includes fixes for:
* CVE-2021-29503: Improper Neutralization of Script-Related HTML Tags in Notes
* a potential XSS-vector in the handling of usernames and profile pictures
https://github.com/hedgedoc/hedgedoc/releases/tag/1.8.2
If things build fine with `stdenvNoCC`, let them use that. If tools
might be prefixed, prepare for that, either by directly splicing or just
using the env vars provided by the wrapper setup-hooks.
Co-authored-by: Dmitry Kalinkin <dmitry.kalinkin@gmail.com>
This seems like a good idea in general and will at least make it easier
to get screen sharing to work (but still requires a proper NixOS
configuration including xdg-desktop-portal-wlr).
Note: It isn't necessary to set XDG_SESSION_TYPE=wayland as wlroots
already takes care of it (currently at least for the logind and libseat
session backends, the next wlroots release will require libseat):
4839664a92/backend/session/session.c (L80)
Due to improper sandboxing, I didn't notice the failed tests while
upgrading jupytext in #121648. The errors come from jupyter_core so
the same fix is used here as there: set $HOME to a writable directory.
This PR adds a new aarch64 android toolchain, which leverages the
existing crossSystem infrastructure and LLVM builders to generate a
working toolchain with minimal prebuilt components.
The only thing that is prebuilt is the bionic libc. This is because it
is practically impossible to compile bionic outside of an AOSP tree. I
tried and failed, braver souls may prevail. For now I just grab the
relevant binaries from https://android.googlesource.com/.
I also grab the msm kernel sources from there to generate headers. I've
included a minor patch to the existing kernel-headers derivation in
order to expose an internal function.
Everything else, from binutils up, is using stock code. Many thanks to
@Ericson2314 for his help on this, and for building such a powerful
system in the first place!
One motivation for this is to be able to build a toolchain which will
work on an aarch64 linux machine. To my knowledge, there is no existing
toolchain for an aarch64-linux builder and an aarch64-android target.
