62733b37b4 broke evaluation in all
places `pkgs.mysql` was used. Fix this by changing all occurrences to
`pkgs.mariadb`.
(cherry picked from commit 59e0120aa5c1241d48048afa615e25c65d7e366d)
tmuxinator 2.0.3 fixes a compatibility warning with tmux 2.3, which is
the version packaged on NixOS 21.05.
See https://github.com/tmuxinator/tmuxinator/issues/814
(cherry picked from commit 28ab65b5869c6673e359093662a1dfe3aba9b829)
ChangeLog: 1886c8abed/CHANGELOG.md (560-beta6-2021-05-31)
Even though this isn't explicitly noted in the Changelog, this seems to
have fixed the Element integration for me.
Additionally, I added a (hacky) `xdg-open` wrapper which removes the
`GDK_BACKEND` variable to fix the XWayland integration[1]. The problem
is that if a Firefox is running with Wayland (`ferdi` is running under
X11) and `GDK_BACKEND=x11` is passed to the `xdg-open` (and thus
`firefox`) process, Firefox refuses to start since another instance of
it is running under Wayland (but attempts to start in X11 mode because of
`GDK_BACKEND=x11`).
[1] https://github.com/electron/electron/issues/28436
(cherry picked from commit cd4ad7d2fee90fc3afb9f3f3957a7289f02f89dc)
Rambox hasn't had a stable release in a while and an increasing number
of issues which is why I don't intend to use this anymore.
While taking a closer look at the source I also realized that it uses
Electron 7.2.4[1]. This is not only EOLed[2], it also contains a few
security vulnerabilities which is why I decided to mark it as insecure.
A few (most likely not all) vulnerabilities can be found by looking at
the Electron 7 changelog[3]: after 7.2.4 there were a few more releases
with security backports - mostly from Chromium. Security issues that
were found later on (and are probably exploitable on the dependency
chain of rambox) aren't listed here. I only added two issues that seemed
applicable to `rambox`, but I haven't researched enough to check the
other ones.
[1] https://github.com/ramboxapp/community-edition/blob/0.7.7/package.json#L70
[2] https://www.electronjs.org/docs/tutorial/support#currently-supported-versions
[3] https://www.electronjs.org/releases/stable?version=7
(cherry picked from commit e2a15cd395f1e137c680d22f83cd195caf3d6c14)
When running make manually, makeFlags will not be passed. Let’s just use an environment variable.
(cherry picked from commit 034a9c0e16aab12978bb4a1c1f0e86c64778b388)
In 0.3.0 of the json-exporter[1] it was switched to a different jsonpath
library which made some changes - especially for spaces in keys -
necessary. Also I decided to remove the pretty-printed JSON as this
would interfere with the bash quoting too much. If one needs
pretty-printed output, they can still pipe the output to `jq`.
[1] https://github.com/prometheus-community/json_exporter/releases/tag/v0.3.0
(cherry picked from commit 976d668e5c5566c3e96b17d667830a0f3ed1bbb5)
Fixes a local privilege escalation using polkit_system_bus_name_get_creds_sync()
Fixes: CVE-2021-3560
(cherry picked from commit 26ac1d5db953292d78f0585dd8baccd9a36a44a4)
talyz
Jan Tojnar
Stefan Frijters
Sandro
Robert Hensing
Robert Scott
Maximilian Bosch
Ilan Joselevich
Guillaume Girol
Nikolay Korotkiy
Eduardo Sánchez Muñoz
fortuneteller2k
InternetUnexplorer
Serg Nesterov
Thomas Gerbet
TredwellGit
Michael Weiss
Martin Weinelt
Martin Weinelt
Jörg Thalheim
stigtsp
Robert Hensing
Zak B. Elep
Anders Kaseorg
Sumner Evans
Vladimír Čunát
Jonathan Ringer