Merge staging-next into staging

This commit is contained in:
github-actions[bot] 2022-10-24 18:06:30 +00:00 committed by GitHub
commit 38a8b47046
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
31 changed files with 265 additions and 132 deletions

View file

@ -302,6 +302,12 @@ Container system, boot system and library changes are some examples of the pull
It is possible for community members that have enough knowledge and experience on a special topic to contribute by merging pull requests. It is possible for community members that have enough knowledge and experience on a special topic to contribute by merging pull requests.
In case the PR is stuck waiting for the original author to apply a trivial
change (a typo, capitalisation change, etc.) and the author allowed the members
to modify the PR, consider applying it yourself. (or commit the existing review
suggestion) You should pay extra attention to make sure the addition doesn't go
against the idea of the original PR and would not be opposed by the author.
<!-- <!--
The following paragraphs about how to deal with unactive contributors is just a proposition and should be modified to what the community agrees to be the right policy. The following paragraphs about how to deal with unactive contributors is just a proposition and should be modified to what the community agrees to be the right policy.

View file

@ -8803,7 +8803,7 @@
email = "megoettlinger@gmail.com"; email = "megoettlinger@gmail.com";
github = "mgttlinger"; github = "mgttlinger";
githubId = 5120487; githubId = 5120487;
name = "Merlin Göttlinger"; name = "Merlin Humml";
}; };
mguentner = { mguentner = {
email = "code@klandest.in"; email = "code@klandest.in";

View file

@ -182,6 +182,8 @@ with lib.maintainers; {
members = [ members = [
cole-h cole-h
grahamc grahamc
hoverbear
lheckemann
]; ];
scope = "Group registration for packages maintained by Determinate Systems."; scope = "Group registration for packages maintained by Determinate Systems.";
shortName = "Determinate Systems employees"; shortName = "Determinate Systems employees";

View file

@ -184,7 +184,7 @@ in
# Tell zsh how to find installed completions. # Tell zsh how to find installed completions.
for p in ''${(z)NIX_PROFILES}; do for p in ''${(z)NIX_PROFILES}; do
fpath+=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions) fpath=($p/share/zsh/site-functions $p/share/zsh/$ZSH_VERSION/functions $p/share/zsh/vendor-completions $fpath)
done done
# Setup custom shell init stuff. # Setup custom shell init stuff.

View file

@ -62,7 +62,7 @@ in {
ProtectKernelModules = true; ProtectKernelModules = true;
ProtectKernelTunables = true; ProtectKernelTunables = true;
SystemCallArchitectures = "native"; SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@privileged" "~@resources" ]; SystemCallFilter = [ "@system-service" "~@privileged" ];
RestrictRealtime = true; RestrictRealtime = true;
LockPersonality = true; LockPersonality = true;
MemoryDenyWriteExecute = true; MemoryDenyWriteExecute = true;

View file

@ -1,72 +1,74 @@
{ config, pkgs, lib, ... }: { config, pkgs, lib, ... }:
let let
inherit (lib) inherit (lib)
concatLists
concatMap
concatMapStringsSep concatMapStringsSep
concatStringsSep concatStringsSep
filterAttrs filterAttrs
flatten
isAttrs isAttrs
isString
literalExpression literalExpression
mapAttrs' mapAttrs'
mapAttrsToList mapAttrsToList
mkIf mkIf
mkOption mkOption
optionalString optionalString
partition sort
typeOf
types types
; ;
# The priority of an option or section.
# The configurations format are order-sensitive. Pairs are added as children of
# the last sections if possible, otherwise, they start a new section.
# We sort them in topological order:
# 1. Leaf pairs.
# 2. Sections that may contain (1).
# 3. Sections that may contain (1) or (2).
# 4. Etc.
prioOf = { name, value }:
if !isAttrs value then 0 # Leaf options.
else {
target = 1; # Contains: options.
subvolume = 2; # Contains: options, target.
volume = 3; # Contains: options, target, subvolume.
}.${name} or (throw "Unknow section '${name}'");
genConfig' = set: concatStringsSep "\n" (genConfig set);
genConfig = set:
let
pairs = mapAttrsToList (name: value: { inherit name value; }) set;
sortedPairs = sort (a: b: prioOf a < prioOf b) pairs;
in
concatMap genPair sortedPairs;
genSection = sec: secName: value:
[ "${sec} ${secName}" ] ++ map (x: " " + x) (genConfig value);
genPair = { name, value }:
if !isAttrs value
then [ "${name} ${value}" ]
else concatLists (mapAttrsToList (genSection name) value);
addDefaults = settings: { backend = "btrfs-progs-sudo"; } // settings;
mkConfigFile = name: settings: pkgs.writeTextFile {
name = "btrbk-${name}.conf";
text = genConfig' (addDefaults settings);
checkPhase = ''
set +e
${pkgs.btrbk}/bin/btrbk -c $out dryrun
# According to btrbk(1), exit status 2 means parse error
# for CLI options or the config file.
if [[ $? == 2 ]]; then
echo "Btrbk configuration is invalid:"
cat $out
exit 1
fi
set -e
'';
};
cfg = config.services.btrbk; cfg = config.services.btrbk;
sshEnabled = cfg.sshAccess != [ ]; sshEnabled = cfg.sshAccess != [ ];
serviceEnabled = cfg.instances != { }; serviceEnabled = cfg.instances != { };
attr2Lines = attr:
let
pairs = mapAttrsToList (name: value: { inherit name value; }) attr;
isSubsection = value:
if isAttrs value then true
else if isString value then false
else throw "invalid type in btrbk config ${typeOf value}";
sortedPairs = partition (x: isSubsection x.value) pairs;
in
flatten (
# non subsections go first
(
map (pair: [ "${pair.name} ${pair.value}" ]) sortedPairs.wrong
)
++ # subsections go last
(
map
(
pair:
mapAttrsToList
(
childname: value:
[ "${pair.name} ${childname}" ] ++ (map (x: " " + x) (attr2Lines value))
)
pair.value
)
sortedPairs.right
)
)
;
addDefaults = settings: { backend = "btrfs-progs-sudo"; } // settings;
mkConfigFile = settings: concatStringsSep "\n" (attr2Lines (addDefaults settings));
mkTestedConfigFile = name: settings:
let
configFile = pkgs.writeText "btrbk-${name}.conf" (mkConfigFile settings);
in
pkgs.runCommand "btrbk-${name}-tested.conf" { } ''
mkdir foo
cp ${configFile} $out
if (set +o pipefail; ${pkgs.btrbk}/bin/btrbk -c $out ls foo 2>&1 | grep $out);
then
echo btrbk configuration is invalid
cat $out
exit 1
fi;
'';
in in
{ {
meta.maintainers = with lib.maintainers; [ oxalica ]; meta.maintainers = with lib.maintainers; [ oxalica ];
@ -196,7 +198,7 @@ in
( (
name: instance: { name: instance: {
name = "btrbk/${name}.conf"; name = "btrbk/${name}.conf";
value.source = mkTestedConfigFile name instance.settings; value.source = mkConfigFile name instance.settings;
} }
) )
cfg.instances; cfg.instances;

View file

@ -592,7 +592,7 @@ in
PrivateMounts = true; PrivateMounts = true;
# System Call Filtering # System Call Filtering
SystemCallArchitectures = "native"; SystemCallArchitectures = "native";
SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @reboot @resources @setuid @swap"; SystemCallFilter = "~@clock @cpu-emulation @debug @keyring @memlock @module @mount @obsolete @raw-io @reboot @setuid @swap";
}; };
environment = { environment = {

View file

@ -245,17 +245,17 @@ in {
(mkRenamedOptionModule [ "services" "grafana" "users" "autoAssignOrg" ] [ "services" "grafana" "settings" "users" "auto_assign_org" ]) (mkRenamedOptionModule [ "services" "grafana" "users" "autoAssignOrg" ] [ "services" "grafana" "settings" "users" "auto_assign_org" ])
(mkRenamedOptionModule [ "services" "grafana" "users" "autoAssignOrgRole" ] [ "services" "grafana" "settings" "users" "auto_assign_org_role" ]) (mkRenamedOptionModule [ "services" "grafana" "users" "autoAssignOrgRole" ] [ "services" "grafana" "settings" "users" "auto_assign_org_role" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "disableLoginForm" ] [ "services" "grafana" "settings" "auth" "disable_login_form" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "disableLoginForm" ] [ "services" "grafana" "settings" "auth" "disable_login_form" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "enable" ] [ "services" "grafana" "settings" "auth" "anonymous" "enable" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "enable" ] [ "services" "grafana" "settings" "auth.anonymous" "enabled" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "org_name" ] [ "services" "grafana" "settings" "auth" "anonymous" "org_name" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "org_name" ] [ "services" "grafana" "settings" "auth.anonymous" "org_name" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "org_role" ] [ "services" "grafana" "settings" "auth" "anonymous" "org_role" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "anonymous" "org_role" ] [ "services" "grafana" "settings" "auth.anonymous" "org_role" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "enable" ] [ "services" "grafana" "settings" "auth" "azuread" "enable" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "enable" ] [ "services" "grafana" "settings" "auth.azuread" "enabled" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowSignUp" ] [ "services" "grafana" "settings" "auth" "azuread" "allow_sign_up" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowSignUp" ] [ "services" "grafana" "settings" "auth.azuread" "allow_sign_up" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "clientId" ] [ "services" "grafana" "settings" "auth" "azuread" "client_id" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "clientId" ] [ "services" "grafana" "settings" "auth.azuread" "client_id" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowedDomains" ] [ "services" "grafana" "settings" "auth" "azuread" "allowed_domains" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowedDomains" ] [ "services" "grafana" "settings" "auth.azuread" "allowed_domains" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowedGroups" ] [ "services" "grafana" "settings" "auth" "azuread" "allowed_groups" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "azuread" "allowedGroups" ] [ "services" "grafana" "settings" "auth.azuread" "allowed_groups" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "google" "enable" ] [ "services" "grafana" "settings" "auth" "google" "enable" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "google" "enable" ] [ "services" "grafana" "settings" "auth.google" "enabled" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "google" "allowSignUp" ] [ "services" "grafana" "settings" "auth" "google" "allow_sign_up" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "google" "allowSignUp" ] [ "services" "grafana" "settings" "auth.google" "allow_sign_up" ])
(mkRenamedOptionModule [ "services" "grafana" "auth" "google" "clientId" ] [ "services" "grafana" "settings" "auth" "google" "client_id" ]) (mkRenamedOptionModule [ "services" "grafana" "auth" "google" "clientId" ] [ "services" "grafana" "settings" "auth.google" "client_id" ])
(mkRenamedOptionModule [ "services" "grafana" "analytics" "reporting" "enable" ] [ "services" "grafana" "settings" "analytics" "reporting_enabled" ]) (mkRenamedOptionModule [ "services" "grafana" "analytics" "reporting" "enable" ] [ "services" "grafana" "settings" "analytics" "reporting_enabled" ])
(mkRemovedOptionModule [ "services" "grafana" "database" "passwordFile" ] '' (mkRemovedOptionModule [ "services" "grafana" "database" "passwordFile" ] ''
@ -351,7 +351,7 @@ in {
protocol = mkOption { protocol = mkOption {
description = lib.mdDoc "Which protocol to listen."; description = lib.mdDoc "Which protocol to listen.";
default = "http"; default = "http";
type = types.enum ["http" "https" "socket"]; type = types.enum ["http" "https" "h2" "socket"];
}; };
http_addr = mkOption { http_addr = mkOption {
@ -1173,14 +1173,14 @@ in {
any (x: x.secure_settings != null) cfg.provision.notifiers any (x: x.secure_settings != null) cfg.provision.notifiers
) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead.") ) "Notifier secure settings will be stored as plaintext in the Nix store! Use file provider instead.")
(optional ( (optional (
builtins.isList cfg.provision.datasources builtins.isList cfg.provision.datasources && cfg.provision.datasources != []
) '' ) ''
Provisioning Grafana datasources with options has been deprecated. Provisioning Grafana datasources with options has been deprecated.
Use `services.grafana.provision.datasources.settings` or Use `services.grafana.provision.datasources.settings` or
`services.grafana.provision.datasources.path` instead. `services.grafana.provision.datasources.path` instead.
'') '')
(optional ( (optional (
builtins.isList cfg.provision.dashboards builtins.isList cfg.provision.datasources && cfg.provision.dashboards != []
) '' ) ''
Provisioning Grafana dashboards with options has been deprecated. Provisioning Grafana dashboards with options has been deprecated.
Use `services.grafana.provision.dashboards.settings` or Use `services.grafana.provision.dashboards.settings` or
@ -1253,8 +1253,8 @@ in {
RuntimeDirectory = "grafana"; RuntimeDirectory = "grafana";
RuntimeDirectoryMode = "0755"; RuntimeDirectoryMode = "0755";
# Hardening # Hardening
AmbientCapabilities = lib.mkIf (cfg.port < 1024) [ "CAP_NET_BIND_SERVICE" ]; AmbientCapabilities = lib.mkIf (cfg.settings.server.http_port < 1024) [ "CAP_NET_BIND_SERVICE" ];
CapabilityBoundingSet = if (cfg.port < 1024) then [ "CAP_NET_BIND_SERVICE" ] else [ "" ]; CapabilityBoundingSet = if (cfg.settings.server.http_port < 1024) then [ "CAP_NET_BIND_SERVICE" ] else [ "" ];
DeviceAllow = [ "" ]; DeviceAllow = [ "" ];
LockPersonality = true; LockPersonality = true;
NoNewPrivileges = true; NoNewPrivileges = true;

View file

@ -111,7 +111,6 @@ in
"~@aio" "~@aio"
"~@keyring" "~@keyring"
"~@memlock" "~@memlock"
"~@resources"
"~@setuid" "~@setuid"
"~@timer" "~@timer"
]; ];

View file

@ -126,7 +126,7 @@ in
RestrictRealtime = true; RestrictRealtime = true;
RestrictSUIDSGID = true; RestrictSUIDSGID = true;
SystemCallArchitectures = "native"; SystemCallArchitectures = "native";
SystemCallFilter = [ "@system-service" "~@resources" "~@privileged" ]; SystemCallFilter = [ "@system-service" "~@privileged" ];
}; };
}; };

View file

@ -102,6 +102,7 @@ in {
brscan5 = handleTest ./brscan5.nix {}; brscan5 = handleTest ./brscan5.nix {};
btrbk = handleTest ./btrbk.nix {}; btrbk = handleTest ./btrbk.nix {};
btrbk-no-timer = handleTest ./btrbk-no-timer.nix {}; btrbk-no-timer = handleTest ./btrbk-no-timer.nix {};
btrbk-section-order = handleTest ./btrbk-section-order.nix {};
buildbot = handleTest ./buildbot.nix {}; buildbot = handleTest ./buildbot.nix {};
buildkite-agents = handleTest ./buildkite-agents.nix {}; buildkite-agents = handleTest ./buildkite-agents.nix {};
caddy = handleTest ./caddy.nix {}; caddy = handleTest ./caddy.nix {};

View file

@ -0,0 +1,51 @@
# This tests validates the order of generated sections that may contain
# other sections.
# When a `volume` section has both `subvolume` and `target` children,
# `target` must go before `subvolume`. Otherwise, `target` will become
# a child of the last `subvolume` instead of `volume`, due to the
# order-sensitive config format.
#
# Issue: https://github.com/NixOS/nixpkgs/issues/195660
import ./make-test-python.nix ({ lib, pkgs, ... }: {
name = "btrbk-section-order";
meta.maintainers = with lib.maintainers; [ oxalica ];
nodes.machine = { ... }: {
services.btrbk.instances.local = {
onCalendar = null;
settings = {
timestamp_format = "long";
target."ssh://global-target/".ssh_user = "root";
volume."/btrfs" = {
snapshot_dir = "/volume-snapshots";
target."ssh://volume-target/".ssh_user = "root";
subvolume."@subvolume" = {
snapshot_dir = "/subvolume-snapshots";
target."ssh://subvolume-target/".ssh_user = "root";
};
};
};
};
};
testScript = ''
machine.wait_for_unit("basic.target")
got = machine.succeed("cat /etc/btrbk/local.conf")
expect = """
backend btrfs-progs-sudo
timestamp_format long
target ssh://global-target/
ssh_user root
volume /btrfs
snapshot_dir /volume-snapshots
target ssh://volume-target/
ssh_user root
subvolume @subvolume
snapshot_dir /subvolume-snapshots
target ssh://subvolume-target/
ssh_user root
""".strip()
print(got)
assert got == expect
'';
})

View file

@ -6,12 +6,18 @@ let
baseGrafanaConf = { baseGrafanaConf = {
services.grafana = { services.grafana = {
enable = true; enable = true;
addr = "localhost"; settings = {
analytics.reporting.enable = false; analytics.reporting_enabled = false;
server = {
http_addr = "localhost";
domain = "localhost"; domain = "localhost";
};
security = { security = {
adminUser = "testadmin"; admin_user = "testadmin";
adminPassword = "snakeoilpwd"; admin_password = "snakeoilpwd";
};
}; };
}; };
}; };
@ -24,7 +30,7 @@ let
}; };
postgresql = { postgresql = {
services.grafana.database = { services.grafana.settings.database = {
host = "127.0.0.1:5432"; host = "127.0.0.1:5432";
user = "grafana"; user = "grafana";
}; };
@ -40,7 +46,7 @@ let
}; };
mysql = { mysql = {
services.grafana.database.user = "grafana"; services.grafana.settings.database.user = "grafana";
services.mysql = { services.mysql = {
enable = true; enable = true;
ensureDatabases = [ "grafana" ]; ensureDatabases = [ "grafana" ];

View file

@ -6,14 +6,20 @@ let
baseGrafanaConf = { baseGrafanaConf = {
services.grafana = { services.grafana = {
enable = true; enable = true;
addr = "localhost";
analytics.reporting.enable = false;
domain = "localhost";
security = {
adminUser = "testadmin";
adminPassword = "snakeoilpwd";
};
provision.enable = true; provision.enable = true;
settings = {
analytics.reporting_enabled = false;
server = {
http_addr = "localhost";
domain = "localhost";
};
security = {
admin_user = "testadmin";
admin_password = "snakeoilpwd";
};
};
}; };
systemd.tmpfiles.rules = [ systemd.tmpfiles.rules = [

View file

@ -2,17 +2,17 @@
buildGoModule rec { buildGoModule rec {
pname = "mangal"; pname = "mangal";
version = "3.12.0"; version = "3.14.0";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "metafates"; owner = "metafates";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-1fWy7riInrbReQ0sQ1TF8GhqWQG0KXk1JzhmxlSuvmk="; hash = "sha256-IQSRPjtMaxwJuiKGjOYQ7jp0mAPS/V6fA1/Ek/K5yqk=";
}; };
proxyVendor = true; proxyVendor = true;
vendorSha256 = "sha256-+HDuGSZinotUtCqffrmFkjHegxdArSJMWwnUG/tnLRc="; vendorSha256 = "sha256-XslNMrFCI+dGaSw7ro1vBMamFukbMA3m0I3hOl9QccM=";
ldflags = [ "-s" "-w" ]; ldflags = [ "-s" "-w" ];

View file

@ -47,23 +47,23 @@ let
# and often with different versions. We write them on three lines # and often with different versions. We write them on three lines
# like this (rather than using {}) so that the updater script can # like this (rather than using {}) so that the updater script can
# find where to edit them. # find where to edit them.
versions.aarch64-darwin = "5.12.0.11129"; versions.aarch64-darwin = "5.12.3.11845";
versions.x86_64-darwin = "5.12.0.11129"; versions.x86_64-darwin = "5.12.3.11845";
versions.x86_64-linux = "5.12.0.4682"; versions.x86_64-linux = "5.12.2.4816";
srcs = { srcs = {
aarch64-darwin = fetchurl { aarch64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.aarch64-darwin}/zoomusInstallerFull.pkg?archType=arm64"; url = "https://zoom.us/client/${versions.aarch64-darwin}/zoomusInstallerFull.pkg?archType=arm64";
name = "zoomusInstallerFull.pkg"; name = "zoomusInstallerFull.pkg";
hash = "sha256-0XhqJrls4X8wO9VNmmmUGexJkA9NDkwJkYRjmyV1kAU="; hash = "sha256-iDLxqG7/cdo60V0mFE3tX/Msi0rRUjoM8X9yq2rlvf0=";
}; };
x86_64-darwin = fetchurl { x86_64-darwin = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-darwin}/zoomusInstallerFull.pkg"; url = "https://zoom.us/client/${versions.x86_64-darwin}/zoomusInstallerFull.pkg";
hash = "sha256-E7+zMrW4y1RfsR1LrxCJRRVlA+BuhzwMI/sfzqNHObo="; hash = "sha256-+YOtdoh8S50+GHRLb6TPYCqDtry7SnnNqo7USzkDc7c=";
}; };
x86_64-linux = fetchurl { x86_64-linux = fetchurl {
url = "https://zoom.us/client/${versions.x86_64-linux}/zoom_x86_64.pkg.tar.xz"; url = "https://zoom.us/client/${versions.x86_64-linux}/zoom_x86_64.pkg.tar.xz";
hash = "sha256-UNtxyR4SMCP9c1Dre/arfdSVZbAV8qoHyHlvj3ZbXIs="; hash = "sha256-kgjooMqeZurzqIn3ADcgFjlqaC58dQNuIAHLx4M0S9I=";
}; };
}; };

View file

@ -21,11 +21,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "e16"; pname = "e16";
version = "1.0.25"; version = "1.0.26";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/enlightenment/e16-${version}.tar.xz"; url = "mirror://sourceforge/enlightenment/e16-${version}.tar.xz";
hash = "sha256-rUtDaBa4vvC3gO7QSkFrphWuVOmbtkH+pRujQDaUOek="; hash = "sha256-1FJFE4z8UT5VYv0Ef9pqi5sYq8iIbrDPKaqcUFf9dwE=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

View file

@ -1,6 +1,6 @@
{ ballerina, lib, writeText, runCommand, makeWrapper, fetchzip, stdenv, openjdk }: { ballerina, lib, writeText, runCommand, makeWrapper, fetchzip, stdenv, openjdk }:
let let
version = "2201.2.1"; version = "2201.2.2";
codeName = "swan-lake"; codeName = "swan-lake";
in stdenv.mkDerivation { in stdenv.mkDerivation {
pname = "ballerina"; pname = "ballerina";
@ -8,7 +8,7 @@ in stdenv.mkDerivation {
src = fetchzip { src = fetchzip {
url = "https://dist.ballerina.io/downloads/${version}/ballerina-${version}-${codeName}.zip"; url = "https://dist.ballerina.io/downloads/${version}/ballerina-${version}-${codeName}.zip";
sha256 = "sha256-QNXaEivwlqBdbpxGCYnfIN/fQkWlVu8lqGWKfLlVB5s="; sha256 = "sha256-xBr7lsZJKk4VXuUDt7IRQN/ZDH4WrxYjd1mBIoyb9qs=";
}; };
nativeBuildInputs = [ makeWrapper ]; nativeBuildInputs = [ makeWrapper ];

View file

@ -2,12 +2,12 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "clojure"; pname = "clojure";
version = "1.11.1.1165"; version = "1.11.1.1177";
src = fetchurl { src = fetchurl {
# https://clojure.org/releases/tools # https://clojure.org/releases/tools
url = "https://download.clojure.org/install/clojure-tools-${version}.tar.gz"; url = "https://download.clojure.org/install/clojure-tools-${version}.tar.gz";
sha256 = "sha256-UXukXP6Dt1Clj4JGvO5WmuFJ2HJGkPLbyP8xhxU/6dE="; sha256 = "sha256-Axutyw+f7TPObxcw8llbu3r0zxYIKxFnBuUp+trR9eI=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

View file

@ -2,11 +2,11 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "armadillo"; pname = "armadillo";
version = "11.4.1"; version = "11.4.2";
src = fetchurl { src = fetchurl {
url = "mirror://sourceforge/arma/armadillo-${version}.tar.xz"; url = "mirror://sourceforge/arma/armadillo-${version}.tar.xz";
sha256 = "sha256-2ttf01vE3CUbNvXdgHKcPFiNZeLsvNTk41mtnLBFI/s="; sha256 = "sha256-5oYBNPGsllbGoczHTHS3X4xZZqyGEoQfL78Mkc459Ok=";
}; };
nativeBuildInputs = [ cmake ]; nativeBuildInputs = [ cmake ];

View file

@ -0,0 +1,33 @@
{
lib,
fetchzip,
buildDunePackage,
bls12-381,
alcotest,
bisect_ppx,
integers_stubs_js,
}:
buildDunePackage rec {
pname = "bls12-381-signature";
version = "1.0.0";
src = fetchzip {
url = "https://gitlab.com/nomadic-labs/cryptography/ocaml-${pname}/-/archive/${version}/ocaml-bls12-381-signature-${version}.tar.bz2";
sha256 = "sha256-KaUpAT+BWxmUP5obi4loR9vVUeQmz3p3zG3CBolUuL4=";
};
minimalOCamlVersion = "4.08";
propagatedBuildInputs = [ bls12-381 ];
checkInputs = [alcotest bisect_ppx integers_stubs_js];
doCheck = true;
meta = {
description = "Implementation of BLS signatures for the pairing-friendly curve BLS12-381";
license = lib.licenses.mit;
homepage = "https://gitlab.com/nomadic-labs/cryptography/ocaml-bls12-381-signature";
maintainers = [lib.maintainers.ulrikstrid];
};
}

View file

@ -8,13 +8,13 @@
buildDunePackage rec { buildDunePackage rec {
pname = "git"; pname = "git";
version = "3.9.1"; version = "3.10.0";
minimalOCamlVersion = "4.08"; minimalOCamlVersion = "4.08";
src = fetchurl { src = fetchurl {
url = "https://github.com/mirage/ocaml-git/releases/download/${version}/git-${version}.tbz"; url = "https://github.com/mirage/ocaml-git/releases/download/${version}/git-${version}.tbz";
sha256 = "sha256-OyeMW5gsq4fMEWRmhzPq2qardFZtMjoQk6mMKz5+Ds4="; sha256 = "sha256-slUzAT4qwPzUNzHMbib/ArxaGzcMFl8tg0ynq1y5U1M=";
}; };
# remove changelog for the carton package # remove changelog for the carton package

View file

@ -25,11 +25,11 @@
buildDunePackage rec { buildDunePackage rec {
pname = "paf"; pname = "paf";
version = "0.1.0"; version = "0.2.0";
src = fetchurl { src = fetchurl {
url = "https://github.com/dinosaure/paf-le-chien/releases/download/${version}/paf-${version}.tbz"; url = "https://github.com/dinosaure/paf-le-chien/releases/download/${version}/paf-${version}.tbz";
sha256 = "sha256-JIJjECEbajauowbXot19vtiDhTpGAQiSCBY0AHZOyZM="; sha256 = "sha256-TzhRxFTPkLMAsLPl0ONC8DRhJRGstF58+QRKbGuJZVE=";
}; };
minimalOCamlVersion = "4.08"; minimalOCamlVersion = "4.08";

View file

@ -4,6 +4,7 @@
buildDunePackage, buildDunePackage,
bls12-381, bls12-381,
data-encoding, data-encoding,
bigstringaf,
alcotest, alcotest,
alcotest-lwt, alcotest-lwt,
bisect_ppx, bisect_ppx,
@ -12,16 +13,16 @@
buildDunePackage rec { buildDunePackage rec {
pname = "tezos-bls12-381-polynomial"; pname = "tezos-bls12-381-polynomial";
version = "0.1.2"; version = "0.1.3";
duneVersion = "3"; duneVersion = "3";
src = fetchFromGitLab { src = fetchFromGitLab {
owner = "nomadic-labs/cryptography"; owner = "nomadic-labs/cryptography";
repo = "privacy-team"; repo = "privacy-team";
rev = "v${version}"; rev = "v${version}";
sha256 = "sha256-HVeKZCPBRJWQXkcI2J7Fl4qGviYLD5x+4W4pAY/W4jA="; sha256 = "sha256-H1Wog3GItTIVsawr9JkyyKq+uGqbTQPTR1dacpmxLbs=";
}; };
propagatedBuildInputs = [bls12-381 data-encoding]; propagatedBuildInputs = [bls12-381 data-encoding bigstringaf];
checkInputs = [alcotest alcotest-lwt bisect_ppx qcheck-alcotest]; checkInputs = [alcotest alcotest-lwt bisect_ppx qcheck-alcotest];

View file

@ -1,22 +1,41 @@
{ lib, buildPythonPackage, fetchPypi, isPy3k, six, httplib2, requests }: { lib
, buildPythonPackage
, fetchPypi
, pythonOlder
, requests
, typing-extensions
}:
buildPythonPackage rec { buildPythonPackage rec {
pname = "mailmanclient"; pname = "mailmanclient";
version = "3.3.3"; version = "3.3.4";
disabled = !isPy3k; format = "setuptools";
disabled = pythonOlder "3.7";
src = fetchPypi { src = fetchPypi {
inherit pname version; inherit pname version;
sha256 = "92fe624675e41f41f59de1208e0125dfaa8d062bbe6138bd7cd79e4dd0b6f85e"; hash = "sha256-0y31HXjvU/bwy0s0PcDOlrX1RdyTTnk41ceD4A0R4p4=";
}; };
propagatedBuildInputs = [ six httplib2 requests ]; propagatedBuildInputs = [
requests
] ++ lib.optionals (pythonOlder "3.8") [
typing-extensions
];
# Tests require a running Mailman instance
doCheck = false;
pythonImportsCheck = [
"mailmanclient"
];
meta = with lib; { meta = with lib; {
homepage = "https://www.gnu.org/software/mailman/";
description = "REST client for driving Mailman 3"; description = "REST client for driving Mailman 3";
license = licenses.lgpl3; homepage = "https://www.gnu.org/software/mailman/";
platforms = platforms.linux; license = licenses.lgpl3Plus;
maintainers = with maintainers; [ globin qyliss ]; maintainers = with maintainers; [ globin qyliss ];
platforms = platforms.linux;
}; };
} }

View file

@ -15,16 +15,16 @@ let
in in
buildGoModule rec { buildGoModule rec {
pname = "minio"; pname = "minio";
version = "2022-10-20T00-55-09Z"; version = "2022-10-21T22-37-48Z";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "minio"; owner = "minio";
repo = "minio"; repo = "minio";
rev = "RELEASE.${version}"; rev = "RELEASE.${version}";
sha256 = "sha256-O3+2FKAiprFucx05T9lYcA30yr9KSlDF9VEbAgH4B0E="; sha256 = "sha256-kdf1V7qg/UwVASYYSAY2kfT8m+cmOnAb69FVzdzvZ5Y=";
}; };
vendorSha256 = "sha256-dl+7K/Vd1ybCc1IHwITaHroeLymyk5kWqqIwmLgYYA8="; vendorSha256 = "sha256-m2U2VfUBAmPMFOXhSCQCxtwWI1eFh5TLAp8Izqi8HLQ=";
doCheck = false; doCheck = false;

View file

@ -27,6 +27,6 @@ rustPlatform.buildRustPackage rec {
description = "A command line interface for Amazon EBS snapshots"; description = "A command line interface for Amazon EBS snapshots";
changelog = "https://github.com/awslabs/coldsnap/blob/${src.rev}/CHANGELOG.md"; changelog = "https://github.com/awslabs/coldsnap/blob/${src.rev}/CHANGELOG.md";
license = licenses.apsl20; license = licenses.apsl20;
maintainers = with maintainers; [ hoverbear ]; maintainers = teams.determinatesystems.members;
}; };
} }

View file

@ -13,13 +13,13 @@
stdenv.mkDerivation rec { stdenv.mkDerivation rec {
pname = "gummy"; pname = "gummy";
version = "0.2"; version = "0.3";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "fushko"; owner = "fushko";
repo = "gummy"; repo = "gummy";
rev = version; rev = version;
sha256 = "sha256-nX5wEJ4HmgFHIgJP2MstBzQjU/9lrXOXoIl1vlolqak="; sha256 = "sha256-dw2yOXTS61OIe+NOq8MPydhkZvTit13eC7cbL5nFseg=";
}; };
nativeBuildInputs = [ nativeBuildInputs = [

View file

@ -2,13 +2,13 @@
let let
pname = "jadx"; pname = "jadx";
version = "1.4.4"; version = "1.4.5";
src = fetchFromGitHub { src = fetchFromGitHub {
owner = "skylot"; owner = "skylot";
repo = pname; repo = pname;
rev = "v${version}"; rev = "v${version}";
hash = "sha256-ku82SHCJhrruJEiojH6Rp7FUWvM8KtvDivL8CE5C8gc="; hash = "sha256-so82zzCXIJV5tIVUBJFZEpArThNQVqWASGofNzIobQM=";
}; };
deps = stdenv.mkDerivation { deps = stdenv.mkDerivation {
@ -37,16 +37,23 @@ let
find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \ find $GRADLE_USER_HOME/caches/modules-2 -type f -regex '.*\.\(jar\|pom\)' \
| perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/$x/$3/$4/$5" #e' \ | perl -pe 's#(.*/([^/]+)/([^/]+)/([^/]+)/[0-9a-f]{30,40}/([^/\s]+))$# ($x = $2) =~ tr|\.|/|; "install -Dm444 $1 \$out/$x/$3/$4/$5" #e' \
| sh | sh
# Work around okio-2.10.0 bug, fixed in 3.0. Remove "-jvm" from filename.
# https://github.com/square/okio/issues/954
mv $out/com/squareup/okio/okio/2.10.0/okio{-jvm,}-2.10.0.jar
''; '';
outputHashMode = "recursive"; outputHashMode = "recursive";
outputHash = "sha256-nGejkCScX45VMT2nNArqG+fqOGvDwzeH9Xob4XMtdow="; outputHash = "sha256-J6YpBYVqx+aWiMFX/67T7bhu4RTlKVaT4t359YJ6m7I=";
}; };
in stdenv.mkDerivation { in stdenv.mkDerivation {
inherit pname version src; inherit pname version src;
nativeBuildInputs = [ gradle jdk makeWrapper ]; nativeBuildInputs = [ gradle jdk makeWrapper ];
# Otherwise, Gradle fails with `java.net.SocketException: Operation not permitted`
__darwinAllowLocalNetworking = true;
buildPhase = '' buildPhase = ''
# The installDist Gradle build phase tries to copy some dependency .jar # The installDist Gradle build phase tries to copy some dependency .jar
# files multiple times into the build directory. This ends up failing when # files multiple times into the build directory. This ends up failing when

View file

@ -7160,9 +7160,7 @@ with pkgs;
git-latexdiff = callPackage ../tools/typesetting/git-latexdiff { }; git-latexdiff = callPackage ../tools/typesetting/git-latexdiff { };
gitea = callPackage ../applications/version-management/gitea { gitea = callPackage ../applications/version-management/gitea { };
buildGoPackage = buildGo118Package; # nixosTests.gitea fails with 1.19
};
gokart = callPackage ../development/tools/gokart { }; gokart = callPackage ../development/tools/gokart { };

View file

@ -94,6 +94,8 @@ let
bls12-381-gen = callPackage ../development/ocaml-modules/bls12-381/gen.nix { }; bls12-381-gen = callPackage ../development/ocaml-modules/bls12-381/gen.nix { };
bls12-381-legacy = callPackage ../development/ocaml-modules/bls12-381/legacy.nix { }; bls12-381-legacy = callPackage ../development/ocaml-modules/bls12-381/legacy.nix { };
bls12-381-signature = callPackage ../development/ocaml-modules/bls12-381-signature { };
bos = callPackage ../development/ocaml-modules/bos { }; bos = callPackage ../development/ocaml-modules/bos { };
brisk-reconciler = callPackage ../development/ocaml-modules/brisk-reconciler { }; brisk-reconciler = callPackage ../development/ocaml-modules/brisk-reconciler { };