Merge master into staging-next

maintainers/maintainer-list.nix

@@ -4745,6 +4745,12 @@
     githubId = 4956158;
     name = "Robin Stumm";
   };
+  DerRockWolf = {
+    email = "git@rockwolf.eu";
+    github = "DerRockWolf";
+    githubId = 50499906;
+    name = "DerRockWolf";
+  };
   DerTim1 = {
     email = "tim.digel@active-group.de";
     github = "DerTim1";
@@ -7788,6 +7794,12 @@
     matrix = "@chris:netsoj.nl";
     name = "Chris Josten";
   };
+  hennk = {
+    email = "henning.kiel@gmail.com";
+    github = "hennk";
+    githubId = 328259;
+    name = "Henning Kiel";
+  };
   henrikolsson = {
     email = "henrik@fixme.se";
     github = "henrikolsson";
@@ -10329,6 +10341,12 @@
     githubId = 691290;
     name = "Keshav Kini";
   };
+  kintrix = {
+    email = "kintrix007@proton.me";
+    github = "kintrix007";
+    githubId = 60898798;
+    name = "kintrix";
+  };
   kinzoku = {
     email = "kinzokudev4869@gmail.com";
     github = "kinzoku-dev";

nixos/doc/manual/release-notes/rl-2405.section.md

@@ -449,6 +449,10 @@ The pre-existing [services.ankisyncd](#opt-services.ankisyncd.enable) has been m
 
 - `nextcloud-setup.service` no longer changes the group of each file & directory inside `/var/lib/nextcloud/{config,data,store-apps}` if one of these directories has the wrong owner group. This was part of transitioning the group used for `/var/lib/nextcloud`, but isn't necessary anymore.
 
+- `services.kavita` now uses the freeform option `services.kavita.settings` for the application settings file.
+  The options `services.kavita.ipAdresses` and `services.kavita.port` now exist at `services.kavita.settings.IpAddresses`
+  and `services.kavita.settings.IpAddresses`.
+
 - The `krb5` module has been rewritten and moved to `security.krb5`, moving all options but `security.krb5.enable` and `security.krb5.package` into `security.krb5.settings`.
 
 - Gitea 1.21 upgrade has several breaking changes, including:

nixos/lib/test-driver/test_driver/machine.py

@@ -1250,6 +1250,5 @@ class Machine:
             check_return=False,
             check_output=False,
         )
-        self.wait_for_console_text(r"systemd\[1\]:.*Switching root\.")
         self.connected = False
         self.connect()

nixos/modules/module-list.nix

@@ -1107,6 +1107,11 @@
   ./services/networking/rpcbind.nix
   ./services/networking/rxe.nix
   ./services/networking/sabnzbd.nix
+  ./services/networking/scion/scion.nix
+  ./services/networking/scion/scion-control.nix
+  ./services/networking/scion/scion-daemon.nix
+  ./services/networking/scion/scion-dispatcher.nix
+  ./services/networking/scion/scion-router.nix
   ./services/networking/seafile.nix
   ./services/networking/searx.nix
   ./services/networking/shadowsocks.nix

nixos/modules/services/networking/scion/scion-control.nix

@@ -0,0 +1,69 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.scion.scion-control;
+  toml = pkgs.formats.toml { };
+  defaultConfig = {
+    general = {
+      id = "cs";
+      config_dir = "/etc/scion";
+      reconnect_to_dispatcher = true;
+    };
+    beacon_db = {
+      connection = "/var/lib/scion-control/control.beacon.db";
+    };
+    path_db = {
+      connection = "/var/lib/scion-control/control.path.db";
+    };
+    trust_db = {
+      connection = "/var/lib/scion-control/control.trust.db";
+    };
+    log.console = {
+      level = "info";
+    };
+  };
+  configFile = toml.generate "scion-control.toml" (defaultConfig // cfg.settings);
+in
+{
+  options.services.scion.scion-control = {
+    enable = mkEnableOption (lib.mdDoc "the scion-control service");
+    settings = mkOption {
+      default = { };
+      type = toml.type;
+      example = literalExpression ''
+        {
+          path_db = {
+            connection = "/var/lib/scion-control/control.path.db";
+          };
+          log.console = {
+            level = "info";
+          };
+        }
+      '';
+      description = lib.mdDoc ''
+        scion-control configuration. Refer to
+        <https://docs.scion.org/en/latest/manuals/common.html>
+        for details on supported values.
+      '';
+    };
+  };
+  config = mkIf cfg.enable {
+    systemd.services.scion-control = {
+      description = "SCION Control Service";
+      after = [ "network-online.target" "scion-dispatcher.service" ];
+      wants = [ "network-online.target" "scion-dispatcher.service" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        Group = if (config.services.scion.scion-dispatcher.enable == true) then "scion" else null;
+        ExecStart = "${pkgs.scion}/bin/scion-control --config ${configFile}";
+        DynamicUser = true;
+        Restart = "on-failure";
+        BindPaths = [ "/dev/shm:/run/shm" ];
+        StateDirectory = "scion-control";
+      };
+    };
+  };
+}

nixos/modules/services/networking/scion/scion-daemon.nix

@@ -0,0 +1,64 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.scion.scion-daemon;
+  toml = pkgs.formats.toml { };
+  defaultConfig = {
+    general = {
+      id = "sd";
+      config_dir = "/etc/scion";
+      reconnect_to_dispatcher = true;
+    };
+    path_db = {
+      connection = "/var/lib/scion-daemon/sd.path.db";
+    };
+    trust_db = {
+      connection = "/var/lib/scion-daemon/sd.trust.db";
+    };
+    log.console = {
+      level = "info";
+    };
+  };
+  configFile = toml.generate "scion-daemon.toml" (defaultConfig // cfg.settings);
+in
+{
+  options.services.scion.scion-daemon = {
+    enable = mkEnableOption (lib.mdDoc "the scion-daemon service");
+    settings = mkOption {
+      default = { };
+      type = toml.type;
+      example = literalExpression ''
+        {
+          path_db = {
+            connection = "/var/lib/scion-daemon/sd.path.db";
+          };
+          log.console = {
+            level = "info";
+          };
+        }
+      '';
+      description = lib.mdDoc ''
+        scion-daemon configuration. Refer to
+        <https://docs.scion.org/en/latest/manuals/common.html>
+        for details on supported values.
+      '';
+    };
+  };
+  config = mkIf cfg.enable {
+    systemd.services.scion-daemon = {
+      description = "SCION Daemon";
+      after = [ "network-online.target" "scion-dispatcher.service" ];
+      wants = [ "network-online.target" "scion-dispatcher.service" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.scion}/bin/scion-daemon --config ${configFile}";
+        Restart = "on-failure";
+        DynamicUser = true;
+        StateDirectory = "scion-daemon";
+      };
+    };
+  };
+}

nixos/modules/services/networking/scion/scion-dispatcher.nix

@@ -0,0 +1,74 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.scion.scion-dispatcher;
+  toml = pkgs.formats.toml { };
+  defaultConfig = {
+    dispatcher = {
+      id = "dispatcher";
+      socket_file_mode = "0770";
+      application_socket = "/dev/shm/dispatcher/default.sock";
+    };
+    log.console = {
+      level = "info";
+    };
+  };
+  configFile = toml.generate "scion-dispatcher.toml" (defaultConfig // cfg.settings);
+in
+{
+  options.services.scion.scion-dispatcher = {
+    enable = mkEnableOption (lib.mdDoc "the scion-dispatcher service");
+    settings = mkOption {
+      default = { };
+      type = toml.type;
+      example = literalExpression ''
+        {
+          dispatcher = {
+            id = "dispatcher";
+            socket_file_mode = "0770";
+            application_socket = "/dev/shm/dispatcher/default.sock";
+          };
+          log.console = {
+            level = "info";
+          };
+        }
+      '';
+      description = lib.mdDoc ''
+        scion-dispatcher configuration. Refer to
+        <https://docs.scion.org/en/latest/manuals/common.html>
+        for details on supported values.
+      '';
+    };
+  };
+  config = mkIf cfg.enable {
+    # Needed for group ownership of the dispatcher socket
+    users.groups.scion = {};
+
+    # scion programs hardcode path to dispatcher in /run/shm, and is not
+    # configurable at runtime upstream plans to obsolete the dispatcher in
+    # favor of an SCMP daemon, at which point this can be removed.
+    system.activationScripts.scion-dispatcher = ''
+      ln -sf /dev/shm /run/shm
+    '';
+
+    systemd.services.scion-dispatcher = {
+      description = "SCION Dispatcher";
+      after = [ "network-online.target" ];
+      wants = [ "network-online.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        Group = "scion";
+        DynamicUser = true;
+        BindPaths = [ "/dev/shm:/run/shm" ];
+        ExecStartPre = "${pkgs.coreutils}/bin/rm -rf /run/shm/dispatcher";
+        ExecStart = "${pkgs.scion}/bin/scion-dispatcher --config ${configFile}";
+        Restart = "on-failure";
+        StateDirectory = "scion-dispatcher";
+      };
+    };
+  };
+}
+

nixos/modules/services/networking/scion/scion-router.nix

@@ -0,0 +1,49 @@
+{ config, lib, pkgs, ... }:
+
+with lib;
+
+let
+  cfg = config.services.scion.scion-router;
+  toml = pkgs.formats.toml { };
+  defaultConfig = {
+    general = {
+      id = "br";
+      config_dir = "/etc/scion";
+    };
+  };
+  configFile = toml.generate "scion-router.toml" (defaultConfig // cfg.settings);
+in
+{
+  options.services.scion.scion-router = {
+    enable = mkEnableOption (lib.mdDoc "the scion-router service");
+    settings = mkOption {
+      default = { };
+      type = toml.type;
+      example = literalExpression ''
+        {
+          general.id = "br";
+        }
+      '';
+      description = lib.mdDoc ''
+        scion-router configuration. Refer to
+        <https://docs.scion.org/en/latest/manuals/common.html>
+        for details on supported values.
+      '';
+    };
+  };
+  config = mkIf cfg.enable {
+    systemd.services.scion-router = {
+      description = "SCION Router";
+      after = [ "network-online.target" ];
+      wants = [ "network-online.target" ];
+      wantedBy = [ "multi-user.target" ];
+      serviceConfig = {
+        Type = "simple";
+        ExecStart = "${pkgs.scion}/bin/scion-router --config ${configFile}";
+        Restart = "on-failure";
+        DynamicUser = true;
+        StateDirectory = "scion-router";
+      };
+    };
+  };
+}

nixos/modules/services/networking/scion/scion.nix

@@ -0,0 +1,39 @@
+{ config, lib, ... }:
+
+with lib;
+
+let
+  cfg = config.services.scion;
+in
+{
+  options.services.scion = {
+    enable = mkEnableOption (lib.mdDoc "all of the scion components and services");
+    bypassBootstrapWarning = mkOption {
+      type = types.bool;
+      default = false;
+      description = lib.mdDoc ''
+        bypass Nix warning about SCION PKI bootstrapping
+      '';
+    };
+  };
+  config = mkIf cfg.enable {
+    services.scion = {
+      scion-dispatcher.enable = true;
+      scion-daemon.enable = true;
+      scion-router.enable = true;
+      scion-control.enable = true;
+    };
+    assertions = [
+      { assertion = cfg.bypassBootstrapWarning == true;
+        message = ''
+          SCION is a routing protocol and requires bootstrapping with a manual, imperative key signing ceremony. You may want to join an existing Isolation Domain (ISD) such as scionlab.org, or bootstrap your own. If you have completed and configured the public key infrastructure for SCION and are sure this process is complete, then add the following to your configuration:
+
+          services.scion.bypassBootstrapWarning = true;
+
+          refer to docs.scion.org for more information
+        '';
+      }
+    ];
+  };
+}
+

nixos/modules/services/web-apps/kavita.nix

@@ -2,7 +2,18 @@
 
 let
   cfg = config.services.kavita;
-in {
+  settingsFormat = pkgs.formats.json { };
+  appsettings = settingsFormat.generate "appsettings.json" ({ TokenKey = "@TOKEN@"; } // cfg.settings);
+in
+{
+  imports = [
+    (lib.mkChangedOptionModule [ "services" "kavita" "ipAdresses" ] [ "services" "kavita" "settings" "IpAddresses" ] (config:
+      let value = lib.getAttrFromPath [ "services" "kavita" "ipAdresses" ] config; in
+      lib.concatStringsSep "," value
+    ))
+    (lib.mkRenamedOptionModule [ "services" "kavita" "port" ] [ "services" "kavita" "settings" "Port" ])
+  ];
+
   options.services.kavita = {
     enable = lib.mkEnableOption (lib.mdDoc "Kavita reading server");
 
@@ -27,16 +38,31 @@ in {
         It can be generated with `head -c 32 /dev/urandom | base64`.
       '';
     };
-    port = lib.mkOption {
-      default = 5000;
-      type = lib.types.port;
-      description = lib.mdDoc "Port to bind to.";
-    };
-    ipAdresses = lib.mkOption {
-      default = ["0.0.0.0" "::"];
-      type = lib.types.listOf lib.types.str;
-      description = lib.mdDoc "IP Addresses to bind to. The default is to bind
-      to all IPv4 and IPv6 addresses.";
+
+    settings = lib.mkOption {
+      default = { };
+      description = lib.mdDoc ''
+        Kavita configuration options, as configured in {file}`appsettings.json`.
+      '';
+      type = lib.types.submodule {
+        freeformType = settingsFormat.type;
+
+        options = {
+          Port = lib.mkOption {
+            default = 5000;
+            type = lib.types.port;
+            description = lib.mdDoc "Port to bind to.";
+          };
+
+          IpAddresses = lib.mkOption {
+            default = "0.0.0.0,::";
+            type = lib.types.commas;
+            description = lib.mdDoc ''
+              IP Addresses to bind to. The default is to bind to all IPv4 and IPv6 addresses.
+            '';
+          };
+        };
+      };
     };
   };
 
@@ -46,18 +72,15 @@ in {
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" ];
       preStart = ''
-        umask u=rwx,g=rx,o=
-        cat > "${cfg.dataDir}/config/appsettings.json" <<EOF
-        {
-          "TokenKey": "$(cat ${cfg.tokenKeyFile})",
-          "Port": ${toString cfg.port},
-          "IpAddresses": "${lib.concatStringsSep "," cfg.ipAdresses}"
-        }
-        EOF
+        install -m600 ${appsettings} ${lib.escapeShellArg cfg.dataDir}/config/appsettings.json
+        ${pkgs.replace-secret}/bin/replace-secret '@TOKEN@' \
+          ''${CREDENTIALS_DIRECTORY}/token \
+          '${cfg.dataDir}/config/appsettings.json'
       '';
       serviceConfig = {
         WorkingDirectory = cfg.dataDir;
-        ExecStart = "${lib.getExe cfg.package}";
+        LoadCredential = [ "token:${cfg.tokenKeyFile}" ];
+        ExecStart = lib.getExe cfg.package;
         Restart = "always";
         User = cfg.user;
       };

nixos/modules/virtualisation/incus.nix

@@ -263,6 +263,7 @@ in
         {
           INCUS_LXC_TEMPLATE_CONFIG = "${pkgs.lxcfs}/share/lxc/config";
           INCUS_OVMF_PATH = ovmf;
+          INCUS_USBIDS_PATH = "${pkgs.hwdata}/share/hwdata/usb.ids";
           PATH = lib.mkForce serverBinPath;
         }
         (lib.mkIf (cfg.ui.enable) { "INCUS_UI" = cfg.ui.package; })

nixos/tests/all-tests.nix

@@ -791,6 +791,7 @@ in {
   sanoid = handleTest ./sanoid.nix {};
   scaphandre = handleTest ./scaphandre.nix {};
   schleuder = handleTest ./schleuder.nix {};
+  scion-freestanding-deployment = handleTest ./scion/freestanding-deployment {};
   scrutiny = handleTest ./scrutiny.nix {};
   sddm = handleTest ./sddm.nix {};
   seafile = handleTest ./seafile.nix {};
@@ -963,6 +964,7 @@ in {
   user-activation-scripts = handleTest ./user-activation-scripts.nix {};
   user-expiry = runTest ./user-expiry.nix;
   user-home-mode = handleTest ./user-home-mode.nix {};
+  ustreamer = handleTest ./ustreamer.nix {};
   uwsgi = handleTest ./uwsgi.nix {};
   v2ray = handleTest ./v2ray.nix {};
   varnish60 = handleTest ./varnish.nix { package = pkgs.varnish60; };

nixos/tests/kavita.nix

@@ -1,4 +1,4 @@
-import ./make-test-python.nix ({ pkgs, ...} : {
+import ./make-test-python.nix ({ pkgs, ... }: {
   name = "kavita";
   meta = with pkgs.lib.maintainers; {
     maintainers = [ misterio77 ];
@@ -8,29 +8,35 @@ import ./make-test-python.nix ({ pkgs, ...} : {
     kavita = { config, pkgs, ... }: {
       services.kavita = {
         enable = true;
-        port = 5000;
-        tokenKeyFile = builtins.toFile "kavita.key" "QfpjFvjT83BLtZ74GE3U3Q==";
+        tokenKeyFile = builtins.toFile "kavita.key" "d26ba694b455271a8872415830fb7b5c58f8da98f9ef7f58b2ca4c34bd406512";
       };
     };
   };
 
-  testScript = let
-    regUrl = "http://kavita:5000/api/Account/register";
-    payload = builtins.toFile "payload.json" (builtins.toJSON {
-      username = "foo";
-      password = "correcthorsebatterystaple";
-      email = "foo@bar";
-    });
-  in ''
-    kavita.start
-    kavita.wait_for_unit("kavita.service")
+  testScript =
+    let
+      regUrl = "http://kavita:5000/api/Account/register";
+      loginUrl = "http://kavita:5000/api/Account/login";
+      localeUrl = "http://kavita:5000/api/locale";
+    in
+    ''
+      import json
 
-    # Check that static assets are working
-    kavita.wait_until_succeeds("curl http://kavita:5000/site.webmanifest | grep Kavita")
+      kavita.start
+      kavita.wait_for_unit("kavita.service")
 
-    # Check that registration is working
-    kavita.succeed("curl -fX POST ${regUrl} --json @${payload}")
-    # But only for the first one
-    kavita.fail("curl -fX POST ${regUrl} --json @${payload}")
-  '';
+      # Check that static assets are working
+      kavita.wait_until_succeeds("curl http://kavita:5000/site.webmanifest | grep Kavita")
+
+      # Check that registration is working
+      kavita.succeed("""curl -fX POST ${regUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'""")
+      # But only for the first one
+      kavita.fail("""curl -fX POST ${regUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'""")
+
+      # Log in and retrieve token
+      session = json.loads(kavita.succeed("""curl -fX POST ${loginUrl} --json '{"username": "foo", "password": "correcthorsebatterystaple"}'"""))
+      # Check list of locales
+      locales = json.loads(kavita.succeed(f"curl -fX GET ${localeUrl} -H 'Authorization: Bearer {session['token']}'"))
+      assert len(locales) > 0, "expected a list of locales"
+    '';
 })

nixos/tests/scion/freestanding-deployment/README.rst

@@ -0,0 +1,12 @@
+This NixOS VM test implements the network topology outlined in https://github.com/scionproto/scion/blob/27983125bccac6b84d1f96f406853aab0e460405/doc/tutorials/deploy.rst#sample-scion-demo-topology, below is an excerpt from that document
+
+Sample SCION Demo Topology
+..........................
+
+The topology of the ISD includes the inter-AS connections to neighboring ASes, and defines the underlay IP/UDP addresses of services and routers running in this AS. This is specified in topology files - this guide later explains how to configure these files. A following graphic depicts the topology on a high level.
+
+.. figure:: https://github.com/scionproto/scion/raw/27983125bccac6b84d1f96f406853aab0e460405/doc/tutorials/deploy/SCION-deployment-guide.drawio.png
+   :width: 95 %
+   :figwidth: 100 %
+
+   *Figure 1 - Topology of the sample SCION demo environment. It consists of 1 ISD, 3 core ASes and 2 non-core ASes.*

nixos/tests/scion/freestanding-deployment/default.nix

@@ -0,0 +1,172 @@
+# implements https://github.com/scionproto/scion/blob/27983125bccac6b84d1f96f406853aab0e460405/doc/tutorials/deploy.rst
+import ../../make-test-python.nix ({ pkgs, ... }:
+let
+  trust-root-configuration-keys = pkgs.runCommand "generate-trc-keys.sh" {
+    buildInputs = [
+      pkgs.scion
+    ];
+  } ''
+    set -euo pipefail
+
+    mkdir /tmp/tutorial-scion-certs && cd /tmp/tutorial-scion-certs
+    mkdir AS{1..5}
+
+    # Create voting and root keys and (self-signed) certificates for core ASes
+    pushd AS1
+    scion-pki certificate create --not-after=3650d --profile=sensitive-voting <(echo '{"isd_as": "42-ffaa:1:1", "common_name": "42-ffaa:1:1 sensitive voting cert"}') sensitive-voting.pem sensitive-voting.key
+    scion-pki certificate create --not-after=3650d --profile=regular-voting <(echo '{"isd_as": "42-ffaa:1:1", "common_name": "42-ffaa:1:1 regular voting cert"}') regular-voting.pem regular-voting.key
+    scion-pki certificate create --not-after=3650d --profile=cp-root <(echo '{"isd_as": "42-ffaa:1:1", "common_name": "42-ffaa:1:1 cp root cert"}') cp-root.pem cp-root.key
+    popd
+
+    pushd AS2
+    scion-pki certificate create --not-after=3650d --profile=cp-root <(echo '{"isd_as": "42-ffaa:1:2", "common_name": "42-ffaa:1:2 cp root cert"}') cp-root.pem cp-root.key
+    popd
+
+    pushd AS3
+    scion-pki certificate create --not-after=3650d --profile=sensitive-voting <(echo '{"isd_as": "42-ffaa:1:3", "common_name": "42-ffaa:1:3 sensitive voting cert"}') sensitive-voting.pem sensitive-voting.key
+    scion-pki certificate create --not-after=3650d --profile=regular-voting <(echo '{"isd_as": "42-ffaa:1:3", "common_name": "42-ffaa:1:3 regular voting cert"}') regular-voting.pem regular-voting.key
+    popd
+
+    # Create the TRC (Trust Root Configuration)
+    mkdir tmp
+    echo '
+    isd = 42
+    description = "Demo ISD 42"
+    serial_version = 1
+    base_version = 1
+    voting_quorum = 2
+
+    core_ases = ["ffaa:1:1", "ffaa:1:2", "ffaa:1:3"]
+    authoritative_ases = ["ffaa:1:1", "ffaa:1:2", "ffaa:1:3"]
+    cert_files = ["AS1/sensitive-voting.pem", "AS1/regular-voting.pem", "AS1/cp-root.pem", "AS2/cp-root.pem", "AS3/sensitive-voting.pem", "AS3/regular-voting.pem"]
+
+    [validity]
+    not_before = '$(date +%s)'
+    validity = "365d"' \
+    > trc-B1-S1-pld.tmpl
+
+    scion-pki trc payload --out=tmp/ISD42-B1-S1.pld.der --template trc-B1-S1-pld.tmpl
+    rm trc-B1-S1-pld.tmpl
+
+    # Sign and bundle the TRC
+    scion-pki trc sign tmp/ISD42-B1-S1.pld.der AS1/sensitive-voting.{pem,key} --out tmp/ISD42-B1-S1.AS1-sensitive.trc
+    scion-pki trc sign tmp/ISD42-B1-S1.pld.der AS1/regular-voting.{pem,key} --out tmp/ISD42-B1-S1.AS1-regular.trc
+    scion-pki trc sign tmp/ISD42-B1-S1.pld.der AS3/sensitive-voting.{pem,key} --out tmp/ISD42-B1-S1.AS3-sensitive.trc
+    scion-pki trc sign tmp/ISD42-B1-S1.pld.der AS3/regular-voting.{pem,key} --out tmp/ISD42-B1-S1.AS3-regular.trc
+
+    scion-pki trc combine tmp/ISD42-B1-S1.AS{1,3}-{sensitive,regular}.trc --payload tmp/ISD42-B1-S1.pld.der --out ISD42-B1-S1.trc
+    rm tmp -r
+
+    # Create CA key and certificate for issuing ASes
+    pushd AS1
+    scion-pki certificate create --profile=cp-ca <(echo '{"isd_as": "42-ffaa:1:1", "common_name": "42-ffaa:1:1 CA cert"}') cp-ca.pem cp-ca.key --ca cp-root.pem --ca-key cp-root.key
+    popd
+    pushd AS2
+    scion-pki certificate create --profile=cp-ca <(echo '{"isd_as": "42-ffaa:1:2", "common_name": "42-ffaa:1:2 CA cert"}') cp-ca.pem cp-ca.key --ca cp-root.pem --ca-key cp-root.key
+    popd
+
+    # Create AS key and certificate chains
+    scion-pki certificate create --profile=cp-as <(echo '{"isd_as": "42-ffaa:1:1", "common_name": "42-ffaa:1:1 AS cert"}') AS1/cp-as.pem AS1/cp-as.key --ca AS1/cp-ca.pem --ca-key AS1/cp-ca.key --bundle
+    scion-pki certificate create --profile=cp-as <(echo '{"isd_as": "42-ffaa:1:2", "common_name": "42-ffaa:1:2 AS cert"}') AS2/cp-as.pem AS2/cp-as.key --ca AS2/cp-ca.pem --ca-key AS2/cp-ca.key --bundle
+    scion-pki certificate create --profile=cp-as <(echo '{"isd_as": "42-ffaa:1:3", "common_name": "42-ffaa:1:3 AS cert"}') AS3/cp-as.pem AS3/cp-as.key --ca AS1/cp-ca.pem --ca-key AS1/cp-ca.key --bundle
+    scion-pki certificate create --profile=cp-as <(echo '{"isd_as": "42-ffaa:1:4", "common_name": "42-ffaa:1:4 AS cert"}') AS4/cp-as.pem AS4/cp-as.key --ca AS1/cp-ca.pem --ca-key AS1/cp-ca.key --bundle
+    scion-pki certificate create --profile=cp-as <(echo '{"isd_as": "42-ffaa:1:5", "common_name": "42-ffaa:1:5 AS cert"}') AS5/cp-as.pem AS5/cp-as.key --ca AS2/cp-ca.pem --ca-key AS2/cp-ca.key --bundle
+
+    for i in {1..5}
+    do
+      mkdir -p $out/AS$i
+      cp AS$i/cp-as.{key,pem} $out/AS$i
+    done
+
+    mv *.trc $out
+  '';
+  imports = hostId: [
+    ({
+      services.scion = {
+        enable = true;
+        bypassBootstrapWarning = true;
+      };
+      networking = {
+        useNetworkd = true;
+        useDHCP = false;
+      };
+      systemd.network.networks."01-eth1" = {
+        name = "eth1";
+        networkConfig.Address = "192.168.1.${toString hostId}/24";
+      };
+      environment.etc = {
+        "scion/topology.json".source = ./topology${toString hostId}.json;
+        "scion/crypto/as".source = trust-root-configuration-keys + "/AS${toString hostId}";
+        "scion/certs/ISD42-B1-S1.trc".source = trust-root-configuration-keys + "/ISD42-B1-S1.trc";
+        "scion/keys/master0.key".text = "U${toString hostId}v4k23ZXjGDwDofg/Eevw==";
+        "scion/keys/master1.key".text = "dBMko${toString hostId}qMS8DfrN/zP2OUdA==";
+      };
+      environment.systemPackages = [
+        pkgs.scion
+      ];
+    })
+  ];
+in
+{
+  name = "scion-test";
+  nodes = {
+    scion01 = { ... }: {
+      imports = (imports 1);
+    };
+    scion02 = { ... }: {
+      imports = (imports 2);
+    };
+    scion03 = { ... }: {
+      imports = (imports 3);
+    };
+    scion04 = { ... }: {
+      imports = (imports 4);
+    };
+    scion05 = { ... }: {
+      imports = (imports 5);
+    };
+  };
+  testScript = let
+    pingAll = pkgs.writeShellScript "ping-all-scion.sh" ''
+      addresses="42-ffaa:1:1 42-ffaa:1:2 42-ffaa:1:3 42-ffaa:1:4 42-ffaa:1:5"
+      timeout=100
+      wait_for_all() {
+        for as in "$@"
+        do
+          scion showpaths $as --no-probe > /dev/null
+          return 1
+        done
+        return 0
+      }
+      ping_all() {
+        for as in "$@"
+        do
+          scion ping "$as,127.0.0.1" -c 3
+        done
+        return 0
+      }
+      for i in $(seq 0 $timeout); do
+        wait_for_all $addresses && exit 0
+        ping_all $addresses && exit 0
+        sleep 1
+      done
+    '';
+  in
+  ''
+    # List of AS instances
+    machines = [scion01, scion02, scion03, scion04, scion05]
+
+    # Wait for scion-control.service on all instances
+    for i in machines:
+        i.wait_for_unit("scion-control.service")
+
+    # Execute pingAll command on all instances
+    for i in machines:
+        i.succeed("${pingAll} >&2")
+
+    # Restart scion-dispatcher and ping again to test robustness
+    for i in machines:
+        i.succeed("systemctl restart scion-dispatcher >&2")
+        i.succeed("${pingAll} >&2")
+  '';
+})

nixos/tests/scion/freestanding-deployment/topology1.json

@@ -0,0 +1,51 @@
+{
+  "attributes": [
+    "core"
+  ],
+  "isd_as": "42-ffaa:1:1",
+  "mtu": 1472,
+  "control_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "discovery_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "border_routers": {
+    "br": {
+      "internal_addr": "127.0.0.1:31002",
+      "interfaces": {
+        "1": {
+          "underlay": {
+            "public": "192.168.1.1:50014",
+            "remote": "192.168.1.4:50014"
+          },
+          "isd_as": "42-ffaa:1:4",
+          "link_to": "child",
+          "mtu": 1472
+        },
+        "2": {
+          "underlay": {
+            "public": "192.168.1.1:50012",
+            "remote": "192.168.1.2:50012"
+          },
+          "isd_as": "42-ffaa:1:2",
+          "link_to": "core",
+          "mtu": 1472
+        },
+        "3": {
+          "underlay": {
+            "public": "192.168.1.1:50013",
+            "remote": "192.168.1.3:50013"
+          },
+          "isd_as": "42-ffaa:1:3",
+          "link_to": "core",
+          "mtu": 1472
+        }
+      }
+    }
+  }
+}

nixos/tests/scion/freestanding-deployment/topology2.json

@@ -0,0 +1,51 @@
+{
+  "attributes": [
+    "core"
+  ],
+  "isd_as": "42-ffaa:1:2",
+  "mtu": 1472,
+  "control_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "discovery_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "border_routers": {
+    "br": {
+      "internal_addr": "127.0.0.1:31002",
+      "interfaces": {
+        "1": {
+          "underlay": {
+            "public": "192.168.1.2:50012",
+            "remote": "192.168.1.1:50012"
+          },
+          "isd_as": "42-ffaa:1:1",
+          "link_to": "core",
+          "mtu": 1472
+        },
+        "2": {
+          "underlay": {
+            "public": "192.168.1.2:50023",
+            "remote": "192.168.1.3:50023"
+          },
+          "isd_as": "42-ffaa:1:3",
+          "link_to": "core",
+          "mtu": 1472
+        },
+        "3": {
+          "underlay": {
+            "public": "192.168.1.2:50025",
+            "remote": "192.168.1.5:50025"
+          },
+          "isd_as": "42-ffaa:1:5",
+          "link_to": "child",
+          "mtu": 1472
+        }
+      }
+    }
+  }
+}

nixos/tests/scion/freestanding-deployment/topology3.json

@@ -0,0 +1,60 @@
+{
+  "attributes": [
+    "core"
+  ],
+  "isd_as": "42-ffaa:1:3",
+  "mtu": 1472,
+  "control_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "discovery_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "border_routers": {
+    "br": {
+      "internal_addr": "127.0.0.1:31002",
+      "interfaces": {
+        "1": {
+          "underlay": {
+            "public": "192.168.1.3:50013",
+            "remote": "192.168.1.1:50013"
+          },
+          "isd_as": "42-ffaa:1:1",
+          "link_to": "core",
+          "mtu": 1472
+        },
+        "2": {
+          "underlay": {
+            "public": "192.168.1.3:50023",
+            "remote": "192.168.1.2:50023"
+          },
+          "isd_as": "42-ffaa:1:2",
+          "link_to": "core",
+          "mtu": 1472
+        },
+        "3": {
+          "underlay": {
+            "public": "192.168.1.3:50034",
+            "remote": "192.168.1.4:50034"
+          },
+          "isd_as": "42-ffaa:1:4",
+          "link_to": "child",
+          "mtu": 1472
+        },
+        "4": {
+          "underlay": {
+            "public": "192.168.1.3:50035",
+            "remote": "192.168.1.5:50035"
+          },
+          "isd_as": "42-ffaa:1:5",
+          "link_to": "child",
+          "mtu": 1472
+        }
+      }
+    }
+  }
+}

nixos/tests/scion/freestanding-deployment/topology4.json

@@ -0,0 +1,40 @@
+{
+  "attributes": [],
+  "isd_as": "42-ffaa:1:4",
+  "mtu": 1472,
+  "control_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "discovery_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "border_routers": {
+    "br": {
+      "internal_addr": "127.0.0.1:31002",
+      "interfaces": {
+        "1": {
+          "underlay": {
+            "public": "192.168.1.4:50014",
+            "remote": "192.168.1.1:50014"
+          },
+          "isd_as": "42-ffaa:1:1",
+          "link_to": "parent",
+          "mtu": 1472
+        },
+        "2": {
+          "underlay": {
+            "public": "192.168.1.4:50034",
+            "remote": "192.168.1.3:50034"
+          },
+          "isd_as": "42-ffaa:1:3",
+          "link_to": "parent",
+          "mtu": 1472
+        }
+      }
+    }
+  }
+}

nixos/tests/scion/freestanding-deployment/topology5.json

@@ -0,0 +1,40 @@
+{
+  "attributes": [],
+  "isd_as": "42-ffaa:1:5",
+  "mtu": 1472,
+  "control_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "discovery_service": {
+    "cs": {
+      "addr": "127.0.0.1:31000"
+    }
+  },
+  "border_routers": {
+    "br": {
+      "internal_addr": "127.0.0.1:31002",
+      "interfaces": {
+        "1": {
+          "underlay": {
+            "public": "192.168.1.5:50025",
+            "remote": "192.168.1.2:50025"
+          },
+          "isd_as": "42-ffaa:1:2",
+          "link_to": "parent",
+          "mtu": 1472
+        },
+        "2": {
+          "underlay": {
+            "public": "192.168.1.5:50035",
+            "remote": "192.168.1.3:50035"
+          },
+          "isd_as": "42-ffaa:1:3",
+          "link_to": "parent",
+          "mtu": 1472
+        }
+      }
+    }
+  }
+}

nixos/tests/ustreamer.nix

@@ -0,0 +1,75 @@
+import ./make-test-python.nix ({ pkgs, ... }: {
+  name = "ustreamer-vmtest";
+  nodes = {
+    client = {...}: {
+      environment.systemPackages = [ pkgs.curl ];
+    };
+    camera = {config, ...}: let
+      configFile = pkgs.writeText "akvcam-configFile" ''
+        [Cameras]
+        cameras/size = 2
+
+        cameras/1/type = output
+        cameras/1/mode = mmap, userptr, rw
+        cameras/1/description = Virtual Camera (output device)
+        cameras/1/formats = 2
+        cameras/1/videonr = 7
+
+        cameras/2/type = capture
+        cameras/2/mode = mmap, rw
+        cameras/2/description = Virtual Camera
+        cameras/2/formats = 1, 2
+        cameras/2/videonr = 9
+
+        [Connections]
+        connections/size = 1
+        connections/1/connection = 1:2
+
+        [Formats]
+        formats/size = 2
+
+        formats/1/format = YUY2
+        formats/1/width = 640
+        formats/1/height = 480
+        formats/1/fps = 30
+
+        formats/2/format = RGB24, YUY2
+        formats/2/width = 640
+        formats/2/height = 480
+        formats/2/fps = 20/1, 15/2
+      '';
+    in {
+      environment.systemPackages = [ pkgs.ustreamer ];
+      networking.firewall.enable = false;
+      systemd.services.ustreamer = {
+        description = "ustreamer service";
+        wantedBy = ["multi-user.target"];
+        serviceConfig = {
+          DynamicUser = true;
+          ExecStart = "${pkgs.ustreamer}/bin/ustreamer --host=0.0.0.0 --port 8000 --device /dev/video9 --device-timeout=8";
+          PrivateTmp = true;
+          BindReadOnlyPaths = "/dev/video9";
+          SupplementaryGroups = [
+            "video"
+          ];
+          Restart = "always";
+        };
+      };
+      boot.extraModulePackages = [config.boot.kernelPackages.akvcam];
+      boot.kernelModules = ["akvcam"];
+      boot.extraModprobeConfig = ''
+        options akvcam config_file=${configFile}
+      '';
+    };
+  };
+
+  testScript = ''
+    start_all()
+
+    camera.wait_for_unit("ustreamer.service")
+    camera.wait_for_open_port(8000)
+
+    client.wait_for_unit("multi-user.target")
+    client.succeed("curl http://camera:8000")
+  '';
+})

pkgs/applications/editors/emacs/sources.nix

@@ -110,6 +110,27 @@ in
     variant = "macport";
     rev = "emacs-28.2-mac-9.1";
     hash = "sha256-Ne2jQ2nVLNiQmnkkOXVc5AkLVkTpm8pFC7VNY2gQjPE=";
+    patches = fetchpatch: [
+      # CVE-2022-45939
+      (fetchpatch {
+        url = "https://git.savannah.gnu.org/cgit/emacs.git/patch/?id=d48bb4874bc6cd3e69c7a15fc3c91cc141025c51";
+        hash = "sha256-TiBQkexn/eb6+IqJNDqR/Rn7S7LVdHmL/21A5tGsyJs=";
+      })
+
+      # https://lists.gnu.org/archive/html/emacs-devel/2024-03/msg00611.html
+      (fetchpatch {
+        url = "https://gitweb.gentoo.org/proj/emacs-patches.git/plain/emacs/28.2/10_all_org-macro-eval.patch?id=af40e12cb742510e5d40a06ffc6dfca97e340dd6";
+        hash = "sha256-OdGt4e9JGjWJPkfJhbYsmQQc6jart4BH5aIKPIbWKFs=";
+      })
+      (fetchpatch {
+        url = "https://gitweb.gentoo.org/proj/emacs-patches.git/plain/emacs/28.2/11_all_untrusted-content.patch?id=af40e12cb742510e5d40a06ffc6dfca97e340dd6";
+        hash = "sha256-wa2bsnCt5yFx0+RAFZGBPI+OoKkbrfkkMer/KBEc/wA=";
+      })
+      (fetchpatch {
+        url = "https://gitweb.gentoo.org/proj/emacs-patches.git/plain/emacs/28.2/12_all_org-remote-unsafe.patch?id=af40e12cb742510e5d40a06ffc6dfca97e340dd6";
+        hash = "sha256-b6WU1o3PfDV/6BTPfPNUFny6oERJCNsDrvflxX3Yvek=";
+      })
+    ];
   });
 
   emacs29-macport = import ./make-emacs.nix (mkArgs {

pkgs/applications/emulators/86box/default.nix

@@ -6,16 +6,17 @@
 , enableNewDynarec ? enableDynarec && stdenv.hostPlatform.isAarch
 , enableVncRenderer ? false
 , unfreeEnableDiscord ? false
+, unfreeEnableRoms ? false
 }:
 
-stdenv.mkDerivation rec {
+stdenv.mkDerivation (finalAttrs: {
   pname = "86Box";
   version = "4.1";
 
   src = fetchFromGitHub {
     owner = "86Box";
     repo = "86Box";
-    rev = "v${version}";
+    rev = "v${finalAttrs.version}";
     hash = "sha256-JYOJFXiUTLRs6AEMYNx88PwcVw13ChQzV1ZE5OtX6Ds=";
   };
 
@@ -48,38 +49,46 @@ stdenv.mkDerivation rec {
     ++ lib.optional (!enableDynarec) "-DDYNAREC=OFF"
     ++ lib.optional (!unfreeEnableDiscord) "-DDISCORD=OFF";
 
-  postInstall = lib.optional stdenv.isLinux ''
+  postInstall = lib.optionalString stdenv.isLinux ''
     install -Dm644 -t $out/share/applications $src/src/unix/assets/net.86box.86Box.desktop
 
     for size in 48 64 72 96 128 192 256 512; do
       install -Dm644 -t $out/share/icons/hicolor/"$size"x"$size"/apps \
         $src/src/unix/assets/"$size"x"$size"/net.86box.86Box.png
     done;
+  ''
+  + lib.optionalString unfreeEnableRoms ''
+    mkdir -p $out/share/86Box
+    ln -s ${finalAttrs.passthru.roms} $out/share/86Box/roms
   '';
 
+  passthru = {
+    roms = fetchFromGitHub {
+      owner = "86Box";
+      repo = "roms";
+      rev = "v${finalAttrs.version}";
+      hash = "sha256-1HtoizO0QIGNjQTW0clzRp40h1ulw55+iTYz12UJSms=";
+    };
+  };
+
   # Some libraries are loaded dynamically, but QLibrary doesn't seem to search
   # the runpath, so use a wrapper instead.
-  postFixup = let
+  preFixup = let
     libPath = lib.makeLibraryPath ([
       libpcap
     ] ++ lib.optional unfreeEnableDiscord discord-gamesdk);
     libPathVar = if stdenv.isDarwin then "DYLD_LIBRARY_PATH" else "LD_LIBRARY_PATH";
-  in
-  ''
-    wrapProgram $out/bin/86Box \
-      "''${qtWrapperArgs[@]}" \
-      --prefix ${libPathVar} : "${libPath}"
+  in ''
+    makeWrapperArgs+=(--prefix ${libPathVar} : "${libPath}")
   '';
 
-  # Do not wrap twice.
-  dontWrapQtApps = true;
-
   meta = with lib; {
     description = "Emulator of x86-based machines based on PCem.";
     mainProgram = "86Box";
     homepage = "https://86box.net/";
-    license = with licenses; [ gpl2Only ] ++ optional unfreeEnableDiscord unfree;
+    license = with licenses; [ gpl2Only ]
+      ++ optional (unfreeEnableDiscord || unfreeEnableRoms) unfree;
     maintainers = [ maintainers.jchw ];
     platforms = platforms.linux;
   };
-}
+})

pkgs/by-name/cg/cgterm/package.nix

@@ -0,0 +1,32 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, SDL
+}:
+
+stdenv.mkDerivation (finalAttrs: {
+  pname = "cg-term";
+  version = "1.7b2";
+
+  src = fetchFromGitHub {
+    owner = "MagerValp";
+    repo = "CGTerm";
+    rev = "01e35d64c29bccee52211b0afc66035a10e4792a"; # no tags
+    hash = "sha256-Gk7t9wnVCRWwnqcItS3j031VqJnBqk6rHw1SABtzqfE=";
+  };
+
+  buildInputs = [
+    SDL
+  ];
+
+  makeFlags = [ "CC:=$(CC)" "PREFIX=$(out)" ];
+
+  meta = with lib; {
+    description = "C/G telnet client for C64 BBS's";
+    homepage = "https://github.com/MagerValp/CGTerm";
+    license = licenses.bsd2;
+    maintainers = with maintainers; [ matthewcroughan ];
+    mainProgram = "cg-term";
+    platforms = platforms.all;
+  };
+})

pkgs/by-name/di/dipc/package.nix

@@ -0,0 +1,26 @@
+{ lib
+, rustPlatform
+, fetchFromGitHub
+}:
+
+rustPlatform.buildRustPackage rec {
+  pname = "dipc";
+  version = "1.0.0";
+
+  src = fetchFromGitHub {
+    owner = "doprz";
+    repo = "dipc";
+    rev = "bf578bd9474084b7099ef665138667e486dce671";
+    hash = "sha256-RXEC8bwdnUOaDmYIb7ci/JD+vi16tBn55FRsUmwaRzk=";
+  };
+
+  cargoHash = "sha256-XQ85T64K1NLdSOtAFr0XluvFNTaHzoWKxoQtBQ+uSKQ=";
+
+  meta = with lib; {
+    description = "Convert your favorite images and wallpapers with your favorite color palettes/themes";
+    homepage = "https://github.com/doprz/dipc";
+    license = with licenses; [ mit asl20 ];
+    maintainers = with maintainers; [ ByteSudoer ];
+    mainProgram = "dipc";
+  };
+}

pkgs/by-name/dm/dmalloc/package.nix

@@ -0,0 +1,45 @@
+{ lib
+, stdenv
+, fetchFromGitHub
+, testers
+, dmalloc
+}:
+
+stdenv.mkDerivation rec {
+  pname = "dmalloc";
+  version = "5.6.5";
+
+  src = fetchFromGitHub {
+    owner = "j256";
+    repo = "dmalloc";
+    rev = "dmalloc_release_${lib.replaceStrings ["."] ["_"] version}";
+    hash = "sha256-P63I9s32C3v1q+Sy9joK0HKYb0ebBu9g72tTTwxvkz8=";
+  };
+
+  configureFlags = [
+    "--enable-cxx"
+    "--enable-shlib"
+    "--enable-threads"
+  ];
+
+  passthru.tests.version = testers.testVersion {
+    package = dmalloc;
+  };
+
+  meta = with lib; {
+    description = "Debug Malloc memory allocation debugging C library";
+    longDescription = ''
+      The debug memory allocation or "dmalloc" library has been designed as a
+      drop in replacement for the system's malloc, realloc, calloc, free and
+      other memory management routines while providing powerful debugging
+      facilities configurable at runtime. These facilities include such things
+      as memory-leak tracking, fence-post write detection, file/line number
+      reporting, and general logging of statistics.
+    '';
+    homepage = "https://dmalloc.com";
+    license = licenses.isc;
+    maintainers = with maintainers; [ azahi ];
+    platforms = platforms.all;
+    mainProgram = "dmalloc";
+  };
+}

pkgs/by-name/gl/glide-media-player/package.nix

@@ -13,24 +13,23 @@
 , graphene
 , gst_all_1
 , glib-networking
-, darwin
 }:
 
 stdenv.mkDerivation rec {
   pname = "glide-media-player";
-  version = "0.6.2";
+  version = "0.6.3";
 
   src = fetchFromGitHub {
     owner = "philn";
     repo = "glide";
     rev = version;
-    hash = "sha256-SN/1Yf4fHlDbJ2X6DGktsn1GFW8bbkeznlO1S8sBZyg=";
+    hash = "sha256-rWWMMuA41uFWazIJBVLxzaCrR5X5tI4x+GXXYkfeqz8=";
   };
 
   cargoDeps = rustPlatform.fetchCargoTarball {
     inherit src;
     name = "${pname}-${version}";
-    hash = "sha256-2Ma7ZAKFiAQXFWFze4RLwGu33d/vC6FVW6fJdqwED20=";
+    hash = "sha256-Kvdbo5tkhwsah9W7Y5zqpoA3bVHfmjGj7Cjsqxkljls=";
   };
 
   postPatch = ''
@@ -41,8 +40,6 @@ stdenv.mkDerivation rec {
     patchShebangs --build \
       scripts/meson_post_install.py \
       build-aux/cargo-build.py
-  '' + lib.optionalString stdenv.isDarwin ''
-    sed -i "/wayland,x11egl,x11glx/d" meson.build
   '';
 
   nativeBuildInputs = [
@@ -64,8 +61,6 @@ stdenv.mkDerivation rec {
     gst_all_1.gst-plugins-bad
     gst_all_1.gst-plugins-good
     glib-networking
-  ] ++ lib.optionals stdenv.isDarwin [
-    darwin.apple_sdk_11_0.frameworks.IOKit
   ];
 
   meta = with lib; {
@@ -74,8 +69,7 @@ stdenv.mkDerivation rec {
     license = licenses.mit;
     maintainers = with maintainers; [ aleksana ];
     mainProgram = "glide";
-    platforms = platforms.unix;
-    # error: could not find system library 'gstreamer-gl-1.0' required by the 'gstreamer-gl-sys' crate
-    broken = stdenv.isDarwin && stdenv.isx86_64;
+    # Required gdk4-{wayland,x11} and gstreamer-gl not available on darwin
+    platforms = subtractLists platforms.darwin platforms.unix;
   };
 }

pkgs/by-name/in/incus/529.patch

@@ -1,29 +0,0 @@
-From 32a4beecbf8098fdbb15ef5f36088956922630f7 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?St=C3=A9phane=20Graber?= <stgraber@stgraber.org>
-Date: Fri, 23 Feb 2024 18:47:15 -0500
-Subject: [PATCH] incusd/device/disk: Fix incorrect block volume usage
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-Signed-off-by: Stéphane Graber <stgraber@stgraber.org>
----
- internal/server/device/disk.go | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/internal/server/device/disk.go b/internal/server/device/disk.go
-index 0d19e21139..4f9a3e7c1b 100644
---- a/internal/server/device/disk.go
-+++ b/internal/server/device/disk.go
-@@ -339,6 +339,11 @@ func (d *disk) validateConfig(instConf instance.ConfigReader) error {
- 				var usedBy []string
- 
- 				err = storagePools.VolumeUsedByInstanceDevices(d.state, d.pool.Name(), storageProjectName, &dbVolume.StorageVolume, true, func(inst db.InstanceArgs, project api.Project, usedByDevices []string) error {
-+					// Don't count the current instance.
-+					if d.inst != nil && d.inst.Project().Name == inst.Project && d.inst.Name() == inst.Name {
-+						return nil
-+					}
-+
- 					usedBy = append(usedBy, inst.Name)
- 
- 					return nil

pkgs/by-name/in/incus/client.nix

@@ -31,10 +31,8 @@ buildGoModule {
   subPackages = [ "cmd/incus" ];
 
   postInstall = ''
-    # use custom bash completion as it has extra logic for e.g. instance names
-    installShellCompletion --bash --name incus ./scripts/bash/incus
-
     installShellCompletion --cmd incus \
+      --bash <($out/bin/incus completion bash) \
       --fish <($out/bin/incus completion fish) \
       --zsh <($out/bin/incus completion zsh)
   '';

pkgs/by-name/in/incus/generic.nix

@@ -45,12 +45,6 @@ buildGoModule rec {
     inherit hash;
   };
 
-  # replace with env var > 0.6 https://github.com/lxc/incus/pull/610
-  postPatch = ''
-    substituteInPlace internal/usbid/load.go \
-      --replace-fail "/usr/share/misc/usb.ids" "${hwdata}/share/hwdata/usb.ids"
-  '';
-
   excludedPackages = [
     # statically compile these
     "cmd/incus-agent"
@@ -103,10 +97,8 @@ buildGoModule rec {
     '';
 
   postInstall = ''
-    # use custom bash completion as it has extra logic for e.g. instance names
-    installShellCompletion --bash --name incus ./scripts/bash/incus
-
     installShellCompletion --cmd incus \
+      --bash <($out/bin/incus completion bash) \
       --fish <($out/bin/incus completion fish) \
       --zsh <($out/bin/incus completion zsh)
   '';

pkgs/by-name/in/incus/package.nix

@@ -1,9 +1,6 @@
 import ./generic.nix {
-  hash = "sha256-tGuAS0lZvoYb+TvmCklQ8TADZhbm4w/lhdI0ycS4/0o=";
-  version = "0.6.0";
-  vendorHash = "sha256-+WmgLOEBJ/7GF596iiTgyTPxn8l+hE6RVqjLKfCi5rs=";
-  patches = [
-    # fix storage bug, fixed in > 0.6
-    ./529.patch
-  ];
+  hash = "sha256-6TLoua3rooDRyPc5BPYgzU/oeVy6F8h+p3UtKGPZkAE=";
+  version = "0.7.0";
+  vendorHash = "sha256-Slw58pszT6sbpxK6/f+ojA+uStt0zSWxztFTm5ovZr8=";
+  patches = [ ];
 }

pkgs/by-name/in/incus/update.nu

@@ -10,12 +10,19 @@ def main [--lts = false, --regex: string] {
   let current_version = nix eval --raw -f default.nix $"($attr).version" | str trim
 
   if $latest_tag != $current_version {
+    print $"Updating: new ($latest_tag) != old ($current_version)"
     update-source-version $attr $latest_tag $"--file=($file)"
 
     let oldVendorHash = nix-instantiate . --eval --strict -A $"($attr).goModules.drvAttrs.outputHash" --json | from json
-    let vendorHash = do { nix-build -A $"($attr).goModules" } | complete | get stderr | lines | str trim | find --regex 'got:[[:space:]]*sha256' | split row ' ' | last
-    open $file | str replace $oldVendorHash $vendorHash | save --force $file
+    let checkBuild = do { nix-build -A $"($attr).goModules" } | complete
+    let vendorHash = $checkBuild.stderr | lines | str trim | find --regex 'got:[[:space:]]*sha256' | split row ' ' | last
 
+    if $vendorHash != null {
+      open $file | str replace $oldVendorHash $vendorHash | save --force $file
+    } else {
+      print $checkBuild.stderr
+      exit 1
+    }
   }
 
   {"lts?": $lts, before: $current_version, after: $latest_tag}

pkgs/by-name/jo/job-security/package.nix

@@ -0,0 +1,28 @@
+{ lib
+, stdenv
+, rustPlatform
+, fetchFromGitHub
+}:
+
+rustPlatform.buildRustPackage rec {
+  pname = "job-security";
+  version = "unstable-0-2024-03-24";
+
+  src = fetchFromGitHub {
+    owner = "yshui";
+    repo = "job-security";
+    rev = "3881a4a0e66afe19cbdba3f43d0f85732796f977";
+    hash = "sha256-mXmDzBsHdiim0bWrs0SvgtMZmKnYVz/RV9LNqPHHlnk=";
+  };
+
+  cargoHash = "sha256-W5evL36ByUUjvSwa3Nmf4MT2oZYoQ8kmchNOxUwmpuE=";
+
+  meta = {
+    description = "Job control from anywhere";
+    homepage = "https://github.com/yshui/job-security";
+    license = with lib.licenses; [ asl20 mit mpl20 ];
+    maintainers = with lib.maintainers; [ fgaz ];
+    mainProgram = "jobs";
+    broken = stdenv.isDarwin;
+  };
+}

pkgs/by-name/sc/scion/package.nix

@@ -2,6 +2,7 @@
 , buildGoModule
 , fetchFromGitHub
 , fetchpatch2
+, nixosTests
 }:
 let
   version = "0.10.0";
@@ -42,6 +43,16 @@ buildGoModule {
     ${skipTest 1 "TestOpensslCompatible" "scion-pki/trcs/sign_test.go"}
   '';
 
+  postInstall = ''
+    set +e
+    mv $out/bin/gateway $out/bin/scion-ip-gateway
+    mv $out/bin/dispatcher $out/bin/scion-dispatcher
+    mv $out/bin/router $out/bin/scion-router
+    mv $out/bin/control $out/bin/scion-control
+    mv $out/bin/daemon $out/bin/scion-daemon
+    set -e
+  '';
+
   doCheck = true;
 
   patches = [
@@ -51,6 +62,10 @@ buildGoModule {
     })
   ];
 
+  passthru.tests = {
+    inherit (nixosTests) scion-freestanding-deployment;
+  };
+
   meta = with lib; {
     description = "A future Internet architecture utilizing path-aware networking";
     homepage = "https://scion-architecture.net/";

pkgs/by-name/st/stackit-cli/package.nix

@@ -0,0 +1,80 @@
+{ lib
+, buildGoModule
+, fetchFromGitHub
+, installShellFiles
+, makeWrapper
+, less
+, xdg-utils
+, testers
+, runCommand
+, stackit-cli
+}:
+
+buildGoModule rec {
+  pname = "stackit-cli";
+  version = "0.1.0-prerelease.2";
+
+  src = fetchFromGitHub {
+    owner = "stackitcloud";
+    repo = "stackit-cli";
+    rev = "v${version}";
+    hash = "sha256-GS3ZXarhXs1xuVmiLPMrrzXnO79R1+2va0x7N7CKNjQ=";
+  };
+
+  vendorHash = "sha256-Cill5hq8KVeKGRX2u9oIudi/s8XHIW5C8sgbTshrLY4=";
+
+  subPackages = [ "." ];
+
+  CGO_ENABLED = 0;
+
+  ldflags = [
+    "-s"
+    "-w"
+    "-X main.version=${version}"
+  ];
+
+  nativeBuildInputs = [ installShellFiles makeWrapper ];
+
+  preCheck = ''
+    export HOME=$TMPDIR # needed because the binary always creates a dir & config file
+  '';
+
+  postInstall = ''
+    export HOME=$TMPDIR # needed because the binary always creates a dir & config file
+    mv $out/bin/{${pname},stackit} # rename the binary
+
+    installShellCompletion --cmd stackit --bash <($out/bin/stackit completion bash)
+    installShellCompletion --cmd stackit --zsh <($out/bin/stackit completion zsh)
+    installShellCompletion --cmd stackit --fish <($out/bin/stackit completion fish)
+    # Use this instead, once https://github.com/stackitcloud/stackit-cli/issues/153 is fixed:
+    # installShellCompletion --cmd stackit \
+    #   --bash <($out/bin/stackit completion bash) \
+    #   --zsh  <($out/bin/stackit completion zsh)  \
+    #   --fish <($out/bin/stackit completion fish)
+    # Ensure that all 3 completion scripts exist AND have content (should be kept for regression testing)
+    [ $(find $out/share -not -empty -type f | wc -l) -eq 3 ]
+  '';
+
+  postFixup = ''
+    wrapProgram $out/bin/stackit \
+      --suffix PATH : ${lib.makeBinPath [ less xdg-utils ]}
+  '';
+
+  nativeCheckInputs = [ less ];
+
+  passthru.tests = {
+    version = testers.testVersion {
+      package = stackit-cli;
+      command = "HOME=$TMPDIR stackit --version";
+    };
+  };
+
+  meta = with lib; {
+    description = "CLI to manage STACKIT cloud services";
+    homepage = "https://github.com/stackitcloud/stackit-cli";
+    changelog = "https://github.com/stackitcloud/stackit-cli/releases/tag/v${version}";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ DerRockWolf ];
+    mainProgram = "stackit";
+  };
+}

pkgs/by-name/vl/vlc-bittorrent/package.nix

@@ -0,0 +1,55 @@
+{ lib
+, autoconf-archive
+, autoreconfHook
+, boost
+, fetchFromGitHub
+, libtorrent-rasterbar
+, libvlc
+, openssl
+, pkg-config
+, stdenv
+}:
+
+# VLC does not know where the vlc-bittorrent package is installed.
+# make sure to have something like:
+#   environment.variables.VLC_PLUGIN_PATH = "${pkgs.vlc-bittorrent}";
+
+stdenv.mkDerivation (finalAttrs: {
+  pname = "vlc-bittorrent";
+  version = "2.15.0";
+
+  src = fetchFromGitHub {
+    owner = "johang";
+    repo = "vlc-bittorrent";
+    rev = "v${finalAttrs.version}";
+    hash = "sha256-7FHeQYHbMKZJ3yeHqxTTAUwghTje+gEX8gSEJzfG5sQ=";
+  };
+
+  nativeBuildInputs = [
+    autoconf-archive
+    autoreconfHook
+    pkg-config
+  ];
+
+  buildInputs = [
+    boost
+    libtorrent-rasterbar
+    libvlc
+    openssl
+  ];
+
+  strictDeps = true;
+
+  # It's a library, should not have a desktop file
+  postFixup = ''
+    rm -r $out/share/
+  '';
+
+  meta = with lib; {
+    description = "A bittorrent plugin for VLC";
+    homepage = "https://github.com/johang/vlc-bittorrent";
+    license = licenses.gpl3Plus;
+    platforms = platforms.linux;
+    maintainers = [ maintainers.kintrix ];
+  };
+})

pkgs/data/fonts/iosevka/default.nix

@@ -55,16 +55,16 @@ assert (extraParameters != null) -> set != null;
 
 buildNpmPackage rec {
   pname = "Iosevka${toString set}";
-  version = "29.0.3";
+  version = "29.0.4";
 
   src = fetchFromGitHub {
     owner = "be5invis";
     repo = "iosevka";
     rev = "v${version}";
-    hash = "sha256-7vNfmrQ/B+T9hF5/ikIU1RvBcSRStnEmOY7VPbrll6s=";
+    hash = "sha256-dkFvgiGCHvBp7gBNAG08cfpTc0c7b2oU56xfxjPHhm8=";
   };
 
-  npmDepsHash = "sha256-FGGhuMlDhXd97AY23/ZPlrcrmirZIooAYJaskn2aM6w=";
+  npmDepsHash = "sha256-IvMO0LZy/vlNxsp2D5pK97l6OIltrjv8iZ2CGl2XhFM=";
 
   nativeBuildInputs = [
     remarshal

pkgs/development/libraries/qt-6/qt-env.nix

@@ -4,7 +4,7 @@ buildEnv {
   inherit name;
   paths = [ qtbase ] ++ paths;
 
-  pathsToLink = [ "/bin" "/mkspecs" "/include" "/lib" "/share" "/libexec" ];
+  pathsToLink = [ "/metatypes" "/bin" "/mkspecs" "/include" "/lib" "/share" "/libexec" ];
   extraOutputsToInstall = [ "out" "dev" ];
 
   postBuild = ''

pkgs/development/python-modules/llama-index-readers-database/default.nix

@@ -9,7 +9,7 @@
 
 buildPythonPackage rec {
   pname = "llama-index-readers-database";
-  version = "0.1.2";
+  version = "0.1.3";
   pyproject = true;
 
   disabled = pythonOlder "3.8";
@@ -17,7 +17,7 @@ buildPythonPackage rec {
   src = fetchPypi {
     pname = "llama_index_readers_database";
     inherit version;
-    hash = "sha256-9hbaUioGe8KVWX1O+Bwx0aOvJtVGb4lX/SZwYNJ/Xp0=";
+    hash = "sha256-1J6FE6iID4U9cEcPPUK5CvCTmbgVWxI4AFLrx+gPGWg=";
   };
 
   build-system = [

pkgs/development/python-modules/pathlib-abc/default.nix

@@ -8,7 +8,7 @@
 
 buildPythonPackage rec {
   pname = "pathlib-abc";
-  version = "0.1.1";
+  version = "0.2.0";
   pyproject = true;
 
   disabled = pythonOlder "3.8";
@@ -16,7 +16,7 @@ buildPythonPackage rec {
   src = fetchPypi {
     pname = "pathlib_abc";
     inherit version;
-    hash = "sha256-CE573ZGbD3d0kUqeZM2GobOYYPgfeB3XJCWGMfKRWr4=";
+    hash = "sha256-ua9rOf1RMhSFZ47DgD0KEeAqIuhp6AUsrLbo9l3nuGI=";
   };
 
   build-system = [

pkgs/development/python-modules/sqlmodel/default.nix

@@ -25,11 +25,11 @@ buildPythonPackage rec {
     hash = "sha256-hDJcekn0ExYUCs8kBZkJzsWqXsB/cI6RbW3EhRCCioM=";
   };
 
-  nativeBuildInputs = [
+  build-system = [
     poetry-core
   ];
 
-  propagatedBuildInputs = [
+  dependencies = [
     pydantic
     sqlalchemy
   ];
@@ -45,6 +45,11 @@ buildPythonPackage rec {
     "sqlmodel"
   ];
 
+  disabledTests = [
+    # AssertionError: assert 'enum_field VARCHAR(1)
+    "test_sqlite_ddl_sql"
+  ];
+
   disabledTestPaths = [
     # Coverage
     "docs_src/tutorial/"

pkgs/development/tools/analysis/flow/default.nix

@@ -2,13 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "flow";
-  version = "0.231.0";
+  version = "0.232.0";
 
   src = fetchFromGitHub {
     owner = "facebook";
     repo = "flow";
     rev = "v${version}";
-    hash = "sha256-xZ6hyAnfWMwNZfkDIPV+0Cjs/HBMwBME6tZwQW38Cmk=";
+    hash = "sha256-hYFVfkkJFAg5Ij7kwLiMeIHYjPLElHhzDPET6kBQCSg=";
   };
 
   postPatch = ''

pkgs/development/tools/continuous-integration/github-runner/default.nix

@@ -23,13 +23,13 @@ assert builtins.all (x: builtins.elem x [ "node20" ]) nodeRuntimes;
 
 buildDotnetModule rec {
   pname = "github-runner";
-  version = "2.314.1";
+  version = "2.315.0";
 
   src = fetchFromGitHub {
     owner = "actions";
     repo = "runner";
     rev = "v${version}";
-    hash = "sha256-PHcCXWA6LcxpqdbTGbOUqnS4fIJLbHOhEPdagGF71q0=";
+    hash = "sha256-kKfwLZYV4uEkHt82YWNtDehbspgnH8heckVU5aA/YiY=";
     leaveDotGit = true;
     postFetch = ''
       git -C $out rev-parse --short HEAD > $out/.git-revision

pkgs/development/tools/hclfmt/default.nix

@@ -2,16 +2,16 @@
 
 buildGoModule rec {
   pname = "hclfmt";
-  version = "2.20.0";
+  version = "2.20.1";
 
   src = fetchFromGitHub {
     owner = "hashicorp";
     repo = "hcl";
     rev = "v${version}";
-    hash = "sha256-gXipXBi/IFB4F+vr1BBp91kcIRpWvxkSttb62Cl3h0g=";
+    hash = "sha256-+4K6k32azx/66eag9c6lUN8TUJ1ICx4Q8zpnTJWqgQ0=";
   };
 
-  vendorHash = "sha256-MXiLfCbXXw2PMlj/3eAvbReH11IzS/G/4ajV37B5lOs=";
+  vendorHash = "sha256-L5OabeDUXbrwFOgWRhi9FPTWK+xbL54ZM7cYhS15Jis=";
 
   # The code repository includes other tools which are not useful. Only build
   # hclfmt.

pkgs/development/tools/misc/texlab/default.nix

@@ -15,16 +15,16 @@ let
 in
 rustPlatform.buildRustPackage rec {
   pname = "texlab";
-  version = "5.13.1";
+  version = "5.14.0";
 
   src = fetchFromGitHub {
     owner = "latex-lsp";
     repo = "texlab";
     rev = "refs/tags/v${version}";
-    hash = "sha256-fmtNalpOOPEiMO5zDD6m01cDfFuaLQsYPk6cc7yvjog=";
+    hash = "sha256-/VXhL03wZz0B0qoQe7JqmtzN020LSmcWB5QOkZFboz0=";
   };
 
-  cargoHash = "sha256-5ojXplzkBwchnSZLkwR5jz8WgyEA14Y1iVQ+Q19U8Tg=";
+  cargoHash = "sha256-hIQeo4FCEbgpa99ho5cwJgiXtAYbqgzyj6kW8fNtTWA=";
 
   outputs = [ "out" ] ++ lib.optional (!isCross) "man";
 

pkgs/development/tools/rust/cargo-mobile2/default.nix

@@ -12,7 +12,7 @@
 let
   inherit (darwin.apple_sdk.frameworks) CoreServices;
   pname = "cargo-mobile2";
-  version = "0.11.0";
+  version = "0.11.1";
 in
 rustPlatform.buildRustPackage {
   inherit pname version;
@@ -20,14 +20,14 @@ rustPlatform.buildRustPackage {
     owner = "tauri-apps";
     repo = pname;
     rev = "cargo-mobile2-v${version}";
-    hash = "sha256-1P9ImNyYU1dwGdwc1f6QSGm7H7D5uEozfSJqfEzla+A=";
+    hash = "sha256-HLDuWEKLij1hTKxf3lrAb4d2DIHzzkj4kuiZXgQwH4Q=";
   };
 
   # Manually specify the sourceRoot since this crate depends on other crates in the workspace. Relevant info at
   # https://discourse.nixos.org/t/difficulty-using-buildrustpackage-with-a-src-containing-multiple-cargo-workspaces/10202
   # sourceRoot = "${src.name}/tooling/cli";
 
-  cargoHash = "sha256-DmZ7Bdx5EHFkN528EhhJnNOLXEcLglFHvdgywpE59uo=";
+  cargoHash = "sha256-jCsP5xhNkqnwz8HocUzzf17omU8WDNrL/WVj/lP+51w=";
 
   preBuild = ''
     mkdir -p $out/share/

pkgs/development/tools/vagrant/default.nix

@@ -91,8 +91,12 @@ in buildRubyGem rec {
     mkdir -p "$out/vagrant-plugins/plugins.d"
     echo '{}' > "$out/vagrant-plugins/plugins.json"
 
+    # install bash completion
     mkdir -p $out/share/bash-completion/completions/
     cp -av contrib/bash/completion.sh $out/share/bash-completion/completions/vagrant
+    # install zsh completion
+    mkdir -p $out/share/zsh/site-functions/
+    cp -av contrib/zsh/_vagrant $out/share/zsh/site-functions/
   '' +
   lib.optionalString withLibvirt ''
     substitute ${./vagrant-libvirt.json.in} $out/vagrant-plugins/plugins.d/vagrant-libvirt.json \

pkgs/os-specific/linux/akvcam/default.nix

@@ -29,6 +29,5 @@ stdenv.mkDerivation rec {
     maintainers = with maintainers; [ freezeboy ];
     platforms = platforms.linux;
     license = licenses.gpl2Only;
-    broken = kernel.kernelAtLeast "5.18";
   };
 }

pkgs/servers/web-apps/kavita/change-webroot.diff

@@ -1,39 +1,79 @@
 diff --git a/API/Controllers/FallbackController.cs b/API/Controllers/FallbackController.cs
-index 2f5d7fce..faaf128a 100644
+index 0c925476..c7b30f39 100644
 --- a/API/Controllers/FallbackController.cs
 +++ b/API/Controllers/FallbackController.cs
-@@ -1,4 +1,4 @@
--using System;
-+using System;
- using System.IO;
- using API.Services;
- using Microsoft.AspNetCore.Authorization;
 @@ -22,7 +22,7 @@ public class FallbackController : Controller
  
-     public ActionResult Index()
+     public PhysicalFileResult Index()
      {
 -        return PhysicalFile(Path.Combine(Directory.GetCurrentDirectory(), "wwwroot", "index.html"), "text/HTML");
-+        return PhysicalFile(Path.Combine("@web_root@", "index.html"), "text/HTML");
++        return PhysicalFile(Path.Combine("@webroot@", "index.html"), "text/HTML");
      }
  }
  
+diff --git a/API/Services/DirectoryService.cs b/API/Services/DirectoryService.cs
+index 15afddf9..aff1f230 100644
+--- a/API/Services/DirectoryService.cs
++++ b/API/Services/DirectoryService.cs
+@@ -113,7 +113,7 @@ public class DirectoryService : IDirectoryService
+         ExistOrCreate(SiteThemeDirectory);
+         FaviconDirectory = FileSystem.Path.Join(FileSystem.Directory.GetCurrentDirectory(), "config", "favicons");
+         ExistOrCreate(FaviconDirectory);
+-        LocalizationDirectory = FileSystem.Path.Join(FileSystem.Directory.GetCurrentDirectory(), "I18N");
++        LocalizationDirectory = FileSystem.Path.Join("@out@/lib/kavita-backend", "I18N");
+     }
+ 
+     /// <summary>
+diff --git a/API/Services/LocalizationService.cs b/API/Services/LocalizationService.cs
+index ab3ad3d8..ac813a69 100644
+--- a/API/Services/LocalizationService.cs
++++ b/API/Services/LocalizationService.cs
+@@ -52,8 +52,7 @@ public class LocalizationService : ILocalizationService
+         else
+         {
+             _localizationDirectoryUi = directoryService.FileSystem.Path.Join(
+-                directoryService.FileSystem.Directory.GetCurrentDirectory(),
+-                "wwwroot", "assets/langs");
++                "@webroot@", "assets/langs");
+         }
+ 
+         _cacheOptions = new MemoryCacheEntryOptions()
 diff --git a/API/Startup.cs b/API/Startup.cs
-index f84ef638..7eaeb05e 100644
+index 939bfb58..1adb9373 100644
 --- a/API/Startup.cs
 +++ b/API/Startup.cs
-@@ -33,6 +33,7 @@ using Microsoft.AspNetCore.ResponseCompression;
- using Microsoft.AspNetCore.StaticFiles;
+@@ -36,6 +36,7 @@ using Microsoft.AspNetCore.StaticFiles;
+ using Microsoft.EntityFrameworkCore;
  using Microsoft.Extensions.Configuration;
  using Microsoft.Extensions.DependencyInjection;
 +using Microsoft.Extensions.FileProviders;
  using Microsoft.Extensions.Hosting;
  using Microsoft.Extensions.Logging;
  using Microsoft.Net.Http.Headers;
-@@ -298,6 +299,7 @@ public class Startup
+@@ -298,9 +299,6 @@ public class Startup
+         app.UsePathBase(basePath);
+         if (!env.IsDevelopment())
+         {
+-            // We don't update the index.html in local as we don't serve from there
+-            UpdateBaseUrlInIndex(basePath);
+-
+             // Update DB with what's in config
+             var dataContext = serviceProvider.GetRequiredService<DataContext>();
+             var setting = dataContext.ServerSetting.SingleOrDefault(x => x.Key == ServerSettingKey.BaseUrl);
+@@ -333,6 +334,7 @@ public class Startup
  
          app.UseStaticFiles(new StaticFileOptions
          {
-+            FileProvider = new PhysicalFileProvider("@web_root@"),
++            FileProvider = new PhysicalFileProvider("@webroot@"),
              ContentTypeProvider = new FileExtensionContentTypeProvider(),
              HttpsCompression = HttpsCompressionMode.Compress,
              OnPrepareResponse = ctx =>
+@@ -394,7 +396,7 @@ public class Startup
+         try
+         {
+             var htmlDoc = new HtmlDocument();
+-            var indexHtmlPath = Path.Combine(Directory.GetCurrentDirectory(), "wwwroot", "index.html");
++            var indexHtmlPath = Path.Combine("@webroot@", "index.html");
+             htmlDoc.Load(indexHtmlPath);
+ 
+             var baseNode = htmlDoc.DocumentNode.SelectSingleNode("/html/head/base");

pkgs/servers/web-apps/kavita/default.nix

@@ -10,13 +10,13 @@
 
 stdenvNoCC.mkDerivation (finalAttrs: {
   pname = "kavita";
-  version = "0.7.1.4";
+  version = "0.7.13";
 
   src = fetchFromGitHub {
     owner = "kareadita";
     repo = "kavita";
     rev = "v${finalAttrs.version}";
-    hash = "sha256-jNhiwyz6iVSLlvMNjI689TwQYuEvTJ+QaPvvDQ4UOwc=";
+    hash = "sha256-S4lJTLxNjGmgBJt89i3whBglMU2EQ0VelLG6iP6bY8g=";
   };
 
   backend = buildDotnetModule {
@@ -25,18 +25,21 @@ stdenvNoCC.mkDerivation (finalAttrs: {
 
     patches = [
       # The webroot is hardcoded as ./wwwroot
-      (substituteAll {
-        src = ./change-webroot.diff;
-        web_root = "${finalAttrs.frontend}/lib/node_modules/kavita-webui/dist";
-      })
+      ./change-webroot.diff
     ];
+    postPatch = ''
+      substituteInPlace API/Services/DirectoryService.cs --subst-var out
+
+      substituteInPlace API/Startup.cs API/Services/LocalizationService.cs API/Controllers/FallbackController.cs \
+        --subst-var-by webroot "${finalAttrs.frontend}/lib/node_modules/kavita-webui/dist/browser"
+    '';
 
     executables = [ "API" ];
 
     projectFile = "API/API.csproj";
     nugetDeps = ./nuget-deps.nix;
-    dotnet-sdk = dotnetCorePackages.sdk_6_0;
-    dotnet-runtime = dotnetCorePackages.aspnetcore_6_0;
+    dotnet-sdk = dotnetCorePackages.sdk_8_0;
+    dotnet-runtime = dotnetCorePackages.aspnetcore_8_0;
   };
 
   frontend =  buildNpmPackage {
@@ -48,7 +51,7 @@ stdenvNoCC.mkDerivation (finalAttrs: {
     npmBuildScript = "prod";
     npmFlags = [ "--legacy-peer-deps" ];
     npmRebuildFlags = [ "--ignore-scripts" ]; # Prevent playwright from trying to install browsers
-    npmDepsHash = "sha256-w0CuTPyCQyAxULvqd6+GiZaPlO8fh4xLmbEnGA47pL8=";
+    npmDepsHash = "sha256-jseoczC2Ay3D1wDUZbWXTYQJGSWdgobJ3+Z1bp+PQG4=";
   };
 
   dontBuild = true;
@@ -64,7 +67,10 @@ stdenvNoCC.mkDerivation (finalAttrs: {
     runHook postInstall
   '';
 
-  passthru.tests = { inherit (nixosTests) kavita; };
+  passthru = {
+    tests = { inherit (nixosTests) kavita; };
+    updateScript = ./update.sh;
+  };
 
   meta = {
     description = "A fast, feature rich, cross platform reading server";
@@ -72,7 +78,7 @@ stdenvNoCC.mkDerivation (finalAttrs: {
     changelog = "https://github.com/kareadita/kavita/releases/tag/${finalAttrs.src.rev}";
     license = lib.licenses.gpl3Only;
     platforms = lib.platforms.linux;
-    maintainers = with lib.maintainers; [ misterio77 ];
+    maintainers = with lib.maintainers; [ misterio77 nevivurn ];
     mainProgram = "kavita";
   };
 })

pkgs/servers/web-apps/kavita/nuget-deps.nix

@@ -2,42 +2,39 @@
 # Please dont edit it manually, your changes might get overwritten!
 
 { fetchNuGet }: [
-  (fetchNuGet { pname = "AutoMapper"; version = "12.0.0"; sha256 = "014r8kff1hw2k7q6979h4f333sr1lh367lmgx4iny2v3k93s7d7x"; })
-  (fetchNuGet { pname = "AutoMapper.Extensions.Microsoft.DependencyInjection"; version = "12.0.0"; sha256 = "1l17sby8l1ixn008y17wi98h74af7zmpann9kfzvqr4p0z7lg86m"; })
-  (fetchNuGet { pname = "CsvHelper"; version = "30.0.1"; sha256 = "0v01s672zcrd3fjwzh14dihbal3apzyg3dc80k05a90ljk8yh9wl"; })
-  (fetchNuGet { pname = "Docnet.Core"; version = "2.4.0-alpha.4"; sha256 = "1giv20m5gi03ybhgs10fim1k3amfc7k0iz6bwb14gw0qcnh63mhy"; })
+  (fetchNuGet { pname = "AutoMapper"; version = "12.0.1"; sha256 = "0s0wjl4ck3sal8a50x786wxs9mbca7bxaqk3558yx5wpld4h4z3b"; })
+  (fetchNuGet { pname = "AutoMapper.Extensions.Microsoft.DependencyInjection"; version = "12.0.1"; sha256 = "0gjsjgfmfa3xx773idh7nxly4mz9ragiy0dqsc9xfzy7b5mlzw91"; })
+  (fetchNuGet { pname = "Docnet.Core"; version = "2.6.0"; sha256 = "1b1nj984ly4zgj28fri1a6ych9sdiacxkms8pvzsclvyxkf0ri8m"; })
   (fetchNuGet { pname = "DotNet.Glob"; version = "3.1.3"; sha256 = "1klgj9m7i3g8x1yj96wnikvf0hlvr6rhqhl4mgis08imcrl95qg6"; })
-  (fetchNuGet { pname = "ExCSS"; version = "4.1.0"; sha256 = "1dbnl1dgkkwcrls9nw63xsjph14f3xx134dksbcjak3k3ynbnl6v"; })
+  (fetchNuGet { pname = "EasyCaching.Core"; version = "1.9.2"; sha256 = "0qkzaxmn899hhfh32s8mhg3zcqqy2p05kaaldz246nram5gvf7qp"; })
+  (fetchNuGet { pname = "EasyCaching.InMemory"; version = "1.9.2"; sha256 = "0ifcnmd3hqy44jvfwy3zzjccsxqalfv6clmj0clp9yln3js51awq"; })
+  (fetchNuGet { pname = "ExCSS"; version = "4.2.4"; sha256 = "04x3kaiywnjih8vrg5qafwvzgcsvshay8v3i2lv2ddkl6lnawh5n"; })
   (fetchNuGet { pname = "Flurl"; version = "3.0.6"; sha256 = "1y82lbag0gkfpj361psk5761hn7k0zmrp9cpdvnjyp75bdimiaiy"; })
+  (fetchNuGet { pname = "Flurl"; version = "3.0.7"; sha256 = "1i56774jsy2qlk573vzvcpjh5hf22yrhxs694j1c4gwggarnqz16"; })
   (fetchNuGet { pname = "Flurl.Http"; version = "3.2.4"; sha256 = "0vp5a1rrfi28in775d7fac96rcrikzjd2gbz0k3p925y1f2wlw5k"; })
-  (fetchNuGet { pname = "Hangfire"; version = "1.7.31"; sha256 = "1c02nrg16pm5aypvlnddyj6zds4sj59qrhc980d9y5gf7nx72kjl"; })
-  (fetchNuGet { pname = "Hangfire.AspNetCore"; version = "1.7.31"; sha256 = "0shfgqphjyb61djvrssnf2npbid236lbdpfvsznsl5hga9x3bdah"; })
+  (fetchNuGet { pname = "Hangfire"; version = "1.8.7"; sha256 = "11ygahx9bjd1y33cmihk5h7aggwcm7hvnzkg11cq066mrcrlzqr9"; })
+  (fetchNuGet { pname = "Hangfire.AspNetCore"; version = "1.8.7"; sha256 = "0lwvvk3d0rbghdk3k7r1z9a7hi6yagxynmzlp5bmb8raw5qx7q13"; })
   (fetchNuGet { pname = "Hangfire.Core"; version = "1.6.1"; sha256 = "0rg4lzzckscck9gvjqhcn1yq9qymfs4dfkv6fwgnklyfpvxmsqbq"; })
   (fetchNuGet { pname = "Hangfire.Core"; version = "1.6.17"; sha256 = "0kr2hjnl9c4dpk4kf95jxcgsxalvixfm6xis37qn5ja9n9ygqans"; })
-  (fetchNuGet { pname = "Hangfire.Core"; version = "1.7.0"; sha256 = "0yy9z7zssqysyp73phg6p5p1lva56d1vh9r825dn6w26jxdrlz21"; })
-  (fetchNuGet { pname = "Hangfire.Core"; version = "1.7.31"; sha256 = "13jfgd9x7a63yqs0b7y9jnkwi1jwq7h2mp8cxp0bzn3xk8w45kqi"; })
-  (fetchNuGet { pname = "Hangfire.Core"; version = "1.7.6"; sha256 = "19rfwpq714fybxara6vsr3r0h0wgnzrrvhqlhprh5lvgv15z9glm"; })
-  (fetchNuGet { pname = "Hangfire.InMemory"; version = "0.3.4"; sha256 = "1afrvxw6z0a78wrrv4mzrn86pvwr9zy97cwfs2k7s1aq5wp655r8"; })
+  (fetchNuGet { pname = "Hangfire.Core"; version = "1.8.0"; sha256 = "047g50s2nz32dnpqm9lnsvpgz8g3azip2mpc6s15wb78b8c9s48n"; })
+  (fetchNuGet { pname = "Hangfire.Core"; version = "1.8.7"; sha256 = "0f5l55sbw0shp0l9zv2h98l8ghvvhgdgqqwcq3rdlpapcv0w3z5j"; })
+  (fetchNuGet { pname = "Hangfire.InMemory"; version = "0.7.0"; sha256 = "0c6icc14kw5lybk2fqprks37vs3sv4j1acn8z12p3b62cxc2a3bb"; })
   (fetchNuGet { pname = "Hangfire.MaximumConcurrentExecutions"; version = "1.1.0"; sha256 = "181147h5dsbml58ffq1jc7k6012fahi0n20wply9gmn6v1dh8h66"; })
   (fetchNuGet { pname = "Hangfire.MemoryStorage.Core"; version = "1.4.0"; sha256 = "1hw8dlclxgg21ay1pqj9mxxm3alm03k9wxaz055lb14w3nzyma3c"; })
-  (fetchNuGet { pname = "Hangfire.SqlServer"; version = "1.7.31"; sha256 = "1hjln8jnp3ysv525c7cm31z0jpxgvncn3isi57mjalax0pjsl5hb"; })
-  (fetchNuGet { pname = "Hangfire.Storage.SQLite"; version = "0.3.2"; sha256 = "05w8la0zyh6lvgw98lwh1jaqxj0h9720jz5fc3bl4gaxnxfw17y2"; })
-  (fetchNuGet { pname = "HtmlAgilityPack"; version = "1.11.46"; sha256 = "0yx0xgbbzd6fdyslf7pc37bxk4hfkj1c7359ibqwmapv9aby7lm2"; })
-  (fetchNuGet { pname = "Humanizer.Core"; version = "2.8.26"; sha256 = "1v8xd12yms4qq1md4vh6faxicmqrvahqdd7sdkyzrphab9v44nsm"; })
+  (fetchNuGet { pname = "Hangfire.NetCore"; version = "1.8.7"; sha256 = "09p53pm7z3v549w7bb85qf66wg62nx0gxy6rgkgk2lbyabacyi1a"; })
+  (fetchNuGet { pname = "Hangfire.SqlServer"; version = "1.8.7"; sha256 = "0kzddl3r5rxx1m95skj7hkimzkz9x57b51bhkq1yhvchjd9j5wzj"; })
+  (fetchNuGet { pname = "Hangfire.Storage.SQLite"; version = "0.4.0"; sha256 = "0kyyisvvx8m40wmfay1kcrzqwr3hhdlkppadkwsgk0r892d5drqw"; })
+  (fetchNuGet { pname = "HtmlAgilityPack"; version = "1.11.57"; sha256 = "0brswm659d2vb11021z7xylljlnaf344yf5q093bqxyhbxva8ijq"; })
+  (fetchNuGet { pname = "Humanizer.Core"; version = "2.14.1"; sha256 = "1ai7hgr0qwd7xlqfd92immddyi41j3ag91h3594yzfsgsy6yhyqi"; })
   (fetchNuGet { pname = "MarkdownDeep.NET.Core"; version = "1.5.0.4"; sha256 = "0cpshs1lwmyyg40lvnf4b9s1z7yaw6s4a0341qr4ww40791gzvrl"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Ref"; version = "6.0.16"; sha256 = "1v02j1i139a8x32hgi1yhcpp754xi0sg5b7iqzmslvinfg3b7dwn"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-arm64"; version = "6.0.16"; sha256 = "0c6ys204024yi6wh6jyyvkv60f877nzlmzl6np30w9a3nxlavnhw"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.linux-x64"; version = "6.0.16"; sha256 = "1xdhn8v8y947kw29npck1h9qaw8rj81q7a0qwawpc2200ds96n40"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.osx-arm64"; version = "6.0.16"; sha256 = "1p84za2cxyxxbkgxhfnmdarkz64dacx9f52jplrfs9rgl19anan4"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.App.Runtime.osx-x64"; version = "6.0.16"; sha256 = "1i26fssv17w3kcaqwk5w2aq03jdijhrfl0xp0q5s68j7i4wrlv6l"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Authentication.Abstractions"; version = "2.2.0"; sha256 = "0vj7fhpk0d95nkkxz4q0rma6pb4ym96mx6nms4603y0l19h0k5yh"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.Authentication.JwtBearer"; version = "6.0.10"; sha256 = "0prhz63lakq9vihdppb6k1q9ix2crzbcfpkxbks698cirh9pbxmn"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.Authentication.OpenIdConnect"; version = "6.0.10"; sha256 = "0vpw55k7w2ha9nrffabq4mhik54y93bbf9hk99klaxnirnxhrjqh"; })
+  (fetchNuGet { pname = "Microsoft.AspNetCore.Authentication.JwtBearer"; version = "8.0.1"; sha256 = "0519873g49gdbhnqizgxlikifcgswr09ybrh0wcwhbwiqnx49dg9"; })
+  (fetchNuGet { pname = "Microsoft.AspNetCore.Authentication.OpenIdConnect"; version = "8.0.1"; sha256 = "0n9x563ihvkp7cncwzlnyzm6zwxm6nsm8hv0j6f66jv7vzmcsq0q"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Authorization"; version = "2.2.0"; sha256 = "1mpq8pmxlxfa625k2ghv6xcyy2wdpwv56xzya9mvmlnh50h1i8rx"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Authorization.Policy"; version = "2.2.0"; sha256 = "1d1zh65kfjf81j21ssmhr465vx08bra8424vgnrb22gdx03mhwd2"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Connections.Abstractions"; version = "2.2.0"; sha256 = "1rl94r8b0zq14f3dhfnvfjj1ivr81iw9zh5kdgs3zkdv0xc9x21j"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.Cryptography.Internal"; version = "6.0.10"; sha256 = "1jlhgrzm4pv9yigif1khrqkc7hk4v8lz657hfiqvvih32xm13c1w"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.Cryptography.KeyDerivation"; version = "6.0.10"; sha256 = "1k6j5mm7cbqljr0x6qks0359r5r33mw4a0mpanfqc1sd3i3x465y"; })
+  (fetchNuGet { pname = "Microsoft.AspNetCore.Cryptography.Internal"; version = "8.0.1"; sha256 = "1gc2y4v1cvayy2fai02gsv1z6fr58kxb5jnmbjqxnd0zf49m88j7"; })
+  (fetchNuGet { pname = "Microsoft.AspNetCore.Cryptography.KeyDerivation"; version = "8.0.1"; sha256 = "0fnvim0rmiw9jm8xvajb5b9w4wawp95szy2dfh2aw1n8jgzs207x"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Hosting.Abstractions"; version = "2.2.0"; sha256 = "043k651vbfshh3s997x42ymj8nb32419m7q3sjw5q2c27anrhfhv"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Hosting.Server.Abstractions"; version = "2.2.0"; sha256 = "0nz73bwrvhc1n7gd7xxm3p5ww2wx9qr9m9i43y20gh0c54adkygh"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Http"; version = "2.2.0"; sha256 = "1fcrafpa57sab3as18idqknzlxkx49n4sxzlzik3sj6pcji5j17q"; })
@@ -46,7 +43,7 @@
   (fetchNuGet { pname = "Microsoft.AspNetCore.Http.Connections.Common"; version = "1.1.0"; sha256 = "0x3hq0d3bs6n46nfvbd5n4cgi6m4yjfsf3k25xjcc8gcj66072iy"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Http.Extensions"; version = "2.2.0"; sha256 = "118gp1mfb8ymcvw87fzgjqwlc1d1b0l0sbfki291ydg414cz3dfn"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Http.Features"; version = "2.2.0"; sha256 = "0xrlq8i61vzhzzy25n80m7wh2kn593rfaii3aqnxdsxsg6sfgnx1"; })
-  (fetchNuGet { pname = "Microsoft.AspNetCore.Identity.EntityFrameworkCore"; version = "6.0.10"; sha256 = "0zdgc7336lh562p8cy03wk8aawk5ngyzgbalbrqfbzf4graawsna"; })
+  (fetchNuGet { pname = "Microsoft.AspNetCore.Identity.EntityFrameworkCore"; version = "8.0.1"; sha256 = "08pnswpz17pfr923p9iv6imgzb8yfhsi4g31lxrhzglagahv4hiy"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Routing"; version = "2.2.0"; sha256 = "12kv602j2rxp43l1v3618yz3pdd7hqc3r98ya0bqz6y2ppvhbyws"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.Routing.Abstractions"; version = "2.2.0"; sha256 = "0d9wwz1rsh1fslbv1y72jpkvqv2v9n28rl3vslcg0x74lp2678ly"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.SignalR"; version = "1.1.0"; sha256 = "16p01hxcrpj7iiwcqmwjfmciyisxp1mr0qa1wcx1ja4i0m0g292l"; })
@@ -55,106 +52,101 @@
   (fetchNuGet { pname = "Microsoft.AspNetCore.SignalR.Protocols.Json"; version = "1.1.0"; sha256 = "0zcyb3brzpw03f7vgkc3450izpvjgy0kjkgkp1mi9bc76xrvv094"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.WebSockets"; version = "2.2.0"; sha256 = "0hii6kd45xhswjwakhzm8wqxr10l959cch6h2w0x0ika3315a6b3"; })
   (fetchNuGet { pname = "Microsoft.AspNetCore.WebUtilities"; version = "2.2.0"; sha256 = "0cs1g4ing4alfbwyngxzgvkrv7z964isv1j9dzflafda4p0wxmsi"; })
+  (fetchNuGet { pname = "Microsoft.Bcl.AsyncInterfaces"; version = "6.0.0"; sha256 = "15gqy2m14fdlvy1g59207h5kisznm355kbw010gy19vh47z8gpz3"; })
+  (fetchNuGet { pname = "Microsoft.CodeAnalysis.Analyzers"; version = "3.3.3"; sha256 = "09m4cpry8ivm9ga1abrxmvw16sslxhy2k5sl14zckhqb1j164im6"; })
+  (fetchNuGet { pname = "Microsoft.CodeAnalysis.Common"; version = "4.5.0"; sha256 = "0hjzca7v3qq4wqzi9chgxzycbaysnjgj28ps20695x61sia6i3da"; })
+  (fetchNuGet { pname = "Microsoft.CodeAnalysis.CSharp"; version = "4.5.0"; sha256 = "1l6v0ii5lapmfnfpjwi3j5bwlx8v9nvyani5pwvqzdfqsd5m7mp5"; })
+  (fetchNuGet { pname = "Microsoft.CodeAnalysis.CSharp.Workspaces"; version = "4.5.0"; sha256 = "0skg5a8i4fq6cndxcjwciai808p0zpqz9kbvck94mcywfzassv1a"; })
+  (fetchNuGet { pname = "Microsoft.CodeAnalysis.Workspaces.Common"; version = "4.5.0"; sha256 = "1wjwsrnn5frahqciwaxsgalv80fs6xhqy6kcqy7hcsh7jrfc1kjq"; })
   (fetchNuGet { pname = "Microsoft.CSharp"; version = "4.0.1"; sha256 = "0zxc0apx1gcx361jlq8smc9pfdgmyjh6hpka8dypc9w23nlsh6yj"; })
-  (fetchNuGet { pname = "Microsoft.CSharp"; version = "4.5.0"; sha256 = "01i28nvzccxbqmiz217fxs6hnjwmd5fafs37rd49a6qp53y6623l"; })
   (fetchNuGet { pname = "Microsoft.CSharp"; version = "4.7.0"; sha256 = "0gd67zlw554j098kabg887b5a6pq9kzavpa3jjy5w53ccjzjfy8j"; })
-  (fetchNuGet { pname = "Microsoft.Data.Sqlite.Core"; version = "6.0.10"; sha256 = "1sdh5rw2pyg6c64z0haxf57bakd5kwaav624vlqif1m59iz26rag"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore"; version = "6.0.10"; sha256 = "014varyy877kxzgqp9bl9l81avz8dr34hn4ad23qr17lvllchk95"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Abstractions"; version = "6.0.10"; sha256 = "1w93zr8z1f3yn6ygxnlbly8spz3jr77v0h9ky596gpvfg46wi5fd"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Analyzers"; version = "6.0.10"; sha256 = "0wvkgrmxgjnqv2kc69n44wsy129f09951a8dh7d4vjbi5f5jcx12"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Design"; version = "6.0.10"; sha256 = "0pwah00gbm7rycsvjp4yaph9wjxnh14lzlds2r8v2smw0zwzp9da"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Relational"; version = "6.0.10"; sha256 = "11b2ibj5sgj8mm708vm9ar8vqgzsx9j4rsxzzn3xnrqbjvfxpjal"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Sqlite"; version = "6.0.10"; sha256 = "0hv70ns69rgf029219jkasrw16j8609gnmi1zk7v2wgm8pxdsjdy"; })
-  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Sqlite.Core"; version = "6.0.10"; sha256 = "1s1wj12maw6kzfxzh1j2wrx5m1vwcsc411jq6zklqvrbw0r0ylyc"; })
+  (fetchNuGet { pname = "Microsoft.Data.Sqlite.Core"; version = "8.0.1"; sha256 = "1ippysjxq97vz4kd0jxiqbcamgd9xxb6n23ias5d4c7gbiwayz0z"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore"; version = "8.0.1"; sha256 = "1k1c63vkzr020q0pb6xxf29xlgxldnzhlqpmpq9fig85y73s84ds"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Abstractions"; version = "8.0.1"; sha256 = "1p8c2xfz8kgzswh9kq38mmy8qxfynnkywj9vwx15azbi8wcmh24x"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Analyzers"; version = "8.0.1"; sha256 = "0l0fi9kiinj021sfk85qds1rdzavpkl24sjyzfyb8q8jmj5l2i0n"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Design"; version = "8.0.1"; sha256 = "1y21lmbnq271q7q1vsq1z5gnz4fy89zca8qzm6bg2qfv8bgqqrny"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Relational"; version = "8.0.1"; sha256 = "12zmg196mpd0wacwyrckv6l5rl76dzmvr588i437xiwp0iyjcsh9"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Sqlite"; version = "8.0.1"; sha256 = "1igwxjmzgzkzyhmg5jbis6hynnzf5vfzl00h053si89h5m6vvhmb"; })
+  (fetchNuGet { pname = "Microsoft.EntityFrameworkCore.Sqlite.Core"; version = "8.0.1"; sha256 = "0zg7whf02jlpcs72ngiydwd2xwwlvz3nja0xnyxv4k4w56qs8qcj"; })
   (fetchNuGet { pname = "Microsoft.Extensions.ApiDescription.Server"; version = "6.0.5"; sha256 = "1pi2bm3cm0a7jzqzmfc2r7bpcdkmk3hhjfvb2c81j7wl7xdw3624"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Caching.Abstractions"; version = "6.0.0"; sha256 = "0qn30d3pg4rx1x2k525jj4x5g1fxm2v5m0ksz2dmk1gmqalpask8"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Caching.Memory"; version = "6.0.1"; sha256 = "0ra0ldbg09r40jzvfqhpb3h42h80nafvka9hg51dja32k3mxn5gk"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration"; version = "2.0.0"; sha256 = "0yssxq9di5h6xw2cayp5hj3l9b2p0jw9wcjz73rwk4586spac9s9"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration"; version = "6.0.0"; sha256 = "1zdyai2rzngmsp3706d12qrdk315c1s3ja218fzb3nc3wd1vz0s8"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "2.0.0"; sha256 = "1ilz2yrgg9rbjyhn6a5zh9pr51nmh11z7sixb4p7vivgydj9gxwf"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Caching.Abstractions"; version = "8.0.0"; sha256 = "04m6ywsf9731z24nfd14z0ah8xl06619ba7mkdb4vg8h5jpllsn4"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Caching.Memory"; version = "8.0.0"; sha256 = "0bv8ihd5i2gwr97qljwf56h8mdwspmlw0zs64qyk608fb3ciwi25"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration"; version = "8.0.0"; sha256 = "080kab87qgq2kh0ijry5kfdiq9afyzb8s0k3jqi5zbbi540yq4zl"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "2.2.0"; sha256 = "1fv5277hyhfqmc0gqszyqb1ilwnijm8kc9606yia6hwr8pxyg674"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "3.1.8"; sha256 = "05mlbia6vag0a0zfflv1m3ix48230wx0yib5hp7zsc72jpcmjd7q"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "3.0.0"; sha256 = "0xdchxw63r8rh84zdjkv8i89lq4a7h5iwqw19vwjf0l5gavyz40q"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "6.0.0"; sha256 = "0w6wwxv12nbc3sghvr68847wc9skkdgsicrz3fx4chgng1i3xy0j"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Binder"; version = "2.0.0"; sha256 = "1prvdbma6r18n5agbhhabv6g357p1j70gq4m9g0vs859kf44nrgc"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Abstractions"; version = "8.0.0"; sha256 = "1jlpa4ggl1gr5fs7fdcw04li3y3iy05w3klr9lrrlc7v8w76kq71"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Binder"; version = "6.0.0"; sha256 = "15hb2rbzgri1fq8wpj4ll7czm3rxqzszs02phnhjnncp90m5rmpc"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.CommandLine"; version = "6.0.0"; sha256 = "1hb4qrq9xdxzh2px515pv1vkz1jigwaxw1hfg9w8s6pgl8z04l4c"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.EnvironmentVariables"; version = "6.0.1"; sha256 = "16xpqfzpcjk3mg70g5g2qrkhqf7rppah3q6dasdddbpikw43ni47"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.FileExtensions"; version = "6.0.0"; sha256 = "02nna984iwnyyz4jjh9vs405nlj0yk1g5vz4v2x30z2c89mx5f9w"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Json"; version = "6.0.0"; sha256 = "1c6l5szma1pdn61ncq1kaqibg0dz65hbma2xl626a8d1m6awn353"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.UserSecrets"; version = "6.0.1"; sha256 = "0faddzvkhjhsn9fp269r4sapjrahiynwlwakhzljfg3k94jfldk1"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection"; version = "6.0.0"; sha256 = "1wlhb2vygzfdjbdzy7waxblmrx0q3pdcqvpapnpmq9fcx5m8r6w1"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection"; version = "6.0.1"; sha256 = "0kl5ypidmzllyxb91gwy3z950dc416p1y8wikzbdbp0l7aaaxq2p"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Binder"; version = "8.0.0"; sha256 = "1m0gawiz8f5hc3li9vd5psddlygwgkiw13d7div87kmkf4idza8r"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.CommandLine"; version = "8.0.0"; sha256 = "026f7f2iv6ph2dc5rnslll0bly8qcx5clmh2nn9hgyqjizzc4qvy"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.EnvironmentVariables"; version = "8.0.0"; sha256 = "13qb8wz3k59ihq0mjcqz1kwrpyzxn5da4dhk2pvcgc42z9kcbf7r"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.FileExtensions"; version = "8.0.0"; sha256 = "1jrmlfzy4h32nzf1nm5q8bhkpx958b0ww9qx1k1zm4pyaf6mqb04"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.Json"; version = "8.0.0"; sha256 = "1n3ss26v1lq6b69fxk1vz3kqv9ppxq8ypgdqpd7415xrq66y4bqn"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Configuration.UserSecrets"; version = "8.0.0"; sha256 = "1br01zhzhnxjzqx63bxd25x48y9xs69hcs71pjni8y9kl50zja7z"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection"; version = "8.0.0"; sha256 = "0i7qziz0iqmbk8zzln7kx9vd0lbx1x3va0yi3j1bgkjir13h78ps"; })
   (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "2.0.0"; sha256 = "1pwrfh9b72k9rq6mb2jab5qhhi225d5rjalzkapiayggmygc8nhz"; })
   (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "2.2.0"; sha256 = "1jyzfdr9651h3x6pxwhpfbb9mysfh8f8z1jvy4g117h9790r9zx5"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "3.1.8"; sha256 = "1vkhhyxpam3svbqkkxrcxh9h4r6h3vm76cdzmfqn7gbxgswc4y2w"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "3.0.0"; sha256 = "06s8j8v0w06f12jxw6vvsd0l5zqrmsvc3rr2gqx9z3gcq7mdnr3l"; })
   (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "3.1.9"; sha256 = "1l7ng71y18fwdlyq2ycl12hmv9wrf7k7knz2jwv9w9w7spmp8jv6"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "5.0.0"; sha256 = "17cz6s80va0ch0a6nqa1wbbbp3p8sqxb96lj4qcw67ivkp2yxiyj"; })
   (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "6.0.0"; sha256 = "1vi67fw7q99gj7jd64gnnfr4d2c0ijpva7g9prps48ja6g91x6a9"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyModel"; version = "3.0.0"; sha256 = "1cm0hycgb33mf1ja9q91wxi3gk13d1p462gdq7gndrya23hw2jm5"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "8.0.0"; sha256 = "1zw0bpp5742jzx03wvqc8csnvsbgdqi0ls9jfc5i2vd3cl8b74pg"; })
   (fetchNuGet { pname = "Microsoft.Extensions.DependencyModel"; version = "3.1.6"; sha256 = "13m2na8a5mglbbjjp0dxb8ifkf23grkyk1g8585mr7v6cbj098ac"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.DependencyModel"; version = "6.0.0"; sha256 = "08c4fh1n8vsish1vh7h73mva34g0as4ph29s4lvps7kmjb4z64nl"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.DependencyModel"; version = "8.0.0"; sha256 = "02jnx23hm1vid3yd9pw4gghzn6qkgdl5xfc5r0zrcxdax70rsh5a"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Diagnostics"; version = "8.0.0"; sha256 = "0ghwkld91k20hcbmzg2137w81mzzdh8hfaapdwckhza0vipya4kw"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Diagnostics.Abstractions"; version = "8.0.0"; sha256 = "15m4j6w9n8h0mj7hlfzb83hd3wn7aq1s7fxbicm16slsjfwzj82i"; })
   (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Abstractions"; version = "2.2.0"; sha256 = "1f83ffb4xjwljg8dgzdsa3pa0582q6b4zm0si467fgkybqzk3c54"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Abstractions"; version = "3.1.8"; sha256 = "0z173lsfypzjdx1a352svh1pgk7lgq2wpj5q60i1rgcrd3ib8b21"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Abstractions"; version = "6.0.0"; sha256 = "1fbqmfapxdz77drcv1ndyj2ybvd2rv4c9i9pgiykcpl4fa6dc65q"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Physical"; version = "6.0.0"; sha256 = "1ikc3kf325xig6njbi2aj5kmww4xlaq9lsrpc8v764fsm4x10474"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.FileSystemGlobbing"; version = "6.0.0"; sha256 = "09gyyv4fwy9ys84z3aq4lm9y09b7bd1d4l4gfdinmg0z9678f1a4"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Hosting"; version = "6.0.1"; sha256 = "11jwzzyryr6i2nwfcrs4rjv4qg0zmm15gaa882xk54ric3zc37ig"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Abstractions"; version = "3.0.0"; sha256 = "165l30n9mi9j3dv45rr4xx1dwg9z520yja22jcb7jw0lq0ic28j2"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Abstractions"; version = "8.0.0"; sha256 = "1idq65fxwcn882c06yci7nscy9i0rgw6mqjrl7362prvvsd9f15r"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.FileProviders.Physical"; version = "8.0.0"; sha256 = "05wxjvjbx79ir7vfkri6b28k8zl8fa6bbr0i7gahqrim2ijvkp6v"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.FileSystemGlobbing"; version = "8.0.0"; sha256 = "1igf2bqism22fxv7km5yv028r4rg12a4lki2jh4xg3brjkagiv7q"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Hosting"; version = "8.0.0"; sha256 = "1f2af5m1yny8b43251gsj75hjd9ixni1clcldy8cg91z1vxxm8dh"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Hosting.Abstractions"; version = "2.2.0"; sha256 = "1xc7xr1nq7akfahyl5in9iyxrygap2xi9nxh39rfm37sf8lk55v1"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Hosting.Abstractions"; version = "3.1.8"; sha256 = "1lc69rn259gd6y4rjy0hwrcfnhkr0y0ac8w4ldh6mpk073snfjq0"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Hosting.Abstractions"; version = "6.0.0"; sha256 = "1mwjx6li4a82nb589763whpnhf5hfy1bpv1dzqqvczb1lhxhzhlj"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Identity.Core"; version = "6.0.10"; sha256 = "1cqp9adfc0nzakykqdj7v2842sys910k64pmnklc2jrdn5chphba"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Identity.Stores"; version = "6.0.10"; sha256 = "01kzmgbyii2sxi89iv7fjvk1crqcnzkz7m6dvfjnhgx479fm8g68"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Hosting.Abstractions"; version = "3.0.0"; sha256 = "13ijaki0nzlvbwxjxb1hjhzj86jgn23nw34gdwp2l7bf3x2h4hw9"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Hosting.Abstractions"; version = "8.0.0"; sha256 = "00d5dwmzw76iy8z40ly01hy9gly49a7rpf7k7m99vrid1kxp346h"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Identity.Core"; version = "8.0.1"; sha256 = "0gf68x3zxbn3gxzdjmbfcqhm58ybxvpanl4pq8vs5g492qw7h24b"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Identity.Stores"; version = "8.0.1"; sha256 = "19c0by2r85jqz6pj8mnr047aasasr7fbzi3ih04gchj8la69ka5h"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Logging"; version = "2.0.0"; sha256 = "1jkwjcq1ld9znz1haazk8ili2g4pzfdp6i7r7rki4hg3jcadn386"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging"; version = "5.0.0"; sha256 = "1qa1l18q2jh9azya8gv1p8anzcdirjzd9dxxisb4911i9m1648i3"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Logging"; version = "6.0.0"; sha256 = "0fd9jii3y3irfcwlsiww1y9npjgabzarh33rn566wpcz24lijszi"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging"; version = "8.0.0"; sha256 = "0nppj34nmq25gnrg0wh1q22y4wdqbih4ax493f226azv8mkp9s1i"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "2.0.0"; sha256 = "1x5isi71z02khikzvm7vaschb006pqqrsv86ky1x08a4hir4s43h"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "2.2.0"; sha256 = "02w7hp6jicr7cl5p456k2cmrjvvhm6spg5kxnlncw3b72358m5wl"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "3.1.8"; sha256 = "0iq8py91xvma10rysq3dl29nxhmlgniad3cvafb4jg8iz52ym24h"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "5.0.0"; sha256 = "1yza38675dbv1qqnnhqm23alv2bbaqxp0pb7zinjmw8j2mr5r6wc"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "3.0.0"; sha256 = "0453382r1f39hgvw631lk1hx2kas8xa1xjr6xq4wshan8d62xgd7"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "6.0.0"; sha256 = "0b75fmins171zi6bfdcq1kcvyrirs8n91mknjnxy4c3ygi1rrnj0"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Configuration"; version = "2.0.0"; sha256 = "1kndzxrbxd6hh6zpas25xx096q2lablrdx5di79vsmkxf65996a9"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Configuration"; version = "6.0.0"; sha256 = "0plx785hk61arjxf0m3ywy9hl5nii25raj4523n3ql7mmv6hxqr1"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Console"; version = "6.0.0"; sha256 = "1383b0r33dzz0hrch9cqzzxr9vxr21qq0a5vnrpkfq71m2fky31d"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Debug"; version = "6.0.0"; sha256 = "0aql9kc45g2d6z1hmwr3p1a2qy9m3f36bds3054givsnpnis81wk"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.EventLog"; version = "6.0.0"; sha256 = "0j3g2k8sr99kr73w66yk4ghq469syyxzayq6fjfnjjgj1y7x05fl"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Logging.EventSource"; version = "6.0.0"; sha256 = "0ck8r63qal88349kkbj1i98fd8z9kcp41s13yyz8cpkygn15wq4g"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Abstractions"; version = "8.0.0"; sha256 = "1klcqhg3hk55hb6vmjiq2wgqidsl81aldw0li2z98lrwx26msrr6"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Configuration"; version = "8.0.0"; sha256 = "1d9b734vnll935661wqkgl7ry60rlh5p876l2bsa930mvfsaqfcv"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Console"; version = "8.0.0"; sha256 = "1mvp3ipw7k33v2qw2yrvc4vl5yzgpk3yxa94gg0gz7wmcmhzvmkd"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.Debug"; version = "8.0.0"; sha256 = "1h7mg97lj0ss47kq7zwnihh9c6xcrkwrr8ffhc16qcsrh36sg6q0"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.EventLog"; version = "8.0.0"; sha256 = "05vfrxw7mlwlwhsl6r4yrhxk3sd8dv5sl0hdlcpgw62n53incw5x"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Logging.EventSource"; version = "8.0.0"; sha256 = "0gbjll6p03rmw0cf8fp0p8cxzn9awmzv8hvnyqbczrkax5h7p94i"; })
   (fetchNuGet { pname = "Microsoft.Extensions.ObjectPool"; version = "2.2.0"; sha256 = "0n1q9lvc24ii1shzy575xldgmz7imnk4dswwwcgmzz93klri9r1z"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "2.0.0"; sha256 = "0g4zadlg73f507krilhaaa7h0jdga216syrzjlyf5fdk25gxmjqh"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "2.2.0"; sha256 = "1b20yh03fg4nmmi3vlf6gf13vrdkmklshfzl3ijygcs4c2hly6v0"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "5.0.0"; sha256 = "1rdmgpg770x8qwaaa6ryc27zh93p697fcyvn5vkxp0wimlhqkbay"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "6.0.0"; sha256 = "008pnk2p50i594ahz308v81a41mbjz9mwcarqhmrjpl2d20c868g"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Options.ConfigurationExtensions"; version = "2.0.0"; sha256 = "1isc3rjbzz60f7wbmgcwslx5d10hm5hisnk7v54vfi2bz7132gll"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "8.0.0"; sha256 = "0p50qn6zhinzyhq9sy5svnmqqwhw2jajs2pbjh9sah504wjvhscz"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Options"; version = "8.0.1"; sha256 = "01jsya858i861x6d7qbl3wlr0gp2y7x2m4q6f1r743w360z8zgpn"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Options.ConfigurationExtensions"; version = "6.0.0"; sha256 = "1k6q91vrhq1r74l4skibn7wzxzww9l74ibxb2i8gg4q6fzbiivba"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Options.ConfigurationExtensions"; version = "8.0.0"; sha256 = "04nm8v5a3zp0ill7hjnwnja3s2676b4wffdri8hdk2341p7mp403"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "2.0.0"; sha256 = "1xppr5jbny04slyjgngxjdm0maxdh47vq481ps944d7jrfs0p3mb"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "2.2.0"; sha256 = "0znah6arbcqari49ymigg3wiy2hgdifz8zsq8vdc3ynnf45r7h0c"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "3.1.8"; sha256 = "1p48hk3r9ikv36wdpwdrbvaccziazncf7nl60fr82i04199lfhgl"; })
-  (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "5.0.0"; sha256 = "0swqcknyh87ns82w539z1mvy804pfwhgzs97cr3nwqk6g5s42gd6"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "3.0.0"; sha256 = "1d89yybxm7c30h5w79psybmpvy0pw7ha9r0y70f7i0kxgp8n62bk"; })
   (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "6.0.0"; sha256 = "1kjiw6s4yfz9gm7mx3wkhp06ghnbs95icj9hi505shz9rjrg42q2"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Abstractions"; version = "6.24.0"; sha256 = "06hdlj8j3ckhr2jglcfwmazlqbcnwqb10c86vwnwmiv6czrl9m2b"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.JsonWebTokens"; version = "6.24.0"; sha256 = "1lxfbjcvqdk9aircy30jrwsjfr0dwn334shis0k3x0qag3ynp180"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Logging"; version = "6.10.0"; sha256 = "0fg742czl8rz6ljh6gscv6sck2f8dfgrig3j76ihzrnayd0hjvyf"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Logging"; version = "6.24.0"; sha256 = "07l8hfpd50gab12s8xiad8wi4ggr6v3pmv7b0zbff6i9yshp0lgj"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Protocols"; version = "6.10.0"; sha256 = "17cm3xpkp5rvfcx5d8bnsgc1mq52ky1fxv1h48dk1nafkkijg3zq"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Protocols.OpenIdConnect"; version = "6.10.0"; sha256 = "18n9d5qywvv5jc0iryxfasy3lwknf1zv76hz64656x39aprwdmm3"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Tokens"; version = "6.10.0"; sha256 = "1qlg5snjxzgwx7lwkszl6aziyzs2jbsr0xvbn1lhq2lq7gl07khy"; })
-  (fetchNuGet { pname = "Microsoft.IdentityModel.Tokens"; version = "6.24.0"; sha256 = "1rgxi6jkhm8nj8yby65v1b6x8fp655b92w2y7ly2fj385s0d5qgy"; })
-  (fetchNuGet { pname = "Microsoft.IO.RecyclableMemoryStream"; version = "2.2.1"; sha256 = "1nz1cv5dz0bg9snzig6fyaidb92b4ynfljj7l34vnqc9xbnqxv83"; })
+  (fetchNuGet { pname = "Microsoft.Extensions.Primitives"; version = "8.0.0"; sha256 = "0aldaz5aapngchgdr7dax9jw5wy7k7hmjgjpfgfv1wfif27jlkqm"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Abstractions"; version = "7.1.2"; sha256 = "01jdg8b1hi4nx5h1cn9baalfkp4y70kc2wf4lz77kw8w1fvrppa0"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Abstractions"; version = "7.2.0"; sha256 = "06r0hv7n4v1s751k2032frfh9hkfkxpi42rdz10llcay7lcqjjh6"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.JsonWebTokens"; version = "7.2.0"; sha256 = "17xbqb351xfnniwj2322xyaiajbdilihdp9j9knbr80d8rm62sv2"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Logging"; version = "7.1.2"; sha256 = "1yi7s2pm4f8vl6b0qck0nrfsrf1h4jwamznkzl75n1cwxpbdikp8"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Logging"; version = "7.2.0"; sha256 = "01zfbgg1vcqq36cg5sdrq0fy78fywm7m2v4a79011k5ng9g0ck7z"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Protocols"; version = "7.1.2"; sha256 = "0ql5b7472g7359b1pqh2lfm8s3lym9vyzj1xpvbhsv9syk9czrg8"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Protocols.OpenIdConnect"; version = "7.1.2"; sha256 = "06r9i1m6zhfbbx18p0drpcbswirlq7xg0wm3iqfjgzxyv053033h"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Tokens"; version = "7.1.2"; sha256 = "1q70c1ax9f5nggqp4g8nyfaz0481grsaxhp85cmjpmx8l3q35zx9"; })
+  (fetchNuGet { pname = "Microsoft.IdentityModel.Tokens"; version = "7.2.0"; sha256 = "17xi2sb041dkigkkvnbg0lb5r1i9gjxv2irncqycg60hl1fcp27l"; })
+  (fetchNuGet { pname = "Microsoft.IO.RecyclableMemoryStream"; version = "3.0.0"; sha256 = "1zl39k27r4zq75r1x1zr1yl4nzxpkxdnnv6dwd4qp0xr22my85aq"; })
   (fetchNuGet { pname = "Microsoft.Net.Http.Headers"; version = "2.2.0"; sha256 = "0w6lrk9z67bcirq2cj2ldfhnizc6id77ba6i30hjzgqjlyhh1gx5"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-arm64"; version = "6.0.16"; sha256 = "0iv5186gb778swka9ylzblwvr8pp7cmsvji5iiszrnfvk8c4n3ia"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Host.linux-x64"; version = "6.0.16"; sha256 = "1pv9arqbmxlh86rnx6nss2cl91hi22j83p66m4ahds34caykf32l"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Host.osx-arm64"; version = "6.0.16"; sha256 = "01f98kkq8p3xll4mh6ck8ljgs3k5psv5z7mys7kpvk7lvag2svaa"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Host.osx-x64"; version = "6.0.16"; sha256 = "19ffmw131b8kv7l5pmwi4358j5xhla48qdyn6jv9fznffcsxfgzc"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Ref"; version = "6.0.16"; sha256 = "1w89n5grnxdis0wclfimi9ij8g046yrw76rhmcp8l57xm8nl21yj"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-arm64"; version = "6.0.16"; sha256 = "10dlkzk61nnnw6f5rr1lmrws2p4hvbpkswm3209w45z350n9nlpy"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.linux-x64"; version = "6.0.16"; sha256 = "1fjrc1l7ihal93ybxqzlxrs7vdqb9jhkabh2acwrmlh7q5197vn2"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.osx-arm64"; version = "6.0.16"; sha256 = "0jsfjp32z08pgi82blcrhmf5ipkhlg1kld8jmr7znzgv0kic8xyh"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.App.Runtime.osx-x64"; version = "6.0.16"; sha256 = "0gghxcr32mri7235f41w5ngdxrw85q28nd7d57hmzj72cv93yxb3"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Jit"; version = "1.0.2"; sha256 = "0jaan2wmg80lr0mhgfy70kb5cqjwv1a2ikmxgd0glpcxp7wr7pag"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "1.0.1"; sha256 = "01al6cfxp68dscl15z7rxfw9zvhm64dncsw09a1vmdkacsa2v6lr"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "1.1.0"; sha256 = "08vh1r12g6ykjygq5d3vq09zylgb84l63k49jc4v8faw9g93iqqm"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "2.0.0"; sha256 = "1fk2fk2639i7nzy58m9dvpdnzql4vb8yl8vr19r2fp8lmj9w2jr0"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "2.1.2"; sha256 = "1507hnpr9my3z4w1r6xk5n0s1j3y6a2c2cnynj76za7cphxi1141"; })
-  (fetchNuGet { pname = "Microsoft.NETCore.Platforms"; version = "5.0.0"; sha256 = "0mwpwdflidzgzfx2dlpkvvnkgkr2ayaf0s80737h4wa35gaj11rc"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Portable.Compatibility"; version = "1.0.1"; sha256 = "1qwar1jv2pwl354bbi75rvcjz27rrk0z0vzgx8h4f1ypn2m5h3f5"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Runtime.CoreCLR"; version = "1.0.2"; sha256 = "1hxgsjyzh7hdgd34xwpn5s2myy1b1y9ms7xhvs6mkb75wap49bpc"; })
   (fetchNuGet { pname = "Microsoft.NETCore.Targets"; version = "1.0.1"; sha256 = "0ppdkwy6s9p7x9jix3v4402wb171cdiibq7js7i13nxpdky7074p"; })
@@ -164,27 +156,29 @@
   (fetchNuGet { pname = "Microsoft.OpenApi"; version = "1.3.1"; sha256 = "0icds4jxz90v156vkbza1s1rqdf737glfddbllkp6y2zcnin99yv"; })
   (fetchNuGet { pname = "Microsoft.Win32.Primitives"; version = "4.0.1"; sha256 = "1n8ap0cmljbqskxpf8fjzn7kh1vvlndsa75k01qig26mbw97k2q7"; })
   (fetchNuGet { pname = "Microsoft.Win32.Primitives"; version = "4.3.0"; sha256 = "0j0c1wj4ndj21zsgivsc24whiya605603kxrbiw6wkfdync464wq"; })
-  (fetchNuGet { pname = "Microsoft.Win32.Registry"; version = "4.4.0"; sha256 = "088j2anh1rnkxdcycw5kgp97ahk7cj741y6kask84880835arsb6"; })
-  (fetchNuGet { pname = "Microsoft.Win32.SystemEvents"; version = "6.0.0"; sha256 = "0c6pcj088g1yd1vs529q3ybgsd2vjlk5y1ic6dkmbhvrp5jibl9p"; })
+  (fetchNuGet { pname = "Microsoft.Win32.SystemEvents"; version = "8.0.0"; sha256 = "05392f41ijgn17y8pbjcx535l1k09krnq3xdp60kyq568sn6xk2i"; })
+  (fetchNuGet { pname = "MimeTypeMapOfficial"; version = "1.0.17"; sha256 = "1l5d42pgfz4cpvgdyxf2crzyv7jycky5mhmrrl5501p3806i3r0y"; })
+  (fetchNuGet { pname = "Mono.TextTemplating"; version = "2.2.1"; sha256 = "1ih6399x4bxzchw7pq5195imir9viy2r1w702vy87vrarxyjqdp1"; })
+  (fetchNuGet { pname = "Nager.ArticleNumber"; version = "1.0.7"; sha256 = "1lfhr20527xhzql5nsn5c1s5as79haz9xcqan8pqsfk200hc27af"; })
   (fetchNuGet { pname = "NETStandard.Library"; version = "1.6.0"; sha256 = "0nmmv4yw7gw04ik8ialj3ak0j6pxa9spih67hnn1h2c38ba8h58k"; })
   (fetchNuGet { pname = "NETStandard.Library"; version = "1.6.1"; sha256 = "1z70wvsx2d847a2cjfii7b83pjfs34q05gb037fdjikv5kbagml8"; })
-  (fetchNuGet { pname = "NetVips"; version = "2.2.0"; sha256 = "10hqqzd84qa0yn9zcyzv8mcjh6g7g0xv0fc4binh92zw9a4g542p"; })
-  (fetchNuGet { pname = "NetVips.Native"; version = "8.13.1"; sha256 = "0yxci6zffy8kaz8dg85b2qw8zcjswmm56m5bvxaha1khbx1vpkz3"; })
-  (fetchNuGet { pname = "NetVips.Native.linux-arm"; version = "8.13.1"; sha256 = "0ypz0qslkmcd62n7z3y4yq16f9ybbnvka16bk7h72cv6bsdw9hzp"; })
-  (fetchNuGet { pname = "NetVips.Native.linux-arm64"; version = "8.13.1"; sha256 = "0wvh7rl1c56ipa1i6rh6nq80wvvl5bz2wswk219lyb2psd0vza3f"; })
-  (fetchNuGet { pname = "NetVips.Native.linux-musl-arm64"; version = "8.13.1"; sha256 = "0gj92wg76ynfx0kz8z26mg67aclyz0yn6xxp0g5mlj09kscbmikx"; })
-  (fetchNuGet { pname = "NetVips.Native.linux-musl-x64"; version = "8.13.1"; sha256 = "13hf0mij2gryn00701msamq5ijrdgv080ipm50gz80vb09l3ra2s"; })
-  (fetchNuGet { pname = "NetVips.Native.linux-x64"; version = "8.13.1"; sha256 = "1yx3mrp9n85fqpkgn43fv8ah9rcv301cn3ngkzy54rzlmlmf0qr2"; })
-  (fetchNuGet { pname = "NetVips.Native.osx-arm64"; version = "8.13.1"; sha256 = "1ifh9ic2g91kwsz7p1g4icw36rs0hjnd8dr1ahgrdb4nh5ap3vcc"; })
-  (fetchNuGet { pname = "NetVips.Native.osx-x64"; version = "8.13.1"; sha256 = "0ksgydiv8d63brsg2wkpc2dv88yz3kw2zzx0i0gfnwwn7vxsv1k9"; })
-  (fetchNuGet { pname = "NetVips.Native.win-arm64"; version = "8.13.1"; sha256 = "1qzfz5wys81dmf4v4l4gmx8syx7x26450fwp2dc8fh4m33910dqr"; })
-  (fetchNuGet { pname = "NetVips.Native.win-x64"; version = "8.13.1"; sha256 = "02x7n14w2iff5xvp340yc4j810mk3hnd8z8vl604r3ywwbaaykn2"; })
-  (fetchNuGet { pname = "NetVips.Native.win-x86"; version = "8.13.1"; sha256 = "1lzrqvmxqbm0y897bavl7pmfn2ywpjw6arfvj0v5i84y7glrp981"; })
+  (fetchNuGet { pname = "NetVips"; version = "2.4.0"; sha256 = "0q4ghm4d19hl6ilxvvmlgdffp3gjnkrirc5665lc85rvziw6xcx9"; })
+  (fetchNuGet { pname = "NetVips.Native"; version = "8.15.1"; sha256 = "1ah8frrady684nxf3w4iq6gjcmsrmhndhy6mcyrlsw2i4l4wf1lw"; })
+  (fetchNuGet { pname = "NetVips.Native.linux-arm"; version = "8.15.1"; sha256 = "0c4q5wwb7zmz8skzyyg6iag7qlxbc9pklzvi3qlml6c3qwv4b0mi"; })
+  (fetchNuGet { pname = "NetVips.Native.linux-arm64"; version = "8.15.1"; sha256 = "1dwjd780l1b1831x1ksiha0ds6414inwjxcl6mb5k3imzfzfck3a"; })
+  (fetchNuGet { pname = "NetVips.Native.linux-musl-arm64"; version = "8.15.1"; sha256 = "1md5dk905s28n8q2j6c5wp7zglzmcaqy4dim1qgillkk1651pqnl"; })
+  (fetchNuGet { pname = "NetVips.Native.linux-musl-x64"; version = "8.15.1"; sha256 = "1xwlwfidhwdnnw9c9dxag3y90h3l4n408jgq9v25ad8m441134zj"; })
+  (fetchNuGet { pname = "NetVips.Native.linux-x64"; version = "8.15.1"; sha256 = "1905sd6zf8qbsfdbh16i6c5f9dznqdgzhz1fywvjfspsbdj3hilp"; })
+  (fetchNuGet { pname = "NetVips.Native.osx-arm64"; version = "8.15.1"; sha256 = "03gj78ibggm32nr6qpiykq0h463y81rzsawfdp091ikbxmnm98c7"; })
+  (fetchNuGet { pname = "NetVips.Native.osx-x64"; version = "8.15.1"; sha256 = "0r0mqfk9i59nvj15wgzh2rymv6fl0liw5bdcgmk80bfsfjqsrv4d"; })
+  (fetchNuGet { pname = "NetVips.Native.win-arm64"; version = "8.15.1"; sha256 = "1l8qwdw03vbc4dkmvw2iyw7b8w0cm20mydgv6diby48q46g5xgcy"; })
+  (fetchNuGet { pname = "NetVips.Native.win-x64"; version = "8.15.1"; sha256 = "1vriqri1ppk8glmsyxb7cfcsi42kz6skpx5ggqkrxsfp9yz22x46"; })
+  (fetchNuGet { pname = "NetVips.Native.win-x86"; version = "8.15.1"; sha256 = "0p8166fsqmyzy5xvfy2raxp9h38m702mbqf9ab88vxig3i4rsxk8"; })
   (fetchNuGet { pname = "Newtonsoft.Json"; version = "11.0.1"; sha256 = "1z68j07if1xf71lbsrgbia52r812i2dv541sy44ph4dzjjp7pd4m"; })
   (fetchNuGet { pname = "Newtonsoft.Json"; version = "11.0.2"; sha256 = "1784xi44f4k8v1fr696hsccmwpy94bz7kixxqlri98zhcxn406b2"; })
   (fetchNuGet { pname = "Newtonsoft.Json"; version = "12.0.2"; sha256 = "0w2fbji1smd2y7x25qqibf1qrznmv4s6s0jvrbvr6alb7mfyqvh5"; })
   (fetchNuGet { pname = "Newtonsoft.Json"; version = "9.0.1"; sha256 = "0mcy0i7pnfpqm4pcaiyzzji4g0c8i3a5gjz28rrr28110np8304r"; })
-  (fetchNuGet { pname = "NReco.Logging.File"; version = "1.1.5"; sha256 = "1chvzhyvlnqswa1r1vbnk4h0as2f2dba3dnsldmmck7pb0vaj673"; })
+  (fetchNuGet { pname = "NReco.Logging.File"; version = "1.2.0"; sha256 = "0bqj9xygxg8bdhm467cmrpzigcikmadir1bq8p0rbfg0rg7ppd4a"; })
   (fetchNuGet { pname = "runtime.any.System.Collections"; version = "4.3.0"; sha256 = "0bv5qgm6vr47ynxqbnkc7i797fdi8gbjjxii173syrx14nmrkwg0"; })
   (fetchNuGet { pname = "runtime.any.System.Diagnostics.Tools"; version = "4.3.0"; sha256 = "1wl76vk12zhdh66vmagni66h5xbhgqq7zkdpgw21jhxhvlbcl8pk"; })
   (fetchNuGet { pname = "runtime.any.System.Diagnostics.Tracing"; version = "4.3.0"; sha256 = "00j6nv2xgmd3bi347k00m7wr542wjlig53rmj28pmw7ddcn97jbn"; })
@@ -207,7 +201,6 @@
   (fetchNuGet { pname = "runtime.fedora.24-x64.runtime.native.System.Security.Cryptography.OpenSsl"; version = "4.3.0"; sha256 = "0c2p354hjx58xhhz7wv6div8xpi90sc6ibdm40qin21bvi7ymcaa"; })
   (fetchNuGet { pname = "runtime.native.System"; version = "4.0.0"; sha256 = "1ppk69xk59ggacj9n7g6fyxvzmk1g5p4fkijm0d7xqfkig98qrkf"; })
   (fetchNuGet { pname = "runtime.native.System"; version = "4.3.0"; sha256 = "15hgf6zaq9b8br2wi1i3x0zvmk410nlmsmva9p0bbg73v6hml5k4"; })
-  (fetchNuGet { pname = "runtime.native.System.Data.SqlClient.sni"; version = "4.4.0"; sha256 = "15wnpyy506q3vyk1yzdjjf49zpdynr7ghh0x5fbz4pcc1if0p9ky"; })
   (fetchNuGet { pname = "runtime.native.System.IO.Compression"; version = "4.1.0"; sha256 = "0d720z4lzyfcabmmnvh0bnj76ll7djhji2hmfh3h44sdkjnlkknk"; })
   (fetchNuGet { pname = "runtime.native.System.IO.Compression"; version = "4.3.0"; sha256 = "1vvivbqsk6y4hzcid27pqpm5bsi6sc50hvqwbcx8aap5ifrxfs8d"; })
   (fetchNuGet { pname = "runtime.native.System.Net.Http"; version = "4.0.1"; sha256 = "1hgv2bmbaskx77v8glh7waxws973jn4ah35zysnkxmf0196sfxg6"; })
@@ -231,69 +224,73 @@
   (fetchNuGet { pname = "runtime.unix.System.Net.Sockets"; version = "4.3.0"; sha256 = "03npdxzy8gfv035bv1b9rz7c7hv0rxl5904wjz51if491mw0xy12"; })
   (fetchNuGet { pname = "runtime.unix.System.Private.Uri"; version = "4.3.0"; sha256 = "1jx02q6kiwlvfksq1q9qr17fj78y5v6mwsszav4qcz9z25d5g6vk"; })
   (fetchNuGet { pname = "runtime.unix.System.Runtime.Extensions"; version = "4.3.0"; sha256 = "0pnxxmm8whx38dp6yvwgmh22smknxmqs5n513fc7m4wxvs1bvi4p"; })
-  (fetchNuGet { pname = "runtime.win-arm64.runtime.native.System.Data.SqlClient.sni"; version = "4.4.0"; sha256 = "07byf1iyqb7jkb17sp0mmjk46fwq6fx8mlpzywxl7qk09sma44gk"; })
-  (fetchNuGet { pname = "runtime.win-x64.runtime.native.System.Data.SqlClient.sni"; version = "4.4.0"; sha256 = "0167s4mpq8bzk3y11pylnynzjr2nc84w96al9x4l8yrf34ccm18y"; })
-  (fetchNuGet { pname = "runtime.win-x86.runtime.native.System.Data.SqlClient.sni"; version = "4.4.0"; sha256 = "0k3rkfrlm9jjz56dra61jgxinb8zsqlqzik2sjwz7f8v6z6ddycc"; })
   (fetchNuGet { pname = "Scrutor"; version = "3.3.0"; sha256 = "0qdfbp73hbsiqbv0rg6f91hnp1j535iqk8bmp3ickwd7w337m1vi"; })
-  (fetchNuGet { pname = "Serilog"; version = "2.12.0"; sha256 = "0lqxpc96qcjkv9pr1rln7mi4y7n7jdi4vb36c2fv3845w1vswgr4"; })
-  (fetchNuGet { pname = "Serilog.AspNetCore"; version = "6.0.1"; sha256 = "1i3cs0dfba82x4m08i0h3wv53dnbx3j3lidsqd6flgfhk5y8q13q"; })
+  (fetchNuGet { pname = "Serilog"; version = "3.1.1"; sha256 = "0ck51ndmaqflsri7yyw5792z42wsp91038rx2i6vg7z4r35vfvig"; })
+  (fetchNuGet { pname = "Serilog.AspNetCore"; version = "8.0.0"; sha256 = "0g1scn1a5paiydxk1nnrwzzqny2vabc3hniy6jwjqycag6ch2pni"; })
   (fetchNuGet { pname = "Serilog.Enrichers.Thread"; version = "3.2.0-dev-00752"; sha256 = "0d0phxzdpc8xkbyd18s1dcv9xa22gqs2i2x5cpa9qzj0g8zwp641"; })
-  (fetchNuGet { pname = "Serilog.Extensions.Hosting"; version = "5.0.1"; sha256 = "11fs8qiikv3flpl6yhfrwflgvbdy62np7blx7nzcf6gx02zdgy1b"; })
+  (fetchNuGet { pname = "Serilog.Extensions.Hosting"; version = "8.0.0"; sha256 = "10cgp4nsrzkld5yxnvkfkwd0wkc1m8m7p5z42w4sqd8f188n8i9q"; })
   (fetchNuGet { pname = "Serilog.Extensions.Logging"; version = "3.0.1"; sha256 = "069qy7dm5nxb372ij112ppa6m99b4iaimj3sji74m659fwrcrl9a"; })
-  (fetchNuGet { pname = "Serilog.Extensions.Logging"; version = "3.1.0"; sha256 = "0lv370ks2fjdn1nsgkbzbmw6hybnincw3jabr471a5w39pp4fl1c"; })
-  (fetchNuGet { pname = "Serilog.Formatting.Compact"; version = "1.1.0"; sha256 = "1w3qhj1jrihb20gr9la4r4gcmdyyy6dai2xflwhzvgqrq05wlycy"; })
-  (fetchNuGet { pname = "Serilog.Settings.Configuration"; version = "3.4.0"; sha256 = "1l6fyy9y5a168i1mm107aqyrwzhqmpy0cp1v13l2b89yv8dc105j"; })
+  (fetchNuGet { pname = "Serilog.Extensions.Logging"; version = "8.0.0"; sha256 = "087ab94sfhkj6h6x3cwwf66g456704faxnfyc4pi6shxk45b318s"; })
+  (fetchNuGet { pname = "Serilog.Formatting.Compact"; version = "2.0.0"; sha256 = "0y7vg2qji02riq7r0kgybarhkngw6gh3xw89w7c2hcmjawd96x3k"; })
+  (fetchNuGet { pname = "Serilog.Settings.Configuration"; version = "8.0.0"; sha256 = "0245gvndwbj4nbp8q09vp7w4i9iddxr0vzda2c3ja5afz1zgs395"; })
   (fetchNuGet { pname = "Serilog.Sinks.AspNetCore.SignalR"; version = "0.4.0"; sha256 = "0sljv39dr8mfbxjzqzik6qa72rc48v9z1hny4j61381cscnank1a"; })
-  (fetchNuGet { pname = "Serilog.Sinks.Console"; version = "4.1.0"; sha256 = "1rpkphmqfh3bv3m7v1zwz88wz4sirj4xqyff9ga0c6bqhblj6wii"; })
+  (fetchNuGet { pname = "Serilog.Sinks.Console"; version = "5.0.1"; sha256 = "0cnjjpnnhlx3k4385dbnddkz3n6khdshjix0hlv4gjmrrmjaixva"; })
   (fetchNuGet { pname = "Serilog.Sinks.Debug"; version = "2.0.0"; sha256 = "1i7j870l47gan3gpnnlzkccn5lbm7518cnkp25a3g5gp9l0dbwpw"; })
   (fetchNuGet { pname = "Serilog.Sinks.File"; version = "5.0.0"; sha256 = "097rngmgcrdfy7jy8j7dq3xaq2qky8ijwg0ws6bfv5lx0f3vvb0q"; })
   (fetchNuGet { pname = "Serilog.Sinks.SignalR.Core"; version = "0.1.2"; sha256 = "16f86661vr7gw8xay1735y551p0z39mks7xagwxb8lxqxwmm4gzf"; })
-  (fetchNuGet { pname = "SharpCompress"; version = "0.32.2"; sha256 = "1p198bl08ia89rf4n6yjpacj3yrz6s574snsfl40l8vlqcdrc1pm"; })
-  (fetchNuGet { pname = "SixLabors.ImageSharp"; version = "2.1.3"; sha256 = "12qb0r7v2v91vw8q8ygr67y527gwhbas6d6zdvrv4ksxwjx9dzp9"; })
-  (fetchNuGet { pname = "SonarAnalyzer.CSharp"; version = "8.47.0.55603"; sha256 = "1rwrhag17zdwf96mw1c2cc0xk555w310c7gadlc4gqgaim0c2xdp"; })
-  (fetchNuGet { pname = "sqlite-net-pcl"; version = "1.7.335"; sha256 = "1wlgr2s7gij7pgm9f9vrb1mkiniwm2mqxzxqdkixc81n3d27q1qn"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.bundle_e_sqlite3"; version = "2.0.6"; sha256 = "1ip0a653dx5cqybxg27zyz5ps31f2yz50g3jvz3vx39isx79gax3"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.bundle_green"; version = "2.0.3"; sha256 = "1rhzih4i82mnxac0bhcjp657g8fx83b95n39lkfkyqjbf591jc3k"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.core"; version = "2.0.3"; sha256 = "0m7k63zbyplgydn27yhy79hwjg869ar90ygkzc64l537wkn93ri3"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.core"; version = "2.0.6"; sha256 = "1w4iyg0v1v1z2m7akq7rv8lsgixp2m08732vr14vgpqs918bsy1i"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.lib.e_sqlite3"; version = "2.0.3"; sha256 = "0s0v2da7jim23wkkdasww8zmjqr9v3w082mfii8nybmkr9x4zz6x"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.lib.e_sqlite3"; version = "2.0.6"; sha256 = "16378rh1lcqxynf5qj0kh8mrsb0jp37qqwg4285kqc5pknvh1bx3"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.provider.dynamic_cdecl"; version = "2.0.3"; sha256 = "14mrvriw05hqzplfwz98082n5jqizix500hdl3vkvkjg9qvprhpy"; })
-  (fetchNuGet { pname = "SQLitePCLRaw.provider.e_sqlite3"; version = "2.0.6"; sha256 = "0chgrqyycb1kqnaxnhhfg0850b94blhzni8zn79c7ggb3pd2ykyz"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore"; version = "6.4.0"; sha256 = "1jkgjnkjcb6dif0lzn7whjwwdd4fi6mzkmkdx8sfmv5cffzq4fvk"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Filters"; version = "7.0.6"; sha256 = "1wqm77sszmw7g5g8rmij5gw76ppr2j6zal24w4dhnf0wk8hqa8m6"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Filters.Abstractions"; version = "7.0.6"; sha256 = "0fd3f2m1hf01r3z2ag4x0mc3imc4psnnqds4pca2q8lhmmfpnrgx"; })
+  (fetchNuGet { pname = "SharpCompress"; version = "0.36.0"; sha256 = "164ikphk4glldr73l247cjb65v064md0ccccm06rh0zvjq5iqlph"; })
+  (fetchNuGet { pname = "SixLabors.ImageSharp"; version = "3.1.2"; sha256 = "0bc0753aczgw9mi9bcgly2x71w4adlr35krgf023vppc36809yhg"; })
+  (fetchNuGet { pname = "SonarAnalyzer.CSharp"; version = "9.17.0.82934"; sha256 = "1hk1fh8zp0ng6q29i2y17jdvbxxl3zgbzzag0dvap4wadqdpad1z"; })
+  (fetchNuGet { pname = "sqlite-net-pcl"; version = "1.8.116"; sha256 = "0h3s43pfjqgy9amrdj4d7p65hmys895hlkczj62wg974qb4z8l2y"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.bundle_e_sqlite3"; version = "2.1.6"; sha256 = "0pzgdfl707pd9fz108xaff22w7c2y27yaix6wfp36phqkdnzz43m"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.bundle_green"; version = "2.0.4"; sha256 = "1197ynpm4fl6il9vi0mi1s1pmw3rk3j0a05kwrxpqlfgp7iwhc22"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.core"; version = "2.0.4"; sha256 = "0lb5vwfl1hd24xzzdaj2p4k2hv2k0i3mgdri6fjj0ssb37mcyir1"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.core"; version = "2.1.6"; sha256 = "1w8zsgz2w2q0a9cw9cl1rzrpv48a04nhyq67ywan6xlgknds65a7"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.lib.e_sqlite3"; version = "2.0.4"; sha256 = "0kmx1w5qllmwxldr8338qxwmpfzc6g2lmyrah7wfaxd3mvfzky5c"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.lib.e_sqlite3"; version = "2.1.6"; sha256 = "0g959z7r3h43nwzm7z3jiib1xvyx146lxyv0x6fl8ll5wivpjyxq"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.provider.dynamic_cdecl"; version = "2.0.4"; sha256 = "084r98kilpm0q1aw41idq8slncpd7cz65g0m1wr0p8d12x8z5g6j"; })
+  (fetchNuGet { pname = "SQLitePCLRaw.provider.e_sqlite3"; version = "2.1.6"; sha256 = "1vs1c7yhi0mdqrd35ji289cxkhg7dxdnn6wgjjbngvqxkdhkyxyc"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore"; version = "6.5.0"; sha256 = "0k61chpz5j59s1yax28vx0mppx20ff8vg8grwja112hfrzj1f45n"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Filters"; version = "8.0.0"; sha256 = "13jiyn00cxslrgagkw69h6nxjxrrbyg3pwy8gj5iagk5x5gi6b6f"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Filters.Abstractions"; version = "8.0.0"; sha256 = "1sz2r45z2prglw3svrqy7xzl0z958yip71x6s97xrxsj776sqcf9"; })
   (fetchNuGet { pname = "Swashbuckle.AspNetCore.Swagger"; version = "5.0.0"; sha256 = "1341nv8nmh6avs3y7w2szzir5qd0bndxwrkdmvvj3hcxj1126w2f"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Swagger"; version = "6.4.0"; sha256 = "1wccx8ig2xc6xcfh774m5z34w6jn0hjffiwc5sq9yl63zkv01vnn"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore.Swagger"; version = "6.5.0"; sha256 = "1s6axf6fin8sss3bvzp0s039rxrx71vx4rl559miw12bz3lld8kc"; })
   (fetchNuGet { pname = "Swashbuckle.AspNetCore.SwaggerGen"; version = "5.0.0"; sha256 = "00swg2avqnb38q2bsxljd34n8rpknp74h9vbn0fdnfds3a32cqr4"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore.SwaggerGen"; version = "6.4.0"; sha256 = "1k58j6lfqcgrl5f7dw0xnbq6w5bvr42a9fc44vwbzl52kzjdlnh2"; })
-  (fetchNuGet { pname = "Swashbuckle.AspNetCore.SwaggerUI"; version = "6.4.0"; sha256 = "1rxgf0hbkkzywh8z7asky2rrh1gpnrr514v1aj5vnmh49sa31kiz"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore.SwaggerGen"; version = "6.5.0"; sha256 = "0hq93gy5vyrigpdk9lhqwxglxwkbxa8ydllwcqs4bwfcsspzrs83"; })
+  (fetchNuGet { pname = "Swashbuckle.AspNetCore.SwaggerUI"; version = "6.5.0"; sha256 = "17hx7kc187higm0gk67dndng3n7932sn3fwyj48l45cvyr3025h7"; })
   (fetchNuGet { pname = "System.AppContext"; version = "4.1.0"; sha256 = "0fv3cma1jp4vgj7a8hqc9n7hr1f1kjp541s6z0q1r6nazb4iz9mz"; })
   (fetchNuGet { pname = "System.AppContext"; version = "4.3.0"; sha256 = "1649qvy3dar900z3g817h17nl8jp4ka5vcfmsr05kh0fshn7j3ya"; })
   (fetchNuGet { pname = "System.Buffers"; version = "4.0.0"; sha256 = "13s659bcmg9nwb6z78971z1lr6bmh2wghxi1ayqyzl4jijd351gr"; })
   (fetchNuGet { pname = "System.Buffers"; version = "4.3.0"; sha256 = "0fgns20ispwrfqll4q1zc1waqcmylb3zc50ys9x8zlwxh9pmd9jy"; })
   (fetchNuGet { pname = "System.Buffers"; version = "4.5.0"; sha256 = "1ywfqn4md6g3iilpxjn5dsr0f5lx6z0yvhqp4pgjcamygg73cz2c"; })
   (fetchNuGet { pname = "System.Buffers"; version = "4.5.1"; sha256 = "04kb1mdrlcixj9zh1xdi5as0k0qi8byr5mi3p3jcxx72qz93s2y3"; })
+  (fetchNuGet { pname = "System.CodeDom"; version = "4.4.0"; sha256 = "1zgbafm5p380r50ap5iddp11kzhr9khrf2pnai6k593wjar74p1g"; })
   (fetchNuGet { pname = "System.Collections"; version = "4.0.11"; sha256 = "1ga40f5lrwldiyw6vy67d0sg7jd7ww6kgwbksm19wrvq9hr0bsm6"; })
   (fetchNuGet { pname = "System.Collections"; version = "4.3.0"; sha256 = "19r4y64dqyrq6k4706dnyhhw7fs24kpp3awak7whzss39dakpxk9"; })
   (fetchNuGet { pname = "System.Collections.Concurrent"; version = "4.0.12"; sha256 = "07y08kvrzpak873pmyxs129g1ch8l27zmg51pcyj2jvq03n0r0fc"; })
   (fetchNuGet { pname = "System.Collections.Concurrent"; version = "4.3.0"; sha256 = "0wi10md9aq33jrkh2c24wr2n9hrpyamsdhsxdcnf43b7y86kkii8"; })
   (fetchNuGet { pname = "System.Collections.Immutable"; version = "6.0.0"; sha256 = "1js98kmjn47ivcvkjqdmyipzknb9xbndssczm8gq224pbaj1p88c"; })
   (fetchNuGet { pname = "System.ComponentModel.Annotations"; version = "4.5.0"; sha256 = "1jj6f6g87k0iwsgmg3xmnn67a14mq88np0l1ys5zkxhkvbc8976p"; })
+  (fetchNuGet { pname = "System.Composition"; version = "6.0.0"; sha256 = "1p7hysns39cc24af6dwd4m48bqjsrr3clvi4aws152mh2fgyg50z"; })
+  (fetchNuGet { pname = "System.Composition.AttributedModel"; version = "6.0.0"; sha256 = "1mqrblb0l65hw39d0hnspqcv85didpn4wbiwhfgj4784wzqx2w6k"; })
+  (fetchNuGet { pname = "System.Composition.Convention"; version = "6.0.0"; sha256 = "02km3yb94p1c4s7liyhkmda0g71zm1rc8ijsfmy4bnlkq15xjw3b"; })
+  (fetchNuGet { pname = "System.Composition.Hosting"; version = "6.0.0"; sha256 = "0big5nk8c44rxp6cfykhk7rxvn2cgwa99w6c3v2a36adc3lj36ky"; })
+  (fetchNuGet { pname = "System.Composition.Runtime"; version = "6.0.0"; sha256 = "0vq5ik63yii1784gsa2f2kx9w6xllmm8b8rk0arid1jqdj1nyrlw"; })
+  (fetchNuGet { pname = "System.Composition.TypedParts"; version = "6.0.0"; sha256 = "0y9pq3y60nyrpfy51f576a0qjjdh61mcv8vnik32pm4bz56h9q72"; })
   (fetchNuGet { pname = "System.Console"; version = "4.0.0"; sha256 = "0ynxqbc3z1nwbrc11hkkpw9skw116z4y9wjzn7id49p9yi7mzmlf"; })
   (fetchNuGet { pname = "System.Console"; version = "4.3.0"; sha256 = "1flr7a9x920mr5cjsqmsy9wgnv3lvd0h1g521pdr1lkb2qycy7ay"; })
-  (fetchNuGet { pname = "System.Data.SqlClient"; version = "4.4.0"; sha256 = "1djh6i8s9s035glf2kg3fnlxkj36gf6327w5q44229nw48y6x8kh"; })
   (fetchNuGet { pname = "System.Diagnostics.Debug"; version = "4.0.11"; sha256 = "0gmjghrqmlgzxivd2xl50ncbglb7ljzb66rlx8ws6dv8jm0d5siz"; })
   (fetchNuGet { pname = "System.Diagnostics.Debug"; version = "4.3.0"; sha256 = "00yjlf19wjydyr6cfviaph3vsjzg3d5nvnya26i2fvfg53sknh3y"; })
   (fetchNuGet { pname = "System.Diagnostics.DiagnosticSource"; version = "4.0.0"; sha256 = "1n6c3fbz7v8d3pn77h4v5wvsfrfg7v1c57lg3nff3cjyh597v23m"; })
   (fetchNuGet { pname = "System.Diagnostics.DiagnosticSource"; version = "4.3.0"; sha256 = "0z6m3pbiy0qw6rn3n209rrzf9x1k4002zh90vwcrsym09ipm2liq"; })
   (fetchNuGet { pname = "System.Diagnostics.DiagnosticSource"; version = "6.0.0"; sha256 = "0rrihs9lnb1h6x4h0hn6kgfnh58qq7hx8qq99gh6fayx4dcnx3s5"; })
-  (fetchNuGet { pname = "System.Diagnostics.EventLog"; version = "6.0.0"; sha256 = "08y1x2d5w2hnhkh9r1998pjc7r4qp0rmzax062abha85s11chifd"; })
+  (fetchNuGet { pname = "System.Diagnostics.DiagnosticSource"; version = "8.0.0"; sha256 = "0nzra1i0mljvmnj1qqqg37xs7bl71fnpl68nwmdajchh65l878zr"; })
+  (fetchNuGet { pname = "System.Diagnostics.EventLog"; version = "8.0.0"; sha256 = "1xnvcidh2qf6k7w8ij1rvj0viqkq84cq47biw0c98xhxg5rk3pxf"; })
   (fetchNuGet { pname = "System.Diagnostics.Tools"; version = "4.0.1"; sha256 = "19cknvg07yhakcvpxg3cxa0bwadplin6kyxd8mpjjpwnp56nl85x"; })
   (fetchNuGet { pname = "System.Diagnostics.Tools"; version = "4.3.0"; sha256 = "0in3pic3s2ddyibi8cvgl102zmvp9r9mchh82ns9f0ms4basylw1"; })
   (fetchNuGet { pname = "System.Diagnostics.Tracing"; version = "4.1.0"; sha256 = "1d2r76v1x610x61ahfpigda89gd13qydz6vbwzhpqlyvq8jj6394"; })
   (fetchNuGet { pname = "System.Diagnostics.Tracing"; version = "4.3.0"; sha256 = "1m3bx6c2s958qligl67q7grkwfz3w53hpy7nc97mh6f7j5k168c4"; })
-  (fetchNuGet { pname = "System.Drawing.Common"; version = "6.0.0"; sha256 = "02n8rzm58dac2np8b3xw8ychbvylja4nh6938l5k2fhyn40imlgz"; })
+  (fetchNuGet { pname = "System.Drawing.Common"; version = "8.0.1"; sha256 = "02l7y2j6f2qykl90iac28nvw1cnhic8vzixlq5fznw0zj72knz25"; })
   (fetchNuGet { pname = "System.Dynamic.Runtime"; version = "4.0.11"; sha256 = "1pla2dx8gkidf7xkciig6nifdsb494axjvzvann8g2lp3dbqasm9"; })
   (fetchNuGet { pname = "System.Globalization"; version = "4.0.11"; sha256 = "070c5jbas2v7smm660zaf1gh0489xanjqymkvafcs4f8cdrs1d5d"; })
   (fetchNuGet { pname = "System.Globalization"; version = "4.3.0"; sha256 = "1cp68vv683n6ic2zqh2s1fn4c2sd87g5hpp6l4d4nj4536jz98ki"; })
@@ -301,10 +298,10 @@
   (fetchNuGet { pname = "System.Globalization.Calendars"; version = "4.3.0"; sha256 = "1xwl230bkakzzkrggy1l1lxmm3xlhk4bq2pkv790j5lm8g887lxq"; })
   (fetchNuGet { pname = "System.Globalization.Extensions"; version = "4.0.1"; sha256 = "0hjhdb5ri8z9l93bw04s7ynwrjrhx2n0p34sf33a9hl9phz69fyc"; })
   (fetchNuGet { pname = "System.Globalization.Extensions"; version = "4.3.0"; sha256 = "02a5zfxavhv3jd437bsncbhd2fp1zv4gxzakp1an9l6kdq1mcqls"; })
-  (fetchNuGet { pname = "System.IdentityModel.Tokens.Jwt"; version = "6.24.0"; sha256 = "1s6r8ivhbnv1hdybizmw0336z0dsv4dis3p2d658hzsv5p758yip"; })
+  (fetchNuGet { pname = "System.IdentityModel.Tokens.Jwt"; version = "7.2.0"; sha256 = "000sfpv1bjwkwwb65fl85f3ifwvdadzkx93gwsb56vrsh00kd026"; })
   (fetchNuGet { pname = "System.IO"; version = "4.1.0"; sha256 = "1g0yb8p11vfd0kbkyzlfsbsp5z44lwsvyc0h3dpw6vqnbi035ajp"; })
   (fetchNuGet { pname = "System.IO"; version = "4.3.0"; sha256 = "05l9qdrzhm4s5dixmx68kxwif4l99ll5gqmh7rqgw554fx0agv5f"; })
-  (fetchNuGet { pname = "System.IO.Abstractions"; version = "17.2.3"; sha256 = "1fs3asbc3f5maxc5il2iqmhhlbz4c69lh8r0r0xwjcjbly7agn0l"; })
+  (fetchNuGet { pname = "System.IO.Abstractions"; version = "20.0.4"; sha256 = "0qdp4522v0k219iixg4zk7vmpyx149rsnqhq3ykzkpd2mdg0f4nx"; })
   (fetchNuGet { pname = "System.IO.Compression"; version = "4.1.0"; sha256 = "0iym7s3jkl8n0vzm3jd6xqg9zjjjqni05x45dwxyjr2dy88hlgji"; })
   (fetchNuGet { pname = "System.IO.Compression"; version = "4.3.0"; sha256 = "084zc82yi6yllgda0zkgl2ys48sypiswbiwrv7irb3r0ai1fp4vz"; })
   (fetchNuGet { pname = "System.IO.Compression.ZipFile"; version = "4.0.1"; sha256 = "0h72znbagmgvswzr46mihn7xm7chfk2fhrp5krzkjf29pz0i6z82"; })
@@ -314,13 +311,13 @@
   (fetchNuGet { pname = "System.IO.FileSystem.Primitives"; version = "4.0.1"; sha256 = "1s0mniajj3lvbyf7vfb5shp4ink5yibsx945k6lvxa96r8la1612"; })
   (fetchNuGet { pname = "System.IO.FileSystem.Primitives"; version = "4.3.0"; sha256 = "0j6ndgglcf4brg2lz4wzsh1av1gh8xrzdsn9f0yznskhqn1xzj9c"; })
   (fetchNuGet { pname = "System.IO.Pipelines"; version = "4.5.2"; sha256 = "045sn3vyk5xysjjm19q4dj5c1g1rf8l98n4qsl9pl9id4fn08yq1"; })
+  (fetchNuGet { pname = "System.IO.Pipelines"; version = "6.0.3"; sha256 = "1jgdazpmwc21dd9naq3l9n5s8a1jnbwlvgkf1pnm0aji6jd4xqdz"; })
   (fetchNuGet { pname = "System.Linq"; version = "4.1.0"; sha256 = "1ppg83svb39hj4hpp5k7kcryzrf3sfnm08vxd5sm2drrijsla2k5"; })
   (fetchNuGet { pname = "System.Linq"; version = "4.3.0"; sha256 = "1w0gmba695rbr80l1k2h4mrwzbzsyfl2z4klmpbsvsg5pm4a56s7"; })
   (fetchNuGet { pname = "System.Linq.Expressions"; version = "4.1.0"; sha256 = "1gpdxl6ip06cnab7n3zlcg6mqp7kknf73s8wjinzi4p0apw82fpg"; })
   (fetchNuGet { pname = "System.Linq.Expressions"; version = "4.3.0"; sha256 = "0ky2nrcvh70rqq88m9a5yqabsl4fyd17bpr63iy2mbivjs2nyypv"; })
   (fetchNuGet { pname = "System.Memory"; version = "4.5.1"; sha256 = "0f07d7hny38lq9w69wx4lxkn4wszrqf9m9js6fh9is645csm167c"; })
   (fetchNuGet { pname = "System.Memory"; version = "4.5.3"; sha256 = "0naqahm3wljxb5a911d37mwjqjdxv9l0b49p5dmfyijvni2ppy8a"; })
-  (fetchNuGet { pname = "System.Memory"; version = "4.5.4"; sha256 = "14gbbs22mcxwggn0fcfs1b062521azb9fbb7c113x0mq6dzq9h6y"; })
   (fetchNuGet { pname = "System.Net.Http"; version = "4.1.0"; sha256 = "1i5rqij1icg05j8rrkw4gd4pgia1978mqhjzhsjg69lvwcdfg8yb"; })
   (fetchNuGet { pname = "System.Net.Http"; version = "4.3.0"; sha256 = "1i4gc757xqrzflbk7kc5ksn20kwwfjhw9w7pgdkn19y3cgnl302j"; })
   (fetchNuGet { pname = "System.Net.NameResolution"; version = "4.3.0"; sha256 = "15r75pwc0rm3vvwsn8rvm2krf929mjfwliv0mpicjnii24470rkq"; })
@@ -342,6 +339,7 @@
   (fetchNuGet { pname = "System.Reflection.Emit.Lightweight"; version = "4.3.0"; sha256 = "0ql7lcakycrvzgi9kxz1b3lljd990az1x6c4jsiwcacrvimpib5c"; })
   (fetchNuGet { pname = "System.Reflection.Extensions"; version = "4.0.1"; sha256 = "0m7wqwq0zqq9gbpiqvgk3sr92cbrw7cp3xn53xvw7zj6rz6fdirn"; })
   (fetchNuGet { pname = "System.Reflection.Extensions"; version = "4.3.0"; sha256 = "02bly8bdc98gs22lqsfx9xicblszr2yan7v2mmw3g7hy6miq5hwq"; })
+  (fetchNuGet { pname = "System.Reflection.Metadata"; version = "6.0.1"; sha256 = "0fjqifk4qz9lw5gcadpfalpplyr0z2b3p9x7h0ll481a9sqvppc9"; })
   (fetchNuGet { pname = "System.Reflection.Primitives"; version = "4.0.1"; sha256 = "1bangaabhsl4k9fg8khn83wm6yial8ik1sza7401621jc6jrym28"; })
   (fetchNuGet { pname = "System.Reflection.Primitives"; version = "4.3.0"; sha256 = "04xqa33bld78yv5r93a8n76shvc8wwcdgr1qvvjh959g3rc31276"; })
   (fetchNuGet { pname = "System.Reflection.TypeExtensions"; version = "4.1.0"; sha256 = "1bjli8a7sc7jlxqgcagl9nh8axzfl11f4ld3rjqsyxc516iijij7"; })
@@ -353,7 +351,6 @@
   (fetchNuGet { pname = "System.Runtime.CompilerServices.Unsafe"; version = "4.4.0"; sha256 = "0a6ahgi5b148sl5qyfpyw383p3cb4yrkm802k29fsi4mxkiwir29"; })
   (fetchNuGet { pname = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.1"; sha256 = "1xcrjx5fwg284qdnxyi2d0lzdm5q4frlpkp0nf6vvkx1kdz2prrf"; })
   (fetchNuGet { pname = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.2"; sha256 = "1vz4275fjij8inf31np78hw50al8nqkngk04p3xv5n4fcmf1grgi"; })
-  (fetchNuGet { pname = "System.Runtime.CompilerServices.Unsafe"; version = "5.0.0"; sha256 = "02k25ivn50dmqx5jn8hawwmz24yf0454fjd823qk6lygj9513q4x"; })
   (fetchNuGet { pname = "System.Runtime.CompilerServices.Unsafe"; version = "6.0.0"; sha256 = "0qm741kh4rh57wky16sq4m0v05fxmkjjr87krycf5vp9f0zbahbc"; })
   (fetchNuGet { pname = "System.Runtime.Extensions"; version = "4.1.0"; sha256 = "0rw4rm4vsm3h3szxp9iijc3ksyviwsv6f63dng3vhqyg4vjdkc2z"; })
   (fetchNuGet { pname = "System.Runtime.Extensions"; version = "4.3.0"; sha256 = "1ykp3dnhwvm48nap8q23893hagf665k0kn3cbgsqpwzbijdcgc60"; })
@@ -366,13 +363,11 @@
   (fetchNuGet { pname = "System.Runtime.Numerics"; version = "4.0.1"; sha256 = "1y308zfvy0l5nrn46mqqr4wb4z1xk758pkk8svbz8b5ij7jnv4nn"; })
   (fetchNuGet { pname = "System.Runtime.Numerics"; version = "4.3.0"; sha256 = "19rav39sr5dky7afygh309qamqqmi9kcwvz3i0c5700v0c5cg61z"; })
   (fetchNuGet { pname = "System.Runtime.Serialization.Primitives"; version = "4.1.1"; sha256 = "042rfjixknlr6r10vx2pgf56yming8lkjikamg3g4v29ikk78h7k"; })
-  (fetchNuGet { pname = "System.Security.AccessControl"; version = "4.4.0"; sha256 = "0ixqw47krkazsw0ycm22ivkv7dpg6cjz8z8g0ii44bsx4l8gcx17"; })
   (fetchNuGet { pname = "System.Security.Claims"; version = "4.3.0"; sha256 = "0jvfn7j22l3mm28qjy3rcw287y9h65ha4m940waaxah07jnbzrhn"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Algorithms"; version = "4.2.0"; sha256 = "148s9g5dgm33ri7dnh19s4lgnlxbpwvrw2jnzllq2kijj4i4vs85"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Algorithms"; version = "4.3.0"; sha256 = "03sq183pfl5kp7gkvq77myv7kbpdnq3y0xj7vi4q1kaw54sny0ml"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Cng"; version = "4.2.0"; sha256 = "118jijz446kix20blxip0f0q8mhsh9bz118mwc2ch1p6g7facpzc"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Cng"; version = "4.3.0"; sha256 = "1k468aswafdgf56ab6yrn7649kfqx2wm9aslywjam1hdmk5yypmv"; })
-  (fetchNuGet { pname = "System.Security.Cryptography.Cng"; version = "4.5.0"; sha256 = "1pm4ykbcz48f1hdmwpia432ha6qbb9kbrxrrp7cg3m8q8xn52ngn"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Csp"; version = "4.0.0"; sha256 = "1cwv8lqj8r15q81d2pz2jwzzbaji0l28xfrpw29kdpsaypm92z2q"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Csp"; version = "4.3.0"; sha256 = "1x5wcrddf2s3hb8j78cry7yalca4lb5vfnkrysagbn6r9x6xvrx1"; })
   (fetchNuGet { pname = "System.Security.Cryptography.Encoding"; version = "4.0.0"; sha256 = "0a8y1a5wkmpawc787gfmnrnbzdgxmx1a14ax43jf3rj9gxmy3vk4"; })
@@ -385,25 +380,23 @@
   (fetchNuGet { pname = "System.Security.Cryptography.X509Certificates"; version = "4.3.0"; sha256 = "0valjcz5wksbvijylxijjxb1mp38mdhv03r533vnx1q3ikzdav9h"; })
   (fetchNuGet { pname = "System.Security.Principal"; version = "4.3.0"; sha256 = "12cm2zws06z4lfc4dn31iqv7072zyi4m910d4r6wm8yx85arsfxf"; })
   (fetchNuGet { pname = "System.Security.Principal.Windows"; version = "4.3.0"; sha256 = "00a0a7c40i3v4cb20s2cmh9csb5jv2l0frvnlzyfxh848xalpdwr"; })
-  (fetchNuGet { pname = "System.Security.Principal.Windows"; version = "4.4.0"; sha256 = "11rr16fp68apc0arsymgj18w8ajs9a4366wgx9iqwny4glrl20wp"; })
   (fetchNuGet { pname = "System.Security.Principal.Windows"; version = "4.5.0"; sha256 = "0rmj89wsl5yzwh0kqjgx45vzf694v9p92r4x4q6yxldk1cv1hi86"; })
   (fetchNuGet { pname = "System.Text.Encoding"; version = "4.0.11"; sha256 = "1dyqv0hijg265dwxg6l7aiv74102d6xjiwplh2ar1ly6xfaa4iiw"; })
   (fetchNuGet { pname = "System.Text.Encoding"; version = "4.3.0"; sha256 = "1f04lkir4iladpp51sdgmis9dj4y8v08cka0mbmsy0frc9a4gjqr"; })
-  (fetchNuGet { pname = "System.Text.Encoding.CodePages"; version = "4.4.0"; sha256 = "07bzjnflxjk9vgpljfybrpqmvsr9qr2f20nq5wf11imwa5pbhgfc"; })
   (fetchNuGet { pname = "System.Text.Encoding.CodePages"; version = "4.5.1"; sha256 = "1z21qyfs6sg76rp68qdx0c9iy57naan89pg7p6i3qpj8kyzn921w"; })
-  (fetchNuGet { pname = "System.Text.Encoding.CodePages"; version = "5.0.0"; sha256 = "1bn2pzaaq4wx9ixirr8151vm5hynn3lmrljcgjx9yghmm4k677k0"; })
+  (fetchNuGet { pname = "System.Text.Encoding.CodePages"; version = "6.0.0"; sha256 = "0gm2kiz2ndm9xyzxgi0jhazgwslcs427waxgfa30m7yqll1kcrww"; })
   (fetchNuGet { pname = "System.Text.Encoding.Extensions"; version = "4.0.11"; sha256 = "08nsfrpiwsg9x5ml4xyl3zyvjfdi4mvbqf93kjdh11j4fwkznizs"; })
   (fetchNuGet { pname = "System.Text.Encoding.Extensions"; version = "4.3.0"; sha256 = "11q1y8hh5hrp5a3kw25cb6l00v5l5dvirkz8jr3sq00h1xgcgrxy"; })
   (fetchNuGet { pname = "System.Text.Encodings.Web"; version = "4.5.0"; sha256 = "0srd5bva52n92i90wd88pzrqjsxnfgka3ilybwh7s6sf469y5s53"; })
-  (fetchNuGet { pname = "System.Text.Encodings.Web"; version = "6.0.0"; sha256 = "06n9ql3fmhpjl32g3492sj181zjml5dlcc5l76xq2h38c4f87sai"; })
-  (fetchNuGet { pname = "System.Text.Json"; version = "4.6.0"; sha256 = "0ism236hwi0k6axssfq58s1d8lihplwiz058pdvl8al71hagri39"; })
+  (fetchNuGet { pname = "System.Text.Encodings.Web"; version = "8.0.0"; sha256 = "1wbypkx0m8dgpsaqgyywz4z760xblnwalb241d5qv9kx8m128i11"; })
   (fetchNuGet { pname = "System.Text.Json"; version = "4.7.2"; sha256 = "10xj1pw2dgd42anikvj9qm23ccssrcp7dpznpj4j7xjp1ikhy3y4"; })
-  (fetchNuGet { pname = "System.Text.Json"; version = "6.0.0"; sha256 = "1si2my1g0q0qv1hiqnji4xh9wd05qavxnzj9dwgs23iqvgjky0gl"; })
+  (fetchNuGet { pname = "System.Text.Json"; version = "8.0.0"; sha256 = "134savxw0sq7s448jnzw17bxcijsi1v38mirpbb6zfxmqlf04msw"; })
   (fetchNuGet { pname = "System.Text.RegularExpressions"; version = "4.1.0"; sha256 = "1mw7vfkkyd04yn2fbhm38msk7dz2xwvib14ygjsb8dq2lcvr18y7"; })
   (fetchNuGet { pname = "System.Text.RegularExpressions"; version = "4.3.0"; sha256 = "1bgq51k7fwld0njylfn7qc5fmwrk2137gdq7djqdsw347paa9c2l"; })
   (fetchNuGet { pname = "System.Threading"; version = "4.0.11"; sha256 = "19x946h926bzvbsgj28csn46gak2crv2skpwsx80hbgazmkgb1ls"; })
   (fetchNuGet { pname = "System.Threading"; version = "4.3.0"; sha256 = "0rw9wfamvhayp5zh3j7p1yfmx9b5khbf4q50d8k5rk993rskfd34"; })
   (fetchNuGet { pname = "System.Threading.Channels"; version = "4.5.0"; sha256 = "0n6z3wjia7h2a5vl727p97riydnb6jhhkb1pdcnizza02dwkz0nz"; })
+  (fetchNuGet { pname = "System.Threading.Channels"; version = "6.0.0"; sha256 = "1qbyi7yymqc56frqy7awvcqc1m7x3xrpx87a37dgb3mbrjg9hlcj"; })
   (fetchNuGet { pname = "System.Threading.Tasks"; version = "4.0.11"; sha256 = "0nr1r41rak82qfa5m0lhk9mp0k93bvfd7bbd9sdzwx9mb36g28p5"; })
   (fetchNuGet { pname = "System.Threading.Tasks"; version = "4.3.0"; sha256 = "134z3v9abw3a6jsw17xl3f6hqjpak5l682k2vz39spj4kmydg6k7"; })
   (fetchNuGet { pname = "System.Threading.Tasks.Extensions"; version = "4.0.0"; sha256 = "1cb51z062mvc2i8blpzmpn9d9mm4y307xrwi65di8ri18cz5r1zr"; })
@@ -416,5 +409,8 @@
   (fetchNuGet { pname = "System.Xml.ReaderWriter"; version = "4.3.0"; sha256 = "0c47yllxifzmh8gq6rq6l36zzvw4kjvlszkqa9wq3fr59n0hl3s1"; })
   (fetchNuGet { pname = "System.Xml.XDocument"; version = "4.0.11"; sha256 = "0n4lvpqzy9kc7qy1a4acwwd7b7pnvygv895az5640idl2y9zbz18"; })
   (fetchNuGet { pname = "System.Xml.XDocument"; version = "4.3.0"; sha256 = "08h8fm4l77n0nd4i4fk2386y809bfbwqb7ih9d7564ifcxr5ssxd"; })
-  (fetchNuGet { pname = "VersOne.Epub"; version = "3.3.0-alpha1"; sha256 = "037wq88w6brfjswmraa1l6by7fcdd1nc3vri8plg9h6a7zjph4nc"; })
+  (fetchNuGet { pname = "TestableIO.System.IO.Abstractions"; version = "20.0.4"; sha256 = "16jw4zw8pvck754r6744d11460w1fih8c77r8yzzw2w58iv2mns6"; })
+  (fetchNuGet { pname = "TestableIO.System.IO.Abstractions.Wrappers"; version = "20.0.4"; sha256 = "1c5sf8dva9vswl2qqkc6xcmznia8d5nqw46yvk4b1f9idv53j5nz"; })
+  (fetchNuGet { pname = "VersOne.Epub"; version = "3.3.1"; sha256 = "1v7ms857yhm38syi4l63g9hzn0y08n8csr4z4i56xmzpj1big2s6"; })
+  (fetchNuGet { pname = "ZstdSharp.Port"; version = "0.7.4"; sha256 = "0087rymvclj96pscd8lbjidsdg1g4p83m6y20bcicz8sx7jnnzyg"; })
 ]

pkgs/servers/web-apps/kavita/update.sh

@@ -0,0 +1,20 @@
+#!/usr/bin/env nix-shell
+#! nix-shell -i bash -p common-updater-scripts curl jq nix-prefetch-github prefetch-npm-deps
+
+set -euo pipefail
+
+latest_version=$(curl -s https://api.github.com/repos/Kareadita/Kavita/releases/latest | jq -r '.tag_name' | tr -d v)
+
+pushd "$(mktemp -d)"
+curl -s https://raw.githubusercontent.com/Kareadita/Kavita/v${latest_version}/UI/Web/package-lock.json -o package-lock.json
+npmDepsHash=$(prefetch-npm-deps package-lock.json)
+rm -f package-lock.json
+popd
+
+update-source-version kavita "$latest_version"
+
+pushd "$(dirname "${BASH_SOURCE[0]}")"
+sed -E 's#\bnpmDepsHash = ".*?"#npmDepsHash = "'"$npmDepsHash"'"#' -i default.nix
+popd
+
+$(nix-build -A kavita.backend.fetch-deps --no-out-link)

pkgs/tools/misc/yubikey-manager/default.nix

@@ -8,14 +8,14 @@
 
 python3Packages.buildPythonPackage rec {
   pname = "yubikey-manager";
-  version = "5.3.0";
+  version = "5.4.0";
   pyproject = true;
 
   src = fetchFromGitHub {
     owner = "Yubico";
     repo = "yubikey-manager";
     rev = version;
-    hash = "sha256-c5edonnvvGIZ6SJ6+gd2xcAy0/HiAEUEPMGQzOKK2Sw=";
+    hash = "sha256-Rn3iGiiR48EFVAn9BRQ043L8x7WwH7XnazZlVw50IGU=";
   };
 
   postPatch = ''
@@ -55,14 +55,14 @@ python3Packages.buildPythonPackage rec {
     makefun
   ];
 
-  meta = with lib; {
+  meta = {
     homepage = "https://developers.yubico.com/yubikey-manager";
     changelog = "https://github.com/Yubico/yubikey-manager/releases/tag/${version}";
     description = "Command line tool for configuring any YubiKey over all USB transports";
 
-    license = licenses.bsd2;
-    platforms = platforms.unix;
-    maintainers = with maintainers; [ benley lassulus pinpox nickcao ];
+    license = lib.licenses.bsd2;
+    platforms = lib.platforms.unix;
+    maintainers = with lib.maintainers; [ benley lassulus pinpox nickcao ];
     mainProgram = "ykman";
   };
 }

pkgs/tools/networking/easyrsa/default.nix

@@ -8,10 +8,11 @@ stdenv.mkDerivation rec {
     owner = "OpenVPN";
     repo = "easy-rsa";
     rev = "v${version}";
-    sha256 = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY=";
+    hash = "sha256-zdVcT04nj7eE1a6M7WHeWpwG/TVTwyK+WgD70XwPXfY=";
   };
 
   nativeBuildInputs = [ makeWrapper ];
+  nativeInstallCheckInputs = [ openssl.bin ];
 
   installPhase = ''
     mkdir -p $out/share/easy-rsa
@@ -26,7 +27,7 @@ stdenv.mkDerivation rec {
 
     # Wrap it with the correct OpenSSL binary.
     wrapProgram $out/bin/easyrsa \
-      --set EASYRSA_OPENSSL ${openssl.bin}/bin/openssl
+      --set-default EASYRSA_OPENSSL ${openssl.bin}/bin/openssl
 
     # Helper utility
     cat > $out/bin/easyrsa-init <<EOF
@@ -36,6 +37,21 @@ stdenv.mkDerivation rec {
     chmod +x $out/bin/easyrsa-init
   '';
 
+  doInstallCheck = true;
+  postInstallCheck = ''
+    set -euo pipefail
+    export EASYRSA_BATCH=1
+    export EASYRSA_PASSIN=pass:nixpkgs
+    export EASYRSA_PASSOUT="$EASYRSA_PASSIN"
+    export EASYRSA_REQ_CN='nixpkgs test CA'
+    export EASYRSA_KEY_SIZE=3072
+    export EASYRSA_ALGO=rsa
+    export EASYRSA_DIGEST=sha512
+    $out/bin/easyrsa init-pki
+    $out/bin/easyrsa build-ca
+    openssl x509 -in pki/ca.crt -noout -subject | tee /dev/stderr | grep -zq "$EASYRSA_REQ_CN"
+  '';
+
   meta = with lib; {
     description = "Simple shell based CA utility";
     homepage = "https://openvpn.net/";

pkgs/tools/package-management/poetry/default.nix

@@ -30,6 +30,7 @@ let
     poetry-audit-plugin = callPackage ./plugins/poetry-audit-plugin.nix { };
     poetry-plugin-export = callPackage ./plugins/poetry-plugin-export.nix { };
     poetry-plugin-up = callPackage ./plugins/poetry-plugin-up.nix { };
+    poetry-plugin-poeblix = callPackage ./plugins/poetry-plugin-poeblix.nix { };
   };
 
   # selector is a function mapping pythonPackages to a list of plugins

pkgs/tools/package-management/poetry/plugins/poetry-plugin-poeblix.nix

@@ -0,0 +1,37 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, poetry-core
+}:
+
+buildPythonPackage rec {
+  pname = "poetry-plugin-poeblix";
+  version = "0.10.0";
+  pyproject = true;
+
+  src = fetchFromGitHub {
+    owner = "spoorn";
+    repo = "poeblix";
+    rev = "refs/tags/${version}";
+    hash = "sha256-TKadEOk9kM3ZYsQmE2ftzjHNGNKI17p0biMr+Nskigs=";
+  };
+
+  postPatch = ''
+    sed -i '/poetry =/d' pyproject.toml
+  '';
+
+  nativeBuildInputs = [
+    poetry-core
+  ];
+
+  doCheck = false;
+  pythonImportsCheck = ["poeblix"];
+
+  meta = with lib; {
+    changelog = "https://github.com/spoorn/poeblix/releases/tag/${src.rev}";
+    description = "Poetry Plugin that adds various features that extend the poetry command such as building wheel files with locked dependencies, and validations of wheel/docker containers";
+    license = licenses.mit;
+    homepage = "https://github.com/spoorn/poeblix";
+    maintainers = with maintainers; [ hennk ];
+  };
+}

pkgs/tools/security/exploitdb/default.nix

@@ -6,13 +6,13 @@
 
 stdenv.mkDerivation rec {
   pname = "exploitdb";
-  version = "2024-03-23";
+  version = "2024-03-26";
 
   src = fetchFromGitLab {
     owner = "exploit-database";
     repo = pname;
     rev = "refs/tags/${version}";
-    hash = "sha256-2Z6HY2Pz7PKh0iBXaplxj7il0Ekzqsbq57l0/Pk03+s=";
+    hash = "sha256-oZfo9p23uvDw2f7O5AnycVpE14Rul8ZIeQPojVGQCXI=";
   };
 
   nativeBuildInputs = [

pkgs/tools/typesetting/tex/texpresso/default.nix

@@ -17,7 +17,7 @@
 
 stdenv.mkDerivation rec {
   pname = "texpresso";
-  version = "0-unstable-2024-03-24";
+  version = "0-unstable-2024-03-26";
 
   nativeBuildInputs = [
     makeWrapper
@@ -35,8 +35,8 @@ stdenv.mkDerivation rec {
   src = fetchFromGitHub {
     owner = "let-def";
     repo = "texpresso";
-    rev = "08d4ae8632ef0da349595310d87ac01e70f2c6ae";
-    hash = "sha256-a0yBVtLfmE0oTl599FXp7A10JoiKusofLSeXigx4GvA=";
+    rev = "34d06efc5719a6289bbe2d05e5295566d0fbcfad";
+    hash = "sha256-rfrESh2Yz5FfwWW57wBZSJKPri2Pl1uhTGTM02dyOqM=";
   };
 
   buildFlags = [ "texpresso" ];

pkgs/top-level/all-packages.nix

@@ -2621,6 +2621,11 @@ with pkgs;
 
   _86Box = callPackage ../applications/emulators/86box { };
 
+  _86Box-with-roms = _86Box.override {
+    unfreeEnableRoms = true;
+    unfreeEnableDiscord = true;
+  };
+
   attract-mode = callPackage ../applications/emulators/attract-mode { };
 
   basiliskii = callPackage ../applications/emulators/basiliskii { };

pkgs/top-level/darwin-aliases.nix

@@ -0,0 +1,53 @@
+lib: self: super: pkgs:
+
+### Deprecated aliases - for backward compatibility
+
+### Please maintain this list in ASCIIbetical ordering.
+### Hint: the "sections" are delimited by ### <letter> ###
+
+# These aliases should not be used within nixpkgs, but exist to improve
+# backward compatibility in projects outside of nixpkgs. See the
+# documentation for the `allowAliases` option for more background.
+
+# A script to convert old aliases to throws and remove old
+# throws can be found in './maintainers/scripts/remove-old-aliases.py'.
+
+# Add 'preserve, reason: reason why' after the date if the alias should not be removed.
+# Try to keep them to a minimum.
+# valid examples of what to preserve:
+#   distro aliases such as:
+#     debian-package-name -> nixos-package-name
+
+# pkgs is provided to allow packages to be moved out of the darwin attrset.
+
+with self;
+
+let
+  # Removing recurseForDerivation prevents derivations of aliased attribute set
+  # to appear while listing all the packages available.
+  removeRecurseForDerivations =
+    alias:
+    if alias.recurseForDerivations or false then
+      lib.removeAttrs alias [ "recurseForDerivations" ]
+    else
+      alias;
+
+  # Disabling distribution prevents top-level aliases for non-recursed package
+  # sets from building on Hydra.
+  removeDistribute = alias: if lib.isDerivation alias then lib.dontDistribute alias else alias;
+
+  # Make sure that we are not shadowing something from darwin-packages.nix.
+  checkInPkgs =
+    n: alias:
+    if builtins.hasAttr n super then throw "Alias ${n} is still in darwin-packages.nix" else alias;
+
+  mapAliases = lib.mapAttrs (
+    n: alias: removeDistribute (removeRecurseForDerivations (checkInPkgs n alias))
+  );
+in
+
+mapAliases ({
+  ### B ###
+
+  builder = throw "'darwin.builder' has been changed and renamed to 'darwin.linux-builder'. The default ssh port is now 31022. Please update your configuration or override the port back to 22. See https://nixos.org/manual/nixpkgs/unstable/#sec-darwin-builder"; # added 2023-07-06
+})

pkgs/top-level/darwin-packages.nix

@@ -18,12 +18,14 @@ let
   fetchurlBoot = import ../build-support/fetchurl/boot.nix {
     inherit (stdenv) system;
   };
+
+  aliases = self: super: lib.optionalAttrs config.allowAliases (import ../top-level/darwin-aliases.nix lib self super pkgs);
 in
 
 makeScopeWithSplicing' {
   otherSplices = generateSplicesForMkScope "darwin";
   extra = spliced: spliced.apple_sdk.frameworks;
-  f = (self: let
+  f = lib.extends aliases (self: let
   inherit (self) mkDerivation callPackage;
 
   # Must use pkgs.callPackage to avoid infinite recursion.
@@ -260,7 +262,5 @@ impure-cmds // appleSourcePackages // chooseLibs // {
     modules = [ { nixpkgs.hostPlatform = "x86_64-linux"; } ];
   };
 
-} // lib.optionalAttrs config.allowAliases {
-  builder = throw "'darwin.builder' has been changed and renamed to 'darwin.linux-builder'. The default ssh port is now 31022. Please update your configuration or override the port back to 22. See https://nixos.org/manual/nixpkgs/unstable/#sec-darwin-builder"; # added 2023-07-06
 });
 }