory_girl (~> 4.7.0)
railties (>= 3.0.0)
faraday (0.11.0)
faraday (0.12.1)
multipart-post (>= 1.2, < 3)
faraday_middleware (
faraday (>= 0.7.4, < 1.0)
@ -277,7 +278,7 @@ GEM
po_to_json (>= 1.0.0)
rails (>= 3.2.0)
gherkin-ruby (0.3.2)
gitaly (0.8.0)
gitaly (0.14.0)
google-protobuf (~> 3.1)
grpc (~> 1.0)
github-linguist (4.7.6)
@ -296,11 +297,11 @@ GEM
mime-types (>= 1.16, < 3)
posix-spawn (~> 0.3)
gitlab-markup (1.5.1)
gitlab_omniauth-ldap (1.2.1)
net-ldap (~> 0.9)
omniauth (~> 1.0)
pyu-ruby-sasl (~>
rubyntlm (~> 0.3)
gitlab_omniauth-ldap (2.0.2)
net-ldap (~> 0.16)
omniauth (~> 1.3)
pyu-ruby-sasl (>=, < 0.1)
rubyntlm (~> 0.5)
globalid (0.3.7)
activesupport (>= 4.1.0)
gollum-grit_adapter (1.0.1)
@ -353,7 +354,7 @@ GEM
grape-entity (0.6.0)
multi_json (>= 1.3.2)
grpc (1.2.5)
grpc (1.4.0)
google-protobuf (~> 3.1)
googleauth (~> 0.5.1)
haml (4.0.7)
@ -367,7 +368,7 @@ GEM
temple (~> 0.7.6)
hashdiff (0.3.2)
hashdiff (0.3.4)
hashie (3.5.5)
hashie-forbidden_attributes (0.1.1)
hashie (>= 3.0)
@ -472,15 +473,15 @@ GEM
mustermann-grape (0.4.0)
mustermann (= 0.4.0)
mysql2 (0.3.20)
net-ldap (0.12.1)
net-ldap (0.16.0)
net-ssh (3.0.1)
netrc (0.11.0)
nokogiri (
mini_portile2 (~> 2.1.0)
numerizer (0.1.1)
oauth (0.5.1)
oauth2 (1.3.1)
faraday (>= 0.8, < 0.12)
oauth2 (1.4.0)
faraday (>= 0.8, < 0.13)
jwt (~> 1.0)
multi_json (~> 1.3)
multi_xml (~> 0.5)
@ -545,8 +546,8 @@ GEM
rubypants (~> 0.2)
orm_adapter (0.5.0)
os (0.9.6)
paranoia (2.2.0)
activerecord (>= 4.0, < 5.1)
paranoia (2.3.1)
activerecord (>= 4.0, < 5.2)
parser (
ast (~> 2.2)
path_expander (1.0.1)
@ -597,8 +598,8 @@ GEM
premailer-rails (1.9.7)
actionmailer (>= 3, < 6)
premailer (~> 1.7, >= 1.7.9)
prometheus-client-mmap (0.7.0.beta5)
mmap2 (~> 2.2.6)
prometheus-client-mmap (0.7.0.beta11)
mmap2 (~> 2.2, >= 2.2.7)
pry (0.10.4)
coderay (~> 1.1.0)
method_source (~> 0.8.1)
@ -646,18 +647,23 @@ GEM
rails-deprecated_sanitizer (>= 1.0.1)
rails-html-sanitizer (1.0.3)
loofah (~> 2.0)
rails-i18n (4.0.9)
i18n (~> 0.7)
railties (~> 4.0)
railties (4.2.8)
actionpack (= 4.2.8)
activesupport (= 4.2.8)
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
rainbow (2.1.0)
raindrops (0.17.0)
rainbow (2.2.2)
raindrops (0.18.0)
rake (10.5.0)
rblineprof (0.3.6)
debugger-ruby_core_source (~> 1.3)
rdoc (4.2.2)
json (~> 1.4)
re2 (1.0.0)
recaptcha (3.0.0)
recursive-open-struct (1.0.0)
@ -739,9 +745,9 @@ GEM
ruby-progressbar (1.8.1)
ruby-saml (1.4.1)
nokogiri (>= 1.5.10)
ruby_parser (3.8.4)
ruby_parser (3.9.0)
sexp_processor (~> 4.1)
rubyntlm (0.5.2)
rubyntlm (0.6.2)
rubypants (0.2.0)
rubyzip (1.2.1)
rufus-scheduler (3.4.0)
@ -769,10 +775,10 @@ GEM
activesupport (>= 3.1)
select2-rails (
thor (~> 0.14)
sentry-raven (2.4.0)
sentry-raven (2.5.3)
faraday (>= 0.7.6, < 1.0)
settingslogic (2.0.9)
sexp_processor (4.8.0)
sexp_processor (4.9.0)
sham_rack (1.3.6)
shoulda-matchers (2.8.0)
@ -885,7 +891,7 @@ GEM
vmstat (2.3.0)
warden (1.2.6)
rack (>= 1.0)
webmock (1.24.6)
webmock (2.3.2)
addressable (>= 2.3.6)
crack (>= 0.3.2)
@ -926,13 +932,14 @@ DEPENDENCIES
better_errors (~> 2.1.0)
binding_of_caller (~> 0.7.2)
bootstrap-sass (~> 3.3.0)
bootstrap_form (~> 2.7.0)
brakeman (~> 3.6.0)
browser (~> 2.2)
bullet (~> 5.5.0)
bundler-audit (~> 0.5.0)
capybara (~> 2.6.2)
capybara-screenshot (~> 1.0.0)
carrierwave (~> 1.0)
carrierwave (~> 1.1)
charlock_holmes (~> 0.7.3)
chronic (~> 0.10.2)
chronic_duration (~> 0.10.6)
@ -953,7 +960,7 @@ DEPENDENCIES
email_reply_trimmer (~> 0.1)
email_spec (~> 1.6.0)
factory_girl_rails (~> 4.7.0)
faraday (~> 0.11.0)
faraday (~> 0.12)
ffaker (~> 2.4)
flay (~> 2.8.0)
flipper (~> 0.10.2)
@ -973,11 +980,11 @@ DEPENDENCIES
gettext (~> 3.2.2)
gettext_i18n_rails (~> 1.8.0)
gettext_i18n_rails_js (~> 1.2.0)
gitaly (~> 0.8.0)
gitaly (~> 0.14.0)
github-linguist (~> 4.7.0)
gitlab-flowdock-git-hook (~> 1.0.1)
gitlab-markup (~> 1.5.1)
gitlab_omniauth-ldap (~> 1.2.1)
gitlab_omniauth-ldap (~> 2.0.2)
gollum-lib (~> 4.2)
gollum-rugged_adapter (~> 0.4.4)
gon (~> 6.1.0)
@ -1010,9 +1017,10 @@ DEPENDENCIES
minitest (~> 5.7.0)
mousetrap-rails (~> 1.4.6)
mysql2 (~> 0.3.16)
net-ssh (~> 3.0.1)
nokogiri (~> 1.6.7, >=
oauth2 (~> 1.3.0)
oauth2 (~> 1.4)
octokit (~> 4.6.2)
oj (~> 2.17.4)
omniauth (~> 1.4.2)
@ -1031,7 +1039,7 @@ DEPENDENCIES
omniauth-twitter (~> 1.2.0)
omniauth_crowd (~> 2.2.0)
org-ruby (~> 0.9.12)
paranoia (~> 2.2)
paranoia (~> 2.3.1)
peek (~> 1.0.1)
peek-gc (~> 0.0.2)
peek-host (~> 1.0.0)
@ -1044,7 +1052,7 @@ DEPENDENCIES
pg (~> 0.18.2)
poltergeist (~> 1.9.0)
premailer-rails (~> 1.9.7)
prometheus-client-mmap (~> 0.7.0.beta5)
prometheus-client-mmap (~> 0.7.0.beta11)
pry-byebug (~> 3.4.1)
pry-rails (~> 0.3.4)
rack-attack (~> 4.4.1)
@ -1053,9 +1061,12 @@ DEPENDENCIES
rack-proxy (~> 0.6.0)
rails (= 4.2.8)
rails-deprecated_sanitizer (~> 1.0.3)
rainbow (~> 2.1.0)
rails-i18n (~> 4.0.9)
rainbow (~> 2.2)
raindrops (~> 0.18)
rblineprof (~> 0.3.6)
rdoc (~> 4.2)
re2 (~> 1.0.0)
recaptcha (~> 3.0)
redcarpet (~> 3.4)
redis (~> 3.2)
@ -1073,7 +1084,7 @@ DEPENDENCIES
rubocop-rspec (~> 1.15.0)
ruby-fogbugz (~> 0.2.1)
ruby-prof (~> 0.16.2)
ruby_parser (~> 3.8.4)
ruby_parser (~> 3.8)
rufus-scheduler (~> 3.4)
rugged (~>
sanitize (~> 2.0)
@ -1081,7 +1092,7 @@ DEPENDENCIES
scss_lint (~> 0.47.0)
seed-fu (~> 2.3.5)
select2-rails (~> 3.5.9)
sentry-raven (~> 2.4.0)
sentry-raven (~> 2.5.3)
settingslogic (~> 2.0.9)
sham_rack (~> 1.3.6)
shoulda-matchers (~> 2.8.0)
@ -1114,9 +1125,9 @@ DEPENDENCIES
version_sorter (~> 2.1.0)
virtus (~> 1.0.1)
vmstat (~> 2.3.0)
webmock (~> 1.24.0)
webmock (~> 2.3.2)
webpack-rails (~> 0.9.10)
wikicloth (= 0.8.1)
@ -68,7 +68,7 @@ let
# pkgConfig might need to come from node-packages ?
ruby-env = bundlerEnv {
name = "gitlab";
name = "gitlab-env-0.2";
inherit ruby;
gemdir = ./.;
meta = with lib; {
@ -79,12 +79,7 @@ let
version = "9.3.4";
gitlabDeb = fetchurl {
url = "${version}-ce.0_amd64.deb/download";
sha256 = "1pr8nfnkzmicn5nxjkq48l4nfjsp6v5j3v8p7cp8r86lgfdc6as3";
version = "9.4.3";
@ -99,7 +94,7 @@ stdenv.mkDerivation rec {
owner = "gitlabhq";
repo = "gitlabhq";
rev = "v${version}";
sha256 = "18mx0pfny26s0vv92w1lmmikhfn966bd6s2zzcdmsd1j3cxxdwbg";
sha256 = "1r4fvj94l73p3zqlcv80iw4gbsyq26d6x5d47v9zs3pjzkgz0891";
patches = [
@ -134,18 +129,14 @@ stdenv.mkDerivation rec {
buildPhase = ''
mv config/gitlab.yml.example config/gitlab.yml
dpkg -x ${gitlabDeb} .
mv -v opt/gitlab/embedded/service/gitlab-rails/public/assets public
rm -rf opt
# ;_;
#yarn install --production --pure-lockfile
# Emulate yarn install --production --pure-lockfile
mkdir -p node_modules/
ln -s ${node-env}/node_modules/* node_modules/
ln -s ${node-env}/node_modules/.bin node_modules/
# Compile assets. We skip the yarn check because it fails
rake rake:assets:precompile RAILS_ENV=production NODE_ENV=production
rake webpack:compile RAILS_ENV=production NODE_ENV=production
rake gitlab:assets:fix_urls RAILS_ENV=production NODE_ENV=production
File diff suppressed because it is too large
Load Diff
@ -22,6 +22,7 @@
, pkgconfig , ncurses, xapian_1_2_22, gpgme, utillinux, fetchpatch, tzdata, icu, libffi
, cmake, libssh2, openssl, mysql, darwin, git, perl, pcre, gecode_3, curl
, libmsgpack, qt48, libsodium, snappy, libossp_uuid, lxc, libpcap, xlibs, gtk2, buildRubyGem
, re2
@ -196,6 +197,10 @@ in
re2 = attrs: {
buildInputs = [ re2 ];
rmagick = attrs: {
buildInputs = [ imagemagick pkgconfig which ];
Reference in New Issue