Merge staging-next into staging

maintainers/maintainer-list.nix

@@ -9760,6 +9760,12 @@
     githubId = 37246692;
     name = "Riley Inman";
   };
+  riotbib = {
+    email = "github-nix@lnrt.de";
+    github = "riotbib";
+    githubId = 43172581;
+    name = "Lennart Mühlenmeier";
+  };
   ris = {
     email = "code@humanleg.org.uk";
     github = "risicle";

nixos/modules/security/pam.nix

@@ -410,46 +410,64 @@ let
       # Samba stuff to the Samba module.  This requires that the PAM
       # module provides the right hooks.
       text = mkDefault
-        (''
-          # Account management.
-          account required pam_unix.so
-          ${optionalString use_ldap
-              "account sufficient ${pam_ldap}/lib/security/pam_ldap.so"}
-          ${optionalString (config.services.sssd.enable && cfg.sssdStrictAccess==false)
-              "account sufficient ${pkgs.sssd}/lib/security/pam_sss.so"}
-          ${optionalString (config.services.sssd.enable && cfg.sssdStrictAccess)
-              "account [default=bad success=ok user_unknown=ignore] ${pkgs.sssd}/lib/security/pam_sss.so"}
-          ${optionalString config.krb5.enable
-              "account sufficient ${pam_krb5}/lib/security/pam_krb5.so"}
-          ${optionalString cfg.googleOsLoginAccountVerification ''
+        (
+          ''
+            # Account management.
+            account required pam_unix.so
+          '' +
+          optionalString use_ldap ''
+            account sufficient ${pam_ldap}/lib/security/pam_ldap.so
+          '' +
+          optionalString (config.services.sssd.enable && cfg.sssdStrictAccess==false) ''
+            account sufficient ${pkgs.sssd}/lib/security/pam_sss.so
+          '' +
+          optionalString (config.services.sssd.enable && cfg.sssdStrictAccess) ''
+            account [default=bad success=ok user_unknown=ignore] ${pkgs.sssd}/lib/security/pam_sss.so
+          '' +
+          optionalString config.krb5.enable ''
+            account sufficient ${pam_krb5}/lib/security/pam_krb5.so
+          '' +
+          optionalString cfg.googleOsLoginAccountVerification ''
             account [success=ok ignore=ignore default=die] ${pkgs.google-compute-engine-oslogin}/lib/pam_oslogin_login.so
             account [success=ok default=ignore] ${pkgs.google-compute-engine-oslogin}/lib/pam_oslogin_admin.so
-          ''}
+          '' +
+          ''
 
-          # Authentication management.
-          ${optionalString cfg.googleOsLoginAuthentication
-              "auth [success=done perm_denied=bad default=ignore] ${pkgs.google-compute-engine-oslogin}/lib/pam_oslogin_login.so"}
-          ${optionalString cfg.rootOK
-              "auth sufficient pam_rootok.so"}
-          ${optionalString cfg.requireWheel
-              "auth required pam_wheel.so use_uid"}
-          ${optionalString cfg.logFailures
-              "auth required pam_faillock.so"}
-          ${optionalString (config.security.pam.enableSSHAgentAuth && cfg.sshAgentAuth)
-              "auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=${lib.concatStringsSep ":" config.services.openssh.authorizedKeysFiles}"}
-          ${let p11 = config.security.pam.p11; in optionalString cfg.p11Auth
-              "auth ${p11.control} ${pkgs.pam_p11}/lib/security/pam_p11.so ${pkgs.opensc}/lib/opensc-pkcs11.so"}
-          ${let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth
-              "auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} ${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"} ${optionalString (u2f.appId != null) "appid=${u2f.appId}"}"}
-          ${optionalString cfg.usbAuth
-              "auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so"}
-          ${let oath = config.security.pam.oath; in optionalString cfg.oathAuth
-              "auth requisite ${pkgs.oathToolkit}/lib/security/pam_oath.so window=${toString oath.window} usersfile=${toString oath.usersFile} digits=${toString oath.digits}"}
-          ${let yubi = config.security.pam.yubico; in optionalString cfg.yubicoAuth
-              "auth ${yubi.control} ${pkgs.yubico-pam}/lib/security/pam_yubico.so mode=${toString yubi.mode} ${optionalString (yubi.challengeResponsePath != null) "chalresp_path=${yubi.challengeResponsePath}"} ${optionalString (yubi.mode == "client") "id=${toString yubi.id}"} ${optionalString yubi.debug "debug"}"}
-          ${optionalString cfg.fprintAuth
-              "auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so"}
-        '' +
+            # Authentication management.
+          '' +
+          optionalString cfg.googleOsLoginAuthentication ''
+            auth [success=done perm_denied=bad default=ignore] ${pkgs.google-compute-engine-oslogin}/lib/pam_oslogin_login.so
+          '' +
+          optionalString cfg.rootOK ''
+            auth sufficient pam_rootok.so
+          '' +
+          optionalString cfg.requireWheel ''
+            auth required pam_wheel.so use_uid
+          '' +
+          optionalString cfg.logFailures ''
+            auth required pam_faillock.so
+          '' +
+          optionalString (config.security.pam.enableSSHAgentAuth && cfg.sshAgentAuth) ''
+            auth sufficient ${pkgs.pam_ssh_agent_auth}/libexec/pam_ssh_agent_auth.so file=${lib.concatStringsSep ":" config.services.openssh.authorizedKeysFiles}
+          '' +
+          (let p11 = config.security.pam.p11; in optionalString cfg.p11Auth ''
+            auth ${p11.control} ${pkgs.pam_p11}/lib/security/pam_p11.so ${pkgs.opensc}/lib/opensc-pkcs11.so
+          '') +
+          (let u2f = config.security.pam.u2f; in optionalString cfg.u2fAuth ''
+            auth ${u2f.control} ${pkgs.pam_u2f}/lib/security/pam_u2f.so ${optionalString u2f.debug "debug"} ${optionalString (u2f.authFile != null) "authfile=${u2f.authFile}"} ${optionalString u2f.interactive "interactive"} ${optionalString u2f.cue "cue"} ${optionalString (u2f.appId != null) "appid=${u2f.appId}"}
+          '') +
+          optionalString cfg.usbAuth ''
+            auth sufficient ${pkgs.pam_usb}/lib/security/pam_usb.so
+          '' +
+          (let oath = config.security.pam.oath; in optionalString cfg.oathAuth ''
+            auth requisite ${pkgs.oathToolkit}/lib/security/pam_oath.so window=${toString oath.window} usersfile=${toString oath.usersFile} digits=${toString oath.digits}
+          '') +
+          (let yubi = config.security.pam.yubico; in optionalString cfg.yubicoAuth ''
+            auth ${yubi.control} ${pkgs.yubico-pam}/lib/security/pam_yubico.so mode=${toString yubi.mode} ${optionalString (yubi.challengeResponsePath != null) "chalresp_path=${yubi.challengeResponsePath}"} ${optionalString (yubi.mode == "client") "id=${toString yubi.id}"} ${optionalString yubi.debug "debug"}
+          '') +
+          optionalString cfg.fprintAuth ''
+            auth sufficient ${pkgs.fprintd}/lib/security/pam_fprintd.so
+          '' +
           # Modules in this block require having the password set in PAM_AUTHTOK.
           # pam_unix is marked as 'sufficient' on NixOS which means nothing will run
           # after it succeeds. Certain modules need to run after pam_unix
@@ -457,115 +475,151 @@ let
           # earlier point and it will run again with 'sufficient' further down.
           # We use try_first_pass the second time to avoid prompting password twice
           (optionalString (cfg.unixAuth &&
-          (config.security.pam.enableEcryptfs
-            || cfg.pamMount
-            || cfg.enableKwallet
-            || cfg.enableGnomeKeyring
-            || cfg.googleAuthenticator.enable
-            || cfg.gnupg.enable
-            || cfg.duoSecurity.enable)) ''
-              auth required pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth
-              ${optionalString config.security.pam.enableEcryptfs
-                "auth optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so unwrap"}
-              ${optionalString cfg.pamMount
-                "auth optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive"}
-              ${optionalString cfg.enableKwallet
-                ("auth optional ${pkgs.plasma5Packages.kwallet-pam}/lib/security/pam_kwallet5.so" +
-                 " kwalletd=${pkgs.plasma5Packages.kwallet.bin}/bin/kwalletd5")}
-              ${optionalString cfg.enableGnomeKeyring
-                "auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so"}
-              ${optionalString cfg.gnupg.enable
-                "auth optional ${pkgs.pam_gnupg}/lib/security/pam_gnupg.so"
-                + optionalString cfg.gnupg.storeOnly " store-only"
-               }
-              ${optionalString cfg.googleAuthenticator.enable
-                "auth required ${pkgs.googleAuthenticator}/lib/security/pam_google_authenticator.so no_increment_hotp"}
-              ${optionalString cfg.duoSecurity.enable
-                "auth required ${pkgs.duo-unix}/lib/security/pam_duo.so"}
-            '') + ''
-          ${optionalString cfg.unixAuth
-              "auth sufficient pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth try_first_pass"}
-          ${optionalString cfg.otpwAuth
-              "auth sufficient ${pkgs.otpw}/lib/security/pam_otpw.so"}
-          ${optionalString use_ldap
-              "auth sufficient ${pam_ldap}/lib/security/pam_ldap.so use_first_pass"}
-          ${optionalString config.services.sssd.enable
-              "auth sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_first_pass"}
-          ${optionalString config.krb5.enable ''
+            (config.security.pam.enableEcryptfs
+              || cfg.pamMount
+              || cfg.enableKwallet
+              || cfg.enableGnomeKeyring
+              || cfg.googleAuthenticator.enable
+              || cfg.gnupg.enable
+              || cfg.duoSecurity.enable))
+            (
+              ''
+                auth required pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth
+              '' +
+              optionalString config.security.pam.enableEcryptfs ''
+                auth optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so unwrap
+              '' +
+              optionalString cfg.pamMount ''
+                auth optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive
+              '' +
+              optionalString cfg.enableKwallet ''
+               auth optional ${pkgs.plasma5Packages.kwallet-pam}/lib/security/pam_kwallet5.so kwalletd=${pkgs.plasma5Packages.kwallet.bin}/bin/kwalletd5
+              '' +
+              optionalString cfg.enableGnomeKeyring ''
+                auth optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so
+              '' +
+              optionalString cfg.gnupg.enable ''
+                auth optional ${pkgs.pam_gnupg}/lib/security/pam_gnupg.so ${optionalString cfg.gnupg.storeOnly " store-only"}
+              '' +
+              optionalString cfg.googleAuthenticator.enable ''
+                auth required ${pkgs.googleAuthenticator}/lib/security/pam_google_authenticator.so no_increment_hotp
+              '' +
+              optionalString cfg.duoSecurity.enable ''
+                auth required ${pkgs.duo-unix}/lib/security/pam_duo.so
+              ''
+            )) +
+          optionalString cfg.unixAuth ''
+            auth sufficient pam_unix.so ${optionalString cfg.allowNullPassword "nullok"} ${optionalString cfg.nodelay "nodelay"} likeauth try_first_pass
+          '' +
+          optionalString cfg.otpwAuth ''
+            auth sufficient ${pkgs.otpw}/lib/security/pam_otpw.so
+          '' +
+          optionalString use_ldap ''
+            auth sufficient ${pam_ldap}/lib/security/pam_ldap.so use_first_pass
+          '' +
+          optionalString config.services.sssd.enable ''
+            auth sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_first_pass
+          '' +
+          optionalString config.krb5.enable ''
             auth [default=ignore success=1 service_err=reset] ${pam_krb5}/lib/security/pam_krb5.so use_first_pass
             auth [default=die success=done] ${pam_ccreds}/lib/security/pam_ccreds.so action=validate use_first_pass
             auth sufficient ${pam_ccreds}/lib/security/pam_ccreds.so action=store use_first_pass
-          ''}
-          auth required pam_deny.so
+          '' +
+          ''
+            auth required pam_deny.so
 
-          # Password management.
-          password sufficient pam_unix.so nullok sha512
-          ${optionalString config.security.pam.enableEcryptfs
-              "password optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so"}
-          ${optionalString cfg.pamMount
-              "password optional ${pkgs.pam_mount}/lib/security/pam_mount.so"}
-          ${optionalString use_ldap
-              "password sufficient ${pam_ldap}/lib/security/pam_ldap.so"}
-          ${optionalString config.services.sssd.enable
-              "password sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_authtok"}
-          ${optionalString config.krb5.enable
-              "password sufficient ${pam_krb5}/lib/security/pam_krb5.so use_first_pass"}
-          ${optionalString cfg.enableGnomeKeyring
-              "password optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so use_authtok"}
+            # Password management.
+            password sufficient pam_unix.so nullok sha512
+          '' +
+          optionalString config.security.pam.enableEcryptfs ''
+            password optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so
+          '' +
+          optionalString cfg.pamMount ''
+            password optional ${pkgs.pam_mount}/lib/security/pam_mount.so
+          '' +
+          optionalString use_ldap ''
+            password sufficient ${pam_ldap}/lib/security/pam_ldap.so
+          '' +
+          optionalString config.services.sssd.enable ''
+            password sufficient ${pkgs.sssd}/lib/security/pam_sss.so use_authtok
+          '' +
+          optionalString config.krb5.enable ''
+            password sufficient ${pam_krb5}/lib/security/pam_krb5.so use_first_pass
+          '' +
+          optionalString cfg.enableGnomeKeyring ''
+            password optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so use_authtok
+          '' +
+          ''
 
-          # Session management.
-          ${optionalString cfg.setEnvironment ''
+            # Session management.
+          '' +
+          optionalString cfg.setEnvironment ''
             session required pam_env.so conffile=/etc/pam/environment readenv=0
-          ''}
-          session required pam_unix.so
-          ${optionalString cfg.setLoginUid
-              "session ${
-                if config.boot.isContainer then "optional" else "required"
-              } pam_loginuid.so"}
-          ${optionalString cfg.ttyAudit.enable
-              "session required ${pkgs.pam}/lib/security/pam_tty_audit.so
+          '' +
+          ''
+            session required pam_unix.so
+          '' +
+          optionalString cfg.setLoginUid ''
+            session ${if config.boot.isContainer then "optional" else "required"} pam_loginuid.so
+          '' +
+          optionalString cfg.ttyAudit.enable ''
+            session required ${pkgs.pam}/lib/security/pam_tty_audit.so
                 open_only=${toString cfg.ttyAudit.openOnly}
                 ${optionalString (cfg.ttyAudit.enablePattern != null) "enable=${cfg.ttyAudit.enablePattern}"}
                 ${optionalString (cfg.ttyAudit.disablePattern != null) "disable=${cfg.ttyAudit.disablePattern}"}
-              "}
-          ${optionalString cfg.makeHomeDir
-              "session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=0077"}
-          ${optionalString cfg.updateWtmp
-              "session required ${pkgs.pam}/lib/security/pam_lastlog.so silent"}
-          ${optionalString config.security.pam.enableEcryptfs
-              "session optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so"}
-          ${optionalString cfg.pamMount
-              "session optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive"}
-          ${optionalString use_ldap
-              "session optional ${pam_ldap}/lib/security/pam_ldap.so"}
-          ${optionalString config.services.sssd.enable
-              "session optional ${pkgs.sssd}/lib/security/pam_sss.so"}
-          ${optionalString config.krb5.enable
-              "session optional ${pam_krb5}/lib/security/pam_krb5.so"}
-          ${optionalString cfg.otpwAuth
-              "session optional ${pkgs.otpw}/lib/security/pam_otpw.so"}
-          ${optionalString cfg.startSession
-              "session optional ${pkgs.systemd}/lib/security/pam_systemd.so"}
-          ${optionalString cfg.forwardXAuth
-              "session optional pam_xauth.so xauthpath=${pkgs.xorg.xauth}/bin/xauth systemuser=99"}
-          ${optionalString (cfg.limits != [])
-              "session required ${pkgs.pam}/lib/security/pam_limits.so conf=${makeLimitsConf cfg.limits}"}
-          ${optionalString (cfg.showMotd && config.users.motd != null)
-              "session optional ${pkgs.pam}/lib/security/pam_motd.so motd=${motd}"}
-          ${optionalString (cfg.enableAppArmor && config.security.apparmor.enable)
-              "session optional ${pkgs.apparmor-pam}/lib/security/pam_apparmor.so order=user,group,default debug"}
-          ${optionalString (cfg.enableKwallet)
-              ("session optional ${pkgs.plasma5Packages.kwallet-pam}/lib/security/pam_kwallet5.so" +
-               " kwalletd=${pkgs.plasma5Packages.kwallet.bin}/bin/kwalletd5")}
-          ${optionalString (cfg.enableGnomeKeyring)
-              "session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start"}
-          ${optionalString cfg.gnupg.enable
-              "session optional ${pkgs.pam_gnupg}/lib/security/pam_gnupg.so"
-              + optionalString cfg.gnupg.noAutostart " no-autostart"
-           }
-          ${optionalString (config.virtualisation.lxc.lxcfs.enable)
-               "session optional ${pkgs.lxc}/lib/security/pam_cgfs.so -c all"}
-        '');
+          '' +
+          optionalString cfg.makeHomeDir ''
+            session required ${pkgs.pam}/lib/security/pam_mkhomedir.so silent skel=${config.security.pam.makeHomeDir.skelDirectory} umask=0077
+          '' +
+          optionalString cfg.updateWtmp ''
+            session required ${pkgs.pam}/lib/security/pam_lastlog.so silent
+          '' +
+          optionalString config.security.pam.enableEcryptfs ''
+            session optional ${pkgs.ecryptfs}/lib/security/pam_ecryptfs.so
+          '' +
+          optionalString cfg.pamMount ''
+            session optional ${pkgs.pam_mount}/lib/security/pam_mount.so disable_interactive
+          '' +
+          optionalString use_ldap ''
+            session optional ${pam_ldap}/lib/security/pam_ldap.so
+          '' +
+          optionalString config.services.sssd.enable ''
+            session optional ${pkgs.sssd}/lib/security/pam_sss.so
+          '' +
+          optionalString config.krb5.enable ''
+            session optional ${pam_krb5}/lib/security/pam_krb5.so
+          '' +
+          optionalString cfg.otpwAuth ''
+            session optional ${pkgs.otpw}/lib/security/pam_otpw.so
+          '' +
+          optionalString cfg.startSession ''
+            session optional ${pkgs.systemd}/lib/security/pam_systemd.so
+          '' +
+          optionalString cfg.forwardXAuth ''
+            session optional pam_xauth.so xauthpath=${pkgs.xorg.xauth}/bin/xauth systemuser=99
+          '' +
+          optionalString (cfg.limits != []) ''
+            session required ${pkgs.pam}/lib/security/pam_limits.so conf=${makeLimitsConf cfg.limits}
+          '' +
+          optionalString (cfg.showMotd && config.users.motd != null) ''
+            session optional ${pkgs.pam}/lib/security/pam_motd.so motd=${motd}
+          '' +
+          optionalString (cfg.enableAppArmor && config.security.apparmor.enable) ''
+            session optional ${pkgs.apparmor-pam}/lib/security/pam_apparmor.so order=user,group,default debug
+          '' +
+          optionalString (cfg.enableKwallet) ''
+            session optional ${pkgs.plasma5Packages.kwallet-pam}/lib/security/pam_kwallet5.so kwalletd=${pkgs.plasma5Packages.kwallet.bin}/bin/kwalletd5
+          '' +
+          optionalString (cfg.enableGnomeKeyring) ''
+            session optional ${pkgs.gnome.gnome-keyring}/lib/security/pam_gnome_keyring.so auto_start
+          '' +
+          optionalString cfg.gnupg.enable ''
+            session optional ${pkgs.pam_gnupg}/lib/security/pam_gnupg.so ${optionalString cfg.gnupg.noAutostart " no-autostart"}
+          '' +
+          optionalString (config.virtualisation.lxc.lxcfs.enable) ''
+            session optional ${pkgs.lxc}/lib/security/pam_cgfs.so -c all
+          ''
+        );
     };
 
   };

nixos/modules/services/misc/xmrig.nix

@@ -51,6 +51,8 @@ with lib;
   };
 
   config = mkIf cfg.enable {
+    boot.kernelModules = [ "msr" ];
+
     systemd.services.xmrig = {
       wantedBy = [ "multi-user.target" ];
       after = [ "network.target" ];
@@ -58,7 +60,11 @@ with lib;
       serviceConfig = {
         ExecStartPre = "${cfg.package}/bin/xmrig --config=${configFile} --dry-run";
         ExecStart = "${cfg.package}/bin/xmrig --config=${configFile}";
-        DynamicUser = true;
+        # https://xmrig.com/docs/miner/randomx-optimization-guide/msr
+        # If you use recent XMRig with root privileges (Linux) or admin
+        # privileges (Windows) the miner configure all MSR registers
+        # automatically.
+        DynamicUser = lib.mkDefault false;
       };
     };
   };

nixos/modules/services/monitoring/zabbix-server.nix

@@ -250,7 +250,12 @@ in
     };
 
     security.wrappers = {
-      fping.source = "${pkgs.fping}/bin/fping";
+      fping =
+        { setuid = true;
+          owner = "root";
+          group = "root";
+          source = "${pkgs.fping}/bin/fping";
+        };
     };
 
     systemd.services.zabbix-server = {

pkgs/applications/networking/instant-messengers/deltachat-desktop/default.nix

@@ -3,6 +3,7 @@
 , electron
 , esbuild
 , fetchFromGitHub
+, fetchpatch
 , libdeltachat
 , makeDesktopItem
 , makeWrapper
@@ -14,6 +15,33 @@
 }:
 
 let
+  libdeltachat' = libdeltachat.overrideAttrs (old: rec {
+    version = "1.60.0";
+    src = fetchFromGitHub {
+      owner = "deltachat";
+      repo = "deltachat-core-rust";
+      rev = version;
+      sha256 = "1agm5xyaib4ynmw4mhgmkhh4lnxs91wv0q9i1zfihv2vkckfm2s2";
+    };
+    cargoDeps = rustPlatform.fetchCargoTarball {
+      inherit src;
+      name = "${old.pname}-${version}";
+      sha256 = "09d3mw2hb1gmqg7smaqwnfm7izw40znl0h1dz7s2imms2cnkjws1";
+    };
+    patches = [
+      # https://github.com/deltachat/deltachat-core-rust/pull/2589
+      (fetchpatch {
+        url = "https://github.com/deltachat/deltachat-core-rust/commit/408467e85d04fbbfd6bed5908d84d9e995943487.patch";
+        sha256 = "1j2ywaazglgl6370js34acrg0wrh0b7krqg05dfjf65n527lzn59";
+      })
+      ./no-static-lib.patch
+      # https://github.com/deltachat/deltachat-core-rust/pull/2660
+      (fetchpatch {
+        url = "https://github.com/deltachat/deltachat-core-rust/commit/8fb5e038a97d8ae68564c885d61b93127a68366d.patch";
+        sha256 = "088pzfrrkgfi4646dc72404s3kykcpni7hgkppalwlzg0p4is41x";
+      })
+    ];
+  });
   electronExec = if stdenv.isDarwin then
     "${electron}/Applications/Electron.app/Contents/MacOS/Electron"
   else
@@ -38,7 +66,7 @@ in nodePackages.deltachat-desktop.override rec {
   ];
 
   buildInputs = [
-    libdeltachat
+    libdeltachat'
   ] ++ lib.optionals stdenv.isDarwin [
     CoreServices
   ];

pkgs/applications/networking/instant-messengers/deltachat-desktop/no-static-lib.patch

@@ -0,0 +1,39 @@
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index fe7abe08..acdbe0d6 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -13,7 +13,6 @@ find_program(CARGO cargo)
+ 
+ add_custom_command(
+ 	OUTPUT
+-	"target/release/libdeltachat.a"
+ 	"target/release/libdeltachat.${DYNAMIC_EXT}"
+ 	"target/release/pkgconfig/deltachat.pc"
+         COMMAND
+@@ -38,13 +37,11 @@ add_custom_target(
+ 	lib_deltachat
+ 	ALL
+ 	DEPENDS
+-	"target/release/libdeltachat.a"
+ 	"target/release/libdeltachat.${DYNAMIC_EXT}"
+ 	"target/release/pkgconfig/deltachat.pc"
+ )
+ 
+ include(GNUInstallDirs)
+ install(FILES "deltachat-ffi/deltachat.h" DESTINATION ${CMAKE_INSTALL_INCLUDEDIR})
+-install(FILES "target/release/libdeltachat.a" DESTINATION ${CMAKE_INSTALL_LIBDIR})
+ install(FILES "target/release/libdeltachat.${DYNAMIC_EXT}" DESTINATION ${CMAKE_INSTALL_LIBDIR})
+ install(FILES "target/release/pkgconfig/deltachat.pc" DESTINATION ${CMAKE_INSTALL_LIBDIR}/pkgconfig)
+diff --git a/deltachat-ffi/Cargo.toml b/deltachat-ffi/Cargo.toml
+index a34a27ba..cf354abb 100644
+--- a/deltachat-ffi/Cargo.toml
++++ b/deltachat-ffi/Cargo.toml
+@@ -12,7 +12,7 @@ categories = ["cryptography", "std", "email"]
+ 
+ [lib]
+ name = "deltachat"
+-crate-type = ["cdylib", "staticlib"]
++crate-type = ["cdylib"]
+ 
+ [dependencies]
+ deltachat = { path = "../", default-features = false }

pkgs/applications/networking/instant-messengers/deltachat-desktop/update.sh

@@ -1,5 +1,5 @@
 #! /usr/bin/env nix-shell
-#! nix-shell -i bash -p curl jq nix-prefetch
+#! nix-shell -i bash -p coreutils curl gnused jq moreutils nix-prefetch
 
 set -euo pipefail
 cd "$(dirname "$0")"
@@ -13,7 +13,7 @@ rev=$(
     jq 'map(select(.prerelease | not)) | .[0].tag_name' --raw-output
 )
 ver=$(echo "$rev" | sed 's/^v//')
-old_ver=$(sed -n 's/.*\bversion = "\(.*\)".*/\1/p' default.nix)
+old_ver=$(tac default.nix | sed -n 's/.*\bversion = "\(.*\)".*/\1/p' | head -1)
 if [ "$ver" = "$old_ver" ]; then
     echo "Up to date: $ver"
     exit
@@ -21,9 +21,12 @@ fi
 echo "$old_ver -> $ver"
 
 sha256=$(nix-prefetch -f "$nixpkgs" deltachat-desktop --rev "$rev")
-sed -e "s#\\bversion = \".*\"#version = \"$ver\"#" \
-    -e "s#\\bsha256 = \".*\"#sha256 = \"$sha256\"#" \
-    -i default.nix
+tac default.nix \
+    | sed -e "0,/version = \".*\"/s//version = \"$ver\"/" \
+          -e "0,/sha256 = \".*\"/s//sha256 = \"$sha256\"/" \
+    | tac \
+    | sponge default.nix
+
 src=$(nix-build "$nixpkgs" -A deltachat-desktop.src --no-out-link)
 
 jq '{ name, version, dependencies: (.dependencies + (.devDependencies | del(.["@typescript-eslint/eslint-plugin","@typescript-eslint/parser","esbuild","electron-builder","electron-devtools-installer","electron-notarize","esbuild","eslint","eslint-config-prettier","eslint-plugin-react-hooks","hallmark","prettier","tape","testcafe","testcafe-browser-provider-electron","testcafe-react-selectors","walk"]))) }' \

pkgs/data/themes/gtk-theme-framework/default.nix

@@ -0,0 +1,36 @@
+{ stdenv, fetchFromGitHub, theme, lib }:
+
+stdenv.mkDerivation rec {
+  pname = "gtk-theme-framework";
+  version = "0.2.3";
+
+  src = fetchFromGitHub {
+    owner = "jaxwilko";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "1z5s5rsgiypanf2z0avaisbflnvwrc8aiy5qskrsvbbaja63jy3s";
+  };
+
+  postPatch = ''
+    substituteInPlace main.sh \
+      --replace "#!/usr/bin/env bash" "#!/bin/sh"
+
+    substituteInPlace scripts/install.sh \
+      --replace "#!/usr/bin/env bash" "#!/bin/sh"
+  '';
+
+  installPhase = ''
+    runHook preInstall
+
+    mkdir -p $out/share/themes
+    ./main.sh -i -t ${theme} -d $out/share/themes
+
+    runHook postInstall
+  '';
+
+  meta = with lib; {
+    homepage = "https://github.com/jaxwilko/gtk-theme-framework";
+    license = licenses.gpl3Only;
+    maintainers = with maintainers; [ flexagoon ];
+  };
+}

pkgs/development/compilers/kotlin/default.nix

@@ -2,11 +2,11 @@
 
 stdenv.mkDerivation rec {
   pname = "kotlin";
-  version = "1.5.31";
+  version = "1.6.0";
 
   src = fetchurl {
     url = "https://github.com/JetBrains/kotlin/releases/download/v${version}/kotlin-compiler-${version}.zip";
-    sha256 = "sha256-ZhERKG8+WsBqrzqUA9hp2alqF2tisUGBS+YmpHJJ/p4=";
+    sha256 = "sha256-F0yS4SpUwJAf2fC62s8VFMKLUZepVlTk2rF3UpPd4dw=";
   };
 
   propagatedBuildInputs = [ jre ] ;

pkgs/development/compilers/kotlin/native.nix

@@ -7,7 +7,7 @@
 
 stdenv.mkDerivation rec {
   pname = "kotlin-native";
-  version = "1.5.31";
+  version = "1.6.0";
 
   src = let
     getArch = {
@@ -20,9 +20,9 @@ stdenv.mkDerivation rec {
       "https://github.com/JetBrains/kotlin/releases/download/v${version}/kotlin-native-${arch}-${version}.tar.gz";
 
     getHash = arch: {
-      "macos-aarch64" = "sha256-+9AF42AlPn1/8c14t8u+NN8FkoEmdt6tpmIKU9Rp2AM=";
-      "macos-x86_64" = "sha256-/eciSo4Eps2TTsv1XU1Rlm+KBmgQT0MWp2s/OAYtGt4=";
-      "linux-x86_64" = "sha256-Y2t+nlTu+j+h0oRneo7CJx0PmLAkqKYBJ+8go7rargM=";
+      "macos-aarch64" = "sha256-HLI6E3Y8l/5vAgjT39ezBCEYhCGV3pdjx1B1fL57qO4=";
+      "macos-x86_64" = "sha256-cJV+dP9/pJHlJx55HMqd7KC/OIWEzPXKmobCZLBZ+ec=";
+      "linux-x86_64" = "sha256-C5R2hdPg1cOA9WcSZYkN22Ca3/pslEcp554tuy/HxnQ=";
     }.${arch};
   in
     fetchurl {

pkgs/development/libraries/libdeltachat/default.nix

@@ -15,13 +15,13 @@
 
 stdenv.mkDerivation rec {
   pname = "libdeltachat";
-  version = "1.64.0";
+  version = "1.65.0";
 
   src = fetchFromGitHub {
     owner = "deltachat";
     repo = "deltachat-core-rust";
     rev = version;
-    sha256 = "04a1ncikapx53jjrx0ac1qi907wlj6javylz4aksg4nfbph6y9j4";
+    sha256 = "1k906pll4k8bc2xc9qd9g7q10rikbij2sy0w2wg9mf335rfym6z4";
   };
 
   patches = [
@@ -33,7 +33,7 @@ stdenv.mkDerivation rec {
   cargoDeps = rustPlatform.fetchCargoTarball {
     inherit src;
     name = "${pname}-${version}";
-    sha256 = "0skrzxn99c1gqil7z0dv0xhg883k98v6mh96nycf7whl2d25965x";
+    sha256 = "0jc9kyn5h3cn2ni5h3km47sfprpxr7hc96ca01yal2zyksm7zqxn";
   };
 
   nativeBuildInputs = [

pkgs/development/python-modules/ailment/default.nix

@@ -7,14 +7,14 @@
 
 buildPythonPackage rec {
   pname = "ailment";
-  version = "9.0.10534";
+  version = "9.0.10576";
   disabled = pythonOlder "3.6";
 
   src = fetchFromGitHub {
     owner = "angr";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-EmfbyXHoWEd2Yp1RFRkW94dzeRXw0rsBtvVcl+Vg0qI=";
+    sha256 = "sha256-s8GZV+hcuAZJhKVoLAtC2mwHlqr/vJ6P5mwlNDczEyY=";
   };
 
   propagatedBuildInputs = [ pyvex ];

pkgs/development/python-modules/angr/default.nix

@@ -43,14 +43,14 @@ in
 
 buildPythonPackage rec {
   pname = "angr";
-  version = "9.0.10534";
+  version = "9.0.10576";
   disabled = pythonOlder "3.6";
 
   src = fetchFromGitHub {
     owner = pname;
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-A2dqCABkqkn/rjWGc8hrGs60BK+V8j2+jVAYxnEpx8Y=";
+    sha256 = "sha256-lRoJZX7HPZE6y7v5AuU1C6sjOIXXefv8M/qPiNQtobw=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/angrop/default.nix

@@ -9,14 +9,14 @@
 
 buildPythonPackage rec {
   pname = "angrop";
-  version = "9.0.10534";
+  version = "9.0.10576";
   disabled = pythonOlder "3.6";
 
   src = fetchFromGitHub {
     owner = "angr";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-PaAhEn/eJg1qfuq2sHWTGTiJKNfs60NJuvfS9hVObX4=";
+    sha256 = "sha256-i4F6VyJYJ6XON9G43Z2VwWAPHGRxR9DzxnEDGiJ8LSE=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/archinfo/default.nix

@@ -7,13 +7,13 @@
 
 buildPythonPackage rec {
   pname = "archinfo";
-  version = "9.0.10534";
+  version = "9.0.10576";
 
   src = fetchFromGitHub {
     owner = "angr";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-8bGDl3rHVT2JKEOfYPHzFTxJ7t3Yz7aLQMVKAUNCSBo=";
+    sha256 = "sha256-K36tAsVfminDFK09jE6+ruROkaLfCTNPCL5ziZJOrVk=";
   };
 
   checkInputs = [

pkgs/development/python-modules/claripy/default.nix

@@ -13,14 +13,14 @@
 
 buildPythonPackage rec {
   pname = "claripy";
-  version = "9.0.10534";
+  version = "9.0.10576";
   disabled = pythonOlder "3.6";
 
   src = fetchFromGitHub {
     owner = "angr";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-WeqfNVGQio5ugC14iv0ls5b3O1ymEjfpV8J47cCqXeQ=";
+    sha256 = "sha256-86ySQ/2l1h5vayMfAsr9ShyE8oRKL37sT3bfrgIGFHY=";
   };
 
   # Use upstream z3 implementation

pkgs/development/python-modules/cle/default.nix

@@ -15,7 +15,7 @@
 
 let
   # The binaries are following the argr projects release cycle
-  version = "9.0.10534";
+  version = "9.0.10576";
 
   # Binary files from https://github.com/angr/binaries (only used for testing and only here)
   binaries = fetchFromGitHub {
@@ -35,7 +35,7 @@ buildPythonPackage rec {
     owner = "angr";
     repo = pname;
     rev = "v${version}";
-    sha256 = "sha256-edZC0pZf6A2lpqJDfpMeslLQQGEokq4B9qywgS7wLxo=";
+    sha256 = "sha256-ftaFISU37GcCFTybxV31PwUl2vrbKVm/S00Qo+pUxgo=";
   };
 
   propagatedBuildInputs = [

pkgs/development/python-modules/motionblinds/default.nix

@@ -0,0 +1,39 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, pycryptodomex
+, pythonOlder
+}:
+
+buildPythonPackage rec {
+  pname = "motionblinds";
+  version = "0.5.8.2";
+  format = "setuptools";
+
+  disabled = pythonOlder "3.7";
+
+  src = fetchFromGitHub {
+    owner = "starkillerOG";
+    repo = "motion-blinds";
+    rev = version;
+    sha256 = "6aSwUuH5IpfcuVGXWVmb0DHglsUtGh/ATOe6iih6fXk=";
+  };
+
+  propagatedBuildInputs = [
+    pycryptodomex
+  ];
+
+  # Project has no tests
+  doCheck = false;
+
+  pythonImportsCheck = [
+    "motionblinds"
+  ];
+
+  meta = with lib; {
+    description = "Python library for interfacing with Motion Blinds";
+    homepage = "https://github.com/starkillerOG/motion-blinds";
+    license = with licenses; [ mit ];
+    maintainers = with maintainers; [ fab ];
+  };
+}

pkgs/development/python-modules/pypinyin/default.nix

@@ -6,13 +6,13 @@
 
 buildPythonPackage rec {
   pname = "pypinyin";
-  version = "0.43.0";
+  version = "0.44.0";
 
   src = fetchFromGitHub {
     owner = "mozillazg";
     repo = "python-pinyin";
     rev = "v${version}";
-    sha256 = "0h3lpb8bw9zp8is5sx2zg931wz12x0zfan1kksnbhx16vwv1kgw3";
+    sha256 = "sha256-LYiiZvpM/V3QRyTUXGWGnSnR0AnqWfTW0xJB4Vnw7lI=";
   };
 
   postPatch = ''

pkgs/development/python-modules/pyscard/default.nix

@@ -1,4 +1,4 @@
-{ lib, stdenv, fetchPypi, buildPythonPackage, swig, pcsclite, PCSC }:
+{ lib, stdenv, fetchpatch, fetchPypi, buildPythonPackage, swig, pcsclite, PCSC }:
 
 let
   # Package does not support configuring the pcsc library.
@@ -14,6 +14,15 @@ buildPythonPackage rec {
     sha256 = "05de0579c42b4eb433903aa2fb327d4821ebac262434b6584da18ed72053fd9e";
   };
 
+  patches = [
+    # present in master - remove after 2.0.2
+    (fetchpatch {
+      name = "darwin-typo-test-fix.patch";
+      url = "https://github.com/LudovicRousseau/pyscard/commit/ce842fcc76fd61b8b6948d0b07306d82ad1ec12a.patch";
+      sha256 = "0wsaj87wp9d2vnfzwncfxp2w95m0zhr7zpkmg5jccn06z52ihis3";
+    })
+  ];
+
   postPatch = if withApplePCSC then ''
     substituteInPlace smartcard/scard/winscarddll.c \
       --replace "/System/Library/Frameworks/PCSC.framework/PCSC" \

pkgs/development/python-modules/pyvex/default.nix

@@ -11,11 +11,11 @@
 
 buildPythonPackage rec {
   pname = "pyvex";
-  version = "9.0.10534";
+  version = "9.0.10576";
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "sha256-tUjASwLQy/p3Q+XnkbpUQNM6VHk94bIle2BzRd4EYsg=";
+    sha256 = "sha256-pOQZXymIuffUfShAUrXqlxwWCIRKZpkMZcJS1fad2bs=";
   };
 
   postPatch = lib.optionalString stdenv.isDarwin ''

pkgs/development/python-modules/stanza/default.nix

@@ -0,0 +1,49 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, pythonOlder
+, emoji
+, numpy
+, protobuf
+, requests
+, six
+, pytorch
+, tqdm
+}:
+
+buildPythonPackage rec {
+  pname = "stanza";
+  version = "1.3.0";
+
+  src = fetchFromGitHub {
+    owner = "stanfordnlp";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "1j5918n875p3ibhzc5zp3vb97asbbnb04pj1igxwzl0xm6qcsbh8";
+  };
+
+  disabled = pythonOlder "3.6";
+
+  propagatedBuildInputs = [
+    emoji
+    numpy
+    protobuf
+    requests
+    six
+    pytorch
+    tqdm
+  ];
+
+  # disabled, because the tests try to connect to the internet which
+  # is forbidden in the sandbox
+  doCheck = false;
+
+  pythonImportsCheck = [ "stanza" ];
+
+  meta = with lib; {
+    description = "Official Stanford NLP Python Library for Many Human Languages";
+    homepage = "https://github.com/stanfordnlp/stanza/";
+    license = licenses.asl20;
+    maintainers = with maintainers; [ riotbib ];
+  };
+}

pkgs/development/python-modules/trytond/default.nix

@@ -12,6 +12,7 @@
 , werkzeug
 , wrapt
 , passlib
+, pillow
 , bcrypt
 , pydot
 , python-Levenshtein
@@ -23,12 +24,14 @@
 
 buildPythonApplication rec {
   pname = "trytond";
-  version = "6.0.8";
-  disabled = pythonOlder "3.5";
+  version = "6.2.0";
+  format = "setuptools";
+
+  disabled = pythonOlder "3.6";
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "686d498f9648875f48edc9fc2e97cd465ed4ea9270c4984b6f2db20a2eac4942";
+    sha256 = "sha256-U73dzLTUJnOw24/ELQzjnxJ0PvjV+zE/PNuQHXbEukw=";
   };
 
   # Tells the tests which database to use
@@ -37,6 +40,7 @@ buildPythonApplication rec {
   buildInputs = [
     mock
   ];
+
   propagatedBuildInputs = [
     lxml
     relatorio
@@ -46,6 +50,7 @@ buildPythonApplication rec {
     python-sql
     werkzeug
     wrapt
+    pillow
     passlib
 
     # extra dependencies

pkgs/development/tools/analysis/checkov/default.nix

@@ -56,13 +56,13 @@ with py.pkgs;
 
 buildPythonApplication rec {
   pname = "checkov";
-  version = "2.0.574";
+  version = "2.0.580";
 
   src = fetchFromGitHub {
     owner = "bridgecrewio";
     repo = pname;
     rev = version;
-    sha256 = "sha256-DM7fPwJcWEyOu55ThK/jP9jIUbiVCfEtltSP7puCoxQ=";
+    sha256 = "sha256-GnEXGXJCI9VIOKJbGjTppum6j/uwX4m4ytaZqvpfl7Q=";
   };
 
   nativeBuildInputs = with py.pkgs; [

pkgs/servers/heisenbridge/default.nix

@@ -1,16 +1,23 @@
-{ lib, fetchurl, python3Packages }:
+{ lib, fetchFromGitHub, python3Packages }:
 
-python3Packages.buildPythonPackage rec {
+python3Packages.buildPythonApplication rec {
   pname = "heisenbridge";
   version = "1.6.0";
 
-  # Use the release tarball because it has the version set correctly using the
-  # version.txt file.
-  src = fetchurl {
-    url = "https://github.com/hifi/heisenbridge/releases/download/v${version}/heisenbridge-${version}.tar.gz";
-    sha256 = "sha256-NhHMReY48lg1FhJlCRjRiSpy+9bDLtIV+j+zX8GZcL4=";
+  src = fetchFromGitHub {
+    owner = "hifi";
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "sha256-Q7xqKjAUBHh87VAgsgDOCPDINDh0yUdr3UoUlLqJr5k=";
   };
 
+  postPatch = ''
+    echo "${version}" > heisenbridge/version.txt
+
+    substituteInPlace setup.cfg \
+      --replace "mautrix >=0.10.5, <0.11" "mautrix >=0.10.5, <0.12"
+  '';
+
   propagatedBuildInputs = with python3Packages; [
     aiohttp
     irc
@@ -19,6 +26,10 @@ python3Packages.buildPythonPackage rec {
     pyyaml
   ];
 
+  checkInputs = with python3Packages; [
+    pytestCheckHook
+  ];
+
   meta = with lib; {
     description = "A bouncer-style Matrix-IRC bridge.";
     homepage = "https://github.com/hifi/heisenbridge";

pkgs/servers/home-assistant/component-packages.nix

@@ -533,7 +533,7 @@
     "mold_indicator" = ps: with ps; [ ];
     "monoprice" = ps: with ps; [ ]; # missing inputs: pymonoprice
     "moon" = ps: with ps; [ ];
-    "motion_blinds" = ps: with ps; [ aiohttp-cors ifaddr ]; # missing inputs: motionblinds
+    "motion_blinds" = ps: with ps; [ aiohttp-cors ifaddr motionblinds ];
     "motioneye" = ps: with ps; [ aiohttp-cors motioneye-client ];
     "mpchc" = ps: with ps; [ ];
     "mpd" = ps: with ps; [ mpd2 ];

pkgs/servers/home-assistant/default.nix

@@ -520,6 +520,7 @@ in with py.pkgs; buildPythonApplication rec {
     "modbus"
     "mold_indicator"
     "moon"
+    "motion_blinds"
     "motioneye"
     "mqtt"
     "mqtt_eventstream"

pkgs/servers/jackett/default.nix

@@ -1,23 +1,32 @@
-{ lib, stdenv, fetchurl, mono, makeWrapper, curl, icu60, openssl, zlib }:
+{ lib
+, buildDotnetModule
+, fetchFromGitHub
+, dotnetCorePackages
+, openssl
+}:
 
-stdenv.mkDerivation rec {
+buildDotnetModule rec {
   pname = "jackett";
-  version = "0.18.925";
+  version = "0.19.138";
 
-  src = fetchurl {
-    url = "https://github.com/Jackett/Jackett/releases/download/v${version}/Jackett.Binaries.Mono.tar.gz";
-    sha256 = "1md0iy6sx0agsnvrj9m7bq1lvp5z34x7zv3pvwy4zw8b46w97mnz";
+  src = fetchFromGitHub {
+    owner = pname;
+    repo = pname;
+    rev = "v${version}";
+    sha256 = "0qaaccc95csahylzv65ndx990kcr075jffawbjpsjfkxzflfjq9n";
   };
 
-  nativeBuildInputs = [ makeWrapper ];
+  projectFile = "src/Jackett.Server/Jackett.Server.csproj";
+  nugetDeps = ./deps.nix;
 
-  installPhase = ''
-    mkdir -p $out/{bin,share/${pname}-${version}}
-    cp -r * $out/share/${pname}-${version}
+  dotnetInstallFlags = [ "-p:TargetFramework=net5.0" ];
+  dotnet-runtime = dotnetCorePackages.aspnetcore_5_0;
 
-    makeWrapper "${mono}/bin/mono" $out/bin/Jackett \
-      --add-flags "$out/share/${pname}-${version}/JackettConsole.exe" \
-      --prefix LD_LIBRARY_PATH : ${lib.makeLibraryPath [ curl icu60 openssl zlib ]}
+  runtimeDeps = [ openssl ];
+
+  postFixup = ''
+    # Legacy
+    ln -s $out/bin/jackett $out/bin/Jackett
   '';
 
   meta = with lib; {
@@ -27,4 +36,5 @@ stdenv.mkDerivation rec {
     maintainers = with maintainers; [ edwtjo nyanloutre purcell ];
     platforms = platforms.all;
   };
+  passthru.updateScript = ./updater.sh;
 }

pkgs/servers/jackett/deps.nix

@@ -0,0 +1,250 @@
+{ fetchNuGet }: [
+  (fetchNuGet { name = "AngleSharp"; version = "0.14.0"; sha256 = "1zgwhh1fp2mmaplvpgm86rpmslix3wqfxf0d3hxx1gxwfgr6wxm6"; })
+  (fetchNuGet { name = "Autofac"; version = "5.2.0"; sha256 = "0yxks2nynl0mcg3m94cl94x50k3wa8xh9k3f2gmh8mxn5nrpl64r"; })
+  (fetchNuGet { name = "Autofac.Extensions.DependencyInjection"; version = "6.0.0"; sha256 = "0ljgzn1jlv4k0q13l9n7gjrbw49wdfjzg8rvbwzzrg73bz77vxm3"; })
+  (fetchNuGet { name = "AutoMapper"; version = "8.1.1"; sha256 = "1p2sc82lrbarhs08n2132vijfr3hv9zksb6ra12y9hfckam5lz9h"; })
+  (fetchNuGet { name = "BencodeNET"; version = "3.1.4"; sha256 = "12zim3k5wnlxgkg3310djh3zy97d6g3k3xvf87qd8pk2669vb1gw"; })
+  (fetchNuGet { name = "CommandLineParser"; version = "2.8.0"; sha256 = "1m32xyilv2b7k55jy8ddg08c20glbcj2yi545kxs9hj2ahanhrbb"; })
+  (fetchNuGet { name = "DotNet4.SocksProxy"; version = "1.4.0.1"; sha256 = "1ig2a9ism041a6qrqkxa9xhvp19yxzcadlap5i1kz97f05a2msvb"; })
+  (fetchNuGet { name = "FlareSolverrSharp"; version = "2.0.0"; sha256 = "15rs97ayh6s9g2vbn3r1bj7imazald0f22gfikw6mmyx5ghc3zrz"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore"; version = "2.2.0"; sha256 = "0vsv7hcsmnsgqhs67zp207n7m9ix3dbwm1p2ch3dizkcdvz235f9"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Antiforgery"; version = "2.2.0"; sha256 = "026wjdwjx0lgccqv0xi5gxylxzgz5ifgxf25p5pqakgrhkz0a59l"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authentication"; version = "2.2.0"; sha256 = "0yqfzd0qq5ypmk6b9gnb1yscl75fxx9frq808cxs70ay7y7jqmgn"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authentication.Abstractions"; version = "2.2.0"; sha256 = "0vj7fhpk0d95nkkxz4q0rma6pb4ym96mx6nms4603y0l19h0k5yh"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authentication.Cookies"; version = "2.2.0"; sha256 = "0x7i7dmvq5ph8f21ajgb56fjvv31r4zn6pj8d7rsx0y6067vcp5d"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authentication.Core"; version = "2.2.0"; sha256 = "1wgn45fmdi7dk9cl4cdhzgqc9mdxhfw7zg8zwns3j7qgrhlv6k8h"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authorization"; version = "2.2.0"; sha256 = "1mpq8pmxlxfa625k2ghv6xcyy2wdpwv56xzya9mvmlnh50h1i8rx"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Authorization.Policy"; version = "2.2.0"; sha256 = "1d1zh65kfjf81j21ssmhr465vx08bra8424vgnrb22gdx03mhwd2"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Connections.Abstractions"; version = "2.2.0"; sha256 = "1rl94r8b0zq14f3dhfnvfjj1ivr81iw9zh5kdgs3zkdv0xc9x21j"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Cors"; version = "2.2.0"; sha256 = "0qskbz87i74kfbklxqfyqaccyba21kkx2lcdfa54kxj9r8daq7sc"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Cryptography.Internal"; version = "2.2.0"; sha256 = "01lg2fx85b47ldgdrhs6clsivj35x54xwc9r5xk3f1v8rr3gycsv"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.DataProtection"; version = "2.2.0"; sha256 = "09lzbp084xxy1xxfbxpqdff8phv2pzd1n5v30xfm03hhl7a038gx"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.DataProtection.Abstractions"; version = "2.2.0"; sha256 = "1gi4hpssmrrdf5lm6idkhvqbfy12bx14976y4gbhmx9z8lxaqcfz"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Diagnostics"; version = "2.2.0"; sha256 = "0hq5s2h0k2714352bdz2s3c3m6spkn4ckfw3pv9c4rmn6adbw9b1"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Diagnostics.Abstractions"; version = "2.2.0"; sha256 = "061cdhjh5w2f1frhimcgk68vx8p743jb9h4qik3lm1c734r0drm0"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.HostFiltering"; version = "2.2.0"; sha256 = "06wbgkbh24w9yxz6g8446l7nnjm3rdp1wklri710zqzr7zbfcx43"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Hosting"; version = "2.2.0"; sha256 = "1nk61mj7a4ri3p47xd0j520szwj05xid16r2bld85cp70xnpxjhx"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Hosting.Abstractions"; version = "2.1.0"; sha256 = "0sdzvjf6bz0krr2bm77zdyxpjcddadq2fqd3b4yybd6my3b5f7j2"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Hosting.Abstractions"; version = "2.2.0"; sha256 = "043k651vbfshh3s997x42ymj8nb32419m7q3sjw5q2c27anrhfhv"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Hosting.Server.Abstractions"; version = "2.1.0"; sha256 = "1xm8913slkx0cvk7gcbk1sf9518xmrajjjp3z8qhr5xdhdx1b879"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Hosting.Server.Abstractions"; version = "2.2.0"; sha256 = "0nz73bwrvhc1n7gd7xxm3p5ww2wx9qr9m9i43y20gh0c54adkygh"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Html.Abstractions"; version = "2.2.0"; sha256 = "1z5lkzb9h9wprvyxyjw4fj7bjypaibsw0cj4bz769hf0abjz8y1v"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http"; version = "2.1.0"; sha256 = "1nrhbsr58fh6hpzxq75qvrimh0lk6pdwghs3cbv0f1zk90rar1cq"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http"; version = "2.2.0"; sha256 = "1fcrafpa57sab3as18idqknzlxkx49n4sxzlzik3sj6pcji5j17q"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http"; version = "2.2.2"; sha256 = "09mgjvpqdyylz9dbngql9arx46lfkiczjdf7aqr9asd5vjqlv2c8"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http.Abstractions"; version = "2.1.0"; sha256 = "0jz5w1y661cxbh1sakyjh0813sqrc456mj53w3482ilb5xh5zhbf"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http.Abstractions"; version = "2.2.0"; sha256 = "13s8cm6jdpydxmr0rgmzrmnp1v2r7i3rs7v9fhabk5spixdgfy6b"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http.Extensions"; version = "2.2.0"; sha256 = "118gp1mfb8ymcvw87fzgjqwlc1d1b0l0sbfki291ydg414cz3dfn"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http.Features"; version = "2.1.0"; sha256 = "1mwpvbq0z982f9r5ik6k15h18qviy735i55hld9vfk8694k9zwcj"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Http.Features"; version = "2.2.0"; sha256 = "0xrlq8i61vzhzzy25n80m7wh2kn593rfaii3aqnxdsxsg6sfgnx1"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.HttpOverrides"; version = "2.2.0"; sha256 = "1pbmmczxilgrf4qyaql88dc3av7kaixb1r36358kil68gl3irjy6"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.JsonPatch"; version = "2.2.0"; sha256 = "07cihb5sqkavg42nvircdwjp0b67mhrla97jgx285zdjphplg4h2"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.JsonPatch"; version = "5.0.0"; sha256 = "192mn6r73xjw8fvlss6vrv34iiavq7k8pg0w7advgj6khklw4dzx"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Localization"; version = "2.2.0"; sha256 = "08knc70cy7ycid5sbbbzy6my4b7ddj4j760k5xf1qnfb0njxhfh7"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc"; version = "2.2.0"; sha256 = "16jrikcywkd4r4jh551p8gxxw6hj3aizdzd5i7agb06gwpgqqv9c"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Abstractions"; version = "2.2.0"; sha256 = "09p447ipd19517vy8xx9ykvspn6b4fgbm2rskpmzyw41x9wz4k0b"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Analyzers"; version = "2.2.0"; sha256 = "1b975z00bzgh2z5hina4bzfksvc2vgnbzmi8g3q962hspg6ylh9f"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.ApiExplorer"; version = "2.2.0"; sha256 = "1ryhd1md30fgrli74qv45mhldivbasdvydw0lllg6x6jzpyrkwpa"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Core"; version = "2.2.0"; sha256 = "1k6lkgk9zak5sczvyjbwgqnfcwcg9ks74wznqfzck8c6hns1by0m"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Cors"; version = "2.2.0"; sha256 = "077vjxn0k5rr4s675g50rzkns6scgijxxh5iib59k77ldwpdr14q"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.DataAnnotations"; version = "2.2.0"; sha256 = "0vdhdjarh4az7g71gkvmhq6xpvwhh8si3sbrpdwb8p60i94cdyl6"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Formatters.Json"; version = "2.2.0"; sha256 = "0421fcf2z8a6z81ql123ili32wbr3x25zpq17xjf4s9fmsr0069a"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Localization"; version = "2.2.0"; sha256 = "0d27xirwsr3j7jacsrz6g2r4py35hgzjyy6ak6gkd07cm707wgc6"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.NewtonsoftJson"; version = "5.0.0"; sha256 = "1q3z35pxgvpf6l6ywh5wb6gfly055rk99a80rjqisyrbmza1msd1"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Razor"; version = "2.2.0"; sha256 = "06fqg7rfyvfj3hdppkhy37ddjff2d6pg7khj6lccs9lwc732yr7q"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.Razor.Extensions"; version = "2.2.0"; sha256 = "04javqbzv7mkakqjl40j429giaagjj7hmwcljrgj8q1jknk0x9xc"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.RazorPages"; version = "2.2.0"; sha256 = "0zqyqfxzl3lkqfy9chd0ipani75q3109imlxrnhdfiwmxrd8xqbm"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.TagHelpers"; version = "2.2.0"; sha256 = "16aprk81sp2i0n0dmp318cm65mk03i58rhpijm4fz4xz51j7z8li"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Mvc.ViewFeatures"; version = "2.2.0"; sha256 = "1isflvb0ff5nfqnvdlyvmszkd42axbbz0xmdaf0d7sah0qkvvi7n"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Razor"; version = "2.2.0"; sha256 = "02ybprvsi59nwa0fdq99jvx7r26bs2bg3xjxkilc495clgg98zp0"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Razor.Design"; version = "2.2.0"; sha256 = "03pcdcbmyw050hag588b7caqilnq3cb6ndq5g6j0r7j7wf3plsn6"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Razor.Language"; version = "2.2.0"; sha256 = "0n58qdipwy5wymfhgm3anickwvnf4svb9ipbrby7ksrhhrkqvx4z"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Razor.Runtime"; version = "2.2.0"; sha256 = "1n9j5hjinm5gp39nwmcf26dwg1psl7sf7xkxnvfxsnl44mbcy695"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.ResponseCaching.Abstractions"; version = "2.2.0"; sha256 = "01sp2i2bgcn6blw1mcvg5nrlc97c9czyawwvgfi6ydzdvs6ang37"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.ResponseCompression"; version = "2.2.0"; sha256 = "0madnk92752alpc7cv2bazqlihhzgl3yj1s9ajhi3w09vg8n8pz4"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Rewrite"; version = "2.2.0"; sha256 = "0f21v96wkvxcxfz5a9nvhqf1dshvgg34g9075fb0nd57nsw289af"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Routing"; version = "2.2.0"; sha256 = "12kv602j2rxp43l1v3618yz3pdd7hqc3r98ya0bqz6y2ppvhbyws"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Routing.Abstractions"; version = "2.1.0"; sha256 = "1f8xixbg749nhv10vaf3jmdv9zjdw822hw7ikwa97h70767d8xz5"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Routing.Abstractions"; version = "2.2.0"; sha256 = "0d9wwz1rsh1fslbv1y72jpkvqv2v9n28rl3vslcg0x74lp2678ly"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.IIS"; version = "2.2.0"; sha256 = "0cgyw8xjr6kgvrj7rn072mr97sh4xj95f635vmjrx10b8rnypmkk"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.IISIntegration"; version = "2.2.0"; sha256 = "1dmk68cyh02g9fcg1bxp90dxl7xpqiqikdlh1835jgm44m985mpc"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.Kestrel"; version = "2.2.0"; sha256 = "0wh7hf09i9qxs9r0d5xdcx3qingsid9nxlwcyjg2r44pjs6cg1rf"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.Kestrel.Core"; version = "2.2.0"; sha256 = "075ffds8hwp8ps0zf84bsv9pgiaqry9njc403qack701aybci97r"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.Kestrel.Https"; version = "2.2.0"; sha256 = "08z447wrbzy3l9lmmas353nr17sg9yccwcg62l9ax9a6n1wvds8c"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.Kestrel.Transport.Abstractions"; version = "2.2.0"; sha256 = "08bj95zy4zszyx1rsy8v2ai9kg4120ij6yi0zillwx3ndb3q7vfb"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.Server.Kestrel.Transport.Sockets"; version = "2.2.0"; sha256 = "0vhicfnv12sz2c81czdgdlffcgrhnn1jzz9zwy3a9c2n4rn8k9k5"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.StaticFiles"; version = "2.2.0"; sha256 = "1bpggypnx8ai11jqlbyb6cir3x7cnw1mvqh6h88f3b0gg8wxnnpj"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.WebUtilities"; version = "2.1.0"; sha256 = "148snpiq4rhm44gzx8wn9ljfb286h7vd1axc9by4r4fxp0gix0kf"; })
+  (fetchNuGet { name = "Microsoft.AspNetCore.WebUtilities"; version = "2.2.0"; sha256 = "0cs1g4ing4alfbwyngxzgvkrv7z964isv1j9dzflafda4p0wxmsi"; })
+  (fetchNuGet { name = "Microsoft.Bcl.AsyncInterfaces"; version = "1.1.0"; sha256 = "1dq5yw7cy6s42193yl4iqscfw5vzkjkgv0zyy32scr4jza6ni1a1"; })
+  (fetchNuGet { name = "Microsoft.CodeAnalysis.Analyzers"; version = "1.1.0"; sha256 = "08r667hj2259wbim1p3al5qxkshydykmb7nd9ygbjlg4mmydkapc"; })
+  (fetchNuGet { name = "Microsoft.CodeAnalysis.Common"; version = "2.8.0"; sha256 = "0g4h41fs0r8lqh9pk9s4mc1090kdpa6sbxq4rc866s8hnq9s1h4j"; })
+  (fetchNuGet { name = "Microsoft.CodeAnalysis.CSharp"; version = "2.8.0"; sha256 = "0p1xvw1h2fmnxywv1j4x6p3rgarpc8mfwfgn0vflk5xfnc961f6w"; })
+  (fetchNuGet { name = "Microsoft.CodeAnalysis.Razor"; version = "2.2.0"; sha256 = "03cm9danxxnsnmrzfz2swz6zhckkgg6hrz1ycnvnjrbpk3w4v0d6"; })
+  (fetchNuGet { name = "Microsoft.CSharp"; version = "4.5.0"; sha256 = "01i28nvzccxbqmiz217fxs6hnjwmd5fafs37rd49a6qp53y6623l"; })
+  (fetchNuGet { name = "Microsoft.CSharp"; version = "4.7.0"; sha256 = "0gd67zlw554j098kabg887b5a6pq9kzavpa3jjy5w53ccjzjfy8j"; })
+  (fetchNuGet { name = "Microsoft.DiaSymReader.Native"; version = "1.7.0"; sha256 = "0l2w3xpr7dpni20mqx41hqdzkrl0k6w9a0wqmjzdqv5f1jrwhfxn"; })
+  (fetchNuGet { name = "Microsoft.DotNet.PlatformAbstractions"; version = "2.1.0"; sha256 = "1qydvyyinj3b5mraazjal3n2k7jqhn05b6n1a2f3qjkqkxi63dmy"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Caching.Abstractions"; version = "2.2.0"; sha256 = "0hhxc5dp52faha1bdqw0k426zicsv6x1kfqi30m9agr0b2hixj52"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Caching.Memory"; version = "2.2.0"; sha256 = "0bzrsn5vas86w66bd04xilnlb21nx4l6lz7d3acvy6y8ir2vb5dv"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration"; version = "3.1.8"; sha256 = "1px3f7snw2iry7h7gfxzq0vg88cc8bf5kga22p0nkrkpgrm9hasa"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration"; version = "5.0.0"; sha256 = "01m9vzlq0vg0lhckj2dimwq42niwny8g3lm13c9a401hlyg90z1p"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Abstractions"; version = "2.1.0"; sha256 = "03gzlr3z9j1xnr1k6y91zgxpz3pj27i3zsvjwj7i8jqnlqmk7pxd"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Abstractions"; version = "2.2.0"; sha256 = "1fv5277hyhfqmc0gqszyqb1ilwnijm8kc9606yia6hwr8pxyg674"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Abstractions"; version = "3.1.8"; sha256 = "05mlbia6vag0a0zfflv1m3ix48230wx0yib5hp7zsc72jpcmjd7q"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Abstractions"; version = "5.0.0"; sha256 = "0fqxkc9pjxkqylsdf26s9q21ciyk56h1w33pz3v1v4wcv8yv1v6k"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Binder"; version = "2.1.0"; sha256 = "0x1888w5ypavvszfmpja9krgc64527prs75vm8xbf9fv3rgsplql"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Binder"; version = "2.2.0"; sha256 = "10qyjdkymdmag3r807kvbnwag4j3nz65i4cwikbd77jjvz92ya3j"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Binder"; version = "3.0.0"; sha256 = "1415h62v6l1yjg95zrhbarwshmdd3hyphxavdim2z10lkyhsj9vz"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.CommandLine"; version = "2.2.0"; sha256 = "09kc7a6g6r9lxcm7y445bmnmkhxkxxvmx6fxh99ixb8a1fkxrvfi"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.EnvironmentVariables"; version = "2.2.0"; sha256 = "1af6003lmw6ms53m8wsvp9rx1alr8r9pharf6azaqcw4m99vd8c5"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.FileExtensions"; version = "2.2.0"; sha256 = "0bwk1kh6q259nmnly90j5rbbzi9w5gigq5vyjr31c1br4j8cjmqd"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.Json"; version = "2.2.0"; sha256 = "18cmrvlhc71bxplldbgwfjg29qflcaf4rrg2avp4g03fqwma6vvc"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Configuration.UserSecrets"; version = "2.2.0"; sha256 = "15qarrjb7q463hsfkkja3yd34zf370qwjy22586w4r22rpxwirwp"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyInjection"; version = "2.2.0"; sha256 = "0lvv45rvq1xbf47lz818rjydc776zk8mf7svpzh1dml4qwlx9zck"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyInjection"; version = "3.0.0"; sha256 = "0cqbvy49ph16rlba2f35qhi0n7vpcf5kjybvn5fbs7dchfdzw927"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "2.1.0"; sha256 = "0c0cx8r5xkjpxmcfp51959jnp55qjvq28d9vaslk08avvi1by12s"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "2.2.0"; sha256 = "1jyzfdr9651h3x6pxwhpfbb9mysfh8f8z1jvy4g117h9790r9zx5"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyInjection.Abstractions"; version = "3.0.0"; sha256 = "06s8j8v0w06f12jxw6vvsd0l5zqrmsvc3rr2gqx9z3gcq7mdnr3l"; })
+  (fetchNuGet { name = "Microsoft.Extensions.DependencyModel"; version = "2.1.0"; sha256 = "0dl4qhjgifm6v3jsfzvzkvddyic77ggp9fq49ah661v45gk6ilgd"; })
+  (fetchNuGet { name = "Microsoft.Extensions.FileProviders.Abstractions"; version = "2.1.0"; sha256 = "1sxls5f5cgb0wr8cwb05skqmz074683hrhmd3hhq6m5dasnzb8n3"; })
+  (fetchNuGet { name = "Microsoft.Extensions.FileProviders.Abstractions"; version = "2.2.0"; sha256 = "1f83ffb4xjwljg8dgzdsa3pa0582q6b4zm0si467fgkybqzk3c54"; })
+  (fetchNuGet { name = "Microsoft.Extensions.FileProviders.Composite"; version = "2.2.0"; sha256 = "0k3qfxb0pn9b63grbf9jv7xw40gk6m1djmi3c4inwys7lxcj2k18"; })
+  (fetchNuGet { name = "Microsoft.Extensions.FileProviders.Physical"; version = "2.2.0"; sha256 = "0lrq4bxf67pw6n9kzwzqsnxkad2ygh2zn46hjias8j7aqljglh7x"; })
+  (fetchNuGet { name = "Microsoft.Extensions.FileSystemGlobbing"; version = "2.2.0"; sha256 = "01jw7s1nb44n65qs3rk7xdzc419qwl0s5c34k031f1cc5ag3jvc2"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Hosting.Abstractions"; version = "2.1.0"; sha256 = "04vm9mdjjzg3lpp2rzpgkpn8h5bzdl3bwcr22lshd3kp602ws4k9"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Hosting.Abstractions"; version = "2.2.0"; sha256 = "1xc7xr1nq7akfahyl5in9iyxrygap2xi9nxh39rfm37sf8lk55v1"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Localization"; version = "2.2.0"; sha256 = "1k73kk5qmrvdyd7l8qxp19crw18f2p5dgk3cjx59g7vf3rkgmc6k"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Localization.Abstractions"; version = "2.2.0"; sha256 = "1yzqs5x97rj6wlg0rylj0xi3dn1bw4ps26zdqsijx621jl1r97gy"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging"; version = "2.1.0"; sha256 = "0dii8i7s6libfnspz2xb96ayagb4rwqj2kmr162vndivr9rmbm06"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging"; version = "2.2.0"; sha256 = "0bx3ljyvvcbikradq2h583rl72h8bxdz33aghk026cxzpv2mm3wm"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging"; version = "3.0.0"; sha256 = "1a9laql7pnka3n8ca26rsclkiijcdrzd57jyvbyrihgpb7bmzx0r"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Abstractions"; version = "2.1.0"; sha256 = "1gvgif1wcx4k6pv7gc00qv1hid945jdywy1s50s33q0hfd91hbnj"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Abstractions"; version = "2.2.0"; sha256 = "02w7hp6jicr7cl5p456k2cmrjvvhm6spg5kxnlncw3b72358m5wl"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Abstractions"; version = "3.0.0"; sha256 = "0453382r1f39hgvw631lk1hx2kas8xa1xjr6xq4wshan8d62xgd7"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Configuration"; version = "2.2.0"; sha256 = "1npblvkb4f251277sm6mc1xj2yww6nzag0azfz772nzkbdpj1q19"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Console"; version = "2.2.0"; sha256 = "1g4wcd1kac0b4l0k4blr3qxpyfaf092cs2wnsjb3paj60rhr5agf"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.Debug"; version = "2.2.0"; sha256 = "1z5zzf43dw5xzvylkcgdi0q2mfhig6fmw2p5mxdxx916c5s007np"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Logging.EventSource"; version = "2.2.0"; sha256 = "18kz2bm07zfj6d4j17zkj2zai7fmbsaq4xh312nh1x4468vi088g"; })
+  (fetchNuGet { name = "Microsoft.Extensions.ObjectPool"; version = "2.1.0"; sha256 = "0i0vmfc3ch7xa3awmbw3byylprfl2d6dp7lgm8k8f215kxzl1wdn"; })
+  (fetchNuGet { name = "Microsoft.Extensions.ObjectPool"; version = "2.2.0"; sha256 = "0n1q9lvc24ii1shzy575xldgmz7imnk4dswwwcgmzz93klri9r1z"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Options"; version = "2.1.0"; sha256 = "0w9644sryd1c6r3n4lq2cgd5pn6jl3k5m38a05m7vjffa4m2spd2"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Options"; version = "2.2.0"; sha256 = "1b20yh03fg4nmmi3vlf6gf13vrdkmklshfzl3ijygcs4c2hly6v0"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Options"; version = "3.0.0"; sha256 = "1vzx8ha74y542n6w54vf60676aaz01ryklz6rm70w83v7sg2fxg3"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Options.ConfigurationExtensions"; version = "2.2.0"; sha256 = "0w95rpxl0fzcz7rp8zabv3c9bvkj9ma2mj1hrx9nipsc4dnqp4jd"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Primitives"; version = "2.1.0"; sha256 = "1r9gzwdfmb8ysnc4nzmyz5cyar1lw0qmizsvrsh252nhlyg06nmb"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Primitives"; version = "2.2.0"; sha256 = "0znah6arbcqari49ymigg3wiy2hgdifz8zsq8vdc3ynnf45r7h0c"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Primitives"; version = "3.0.0"; sha256 = "1d89yybxm7c30h5w79psybmpvy0pw7ha9r0y70f7i0kxgp8n62bk"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Primitives"; version = "3.1.8"; sha256 = "1p48hk3r9ikv36wdpwdrbvaccziazncf7nl60fr82i04199lfhgl"; })
+  (fetchNuGet { name = "Microsoft.Extensions.Primitives"; version = "5.0.0"; sha256 = "0swqcknyh87ns82w539z1mvy804pfwhgzs97cr3nwqk6g5s42gd6"; })
+  (fetchNuGet { name = "Microsoft.Extensions.WebEncoders"; version = "2.2.0"; sha256 = "1mhnichccw6mjf37d38q2i1kr7qp485m7apa1b872ji0q16yy1y3"; })
+  (fetchNuGet { name = "Microsoft.NETCore.Platforms"; version = "1.1.0"; sha256 = "08vh1r12g6ykjygq5d3vq09zylgb84l63k49jc4v8faw9g93iqqm"; })
+  (fetchNuGet { name = "Microsoft.NETCore.Platforms"; version = "5.0.0"; sha256 = "0mwpwdflidzgzfx2dlpkvvnkgkr2ayaf0s80737h4wa35gaj11rc"; })
+  (fetchNuGet { name = "Microsoft.NETCore.Targets"; version = "1.1.0"; sha256 = "193xwf33fbm0ni3idxzbr5fdq3i2dlfgihsac9jj7whj0gd902nh"; })
+  (fetchNuGet { name = "Microsoft.NETFramework.ReferenceAssemblies"; version = "1.0.0"; sha256 = "0na724xhvqm63vq9y18fl9jw9q2v99bdwr353378s5fsi11qzxp9"; })
+  (fetchNuGet { name = "Microsoft.NETFramework.ReferenceAssemblies.net461"; version = "1.0.0"; sha256 = "00vkn4c6i0rn1l9pv912y0wgb9h6ks76qah8hvk441nari8fqbm1"; })
+  (fetchNuGet { name = "Microsoft.Net.Http.Headers"; version = "2.1.0"; sha256 = "1a02bll0flsin9grd3jxbi76ycl42qamynalbp7qbqcsprabw3ai"; })
+  (fetchNuGet { name = "Microsoft.Net.Http.Headers"; version = "2.2.0"; sha256 = "0w6lrk9z67bcirq2cj2ldfhnizc6id77ba6i30hjzgqjlyhh1gx5"; })
+  (fetchNuGet { name = "Microsoft.Win32.Registry"; version = "4.5.0"; sha256 = "1zapbz161ji8h82xiajgriq6zgzmb1f3ar517p2h63plhsq5gh2q"; })
+  (fetchNuGet { name = "Microsoft.Win32.Registry"; version = "5.0.0"; sha256 = "102hvhq2gmlcbq8y2cb7hdr2dnmjzfp2k3asr1ycwrfacwyaak7n"; })
+  (fetchNuGet { name = "MimeMapping"; version = "1.0.1.30"; sha256 = "03523g0kniwqzm30arnkds79j2gqjmhp5297xg4472l6iyfwwmln"; })
+  (fetchNuGet { name = "Mono.Posix.NETStandard"; version = "1.0.0"; sha256 = "0xlja36hwpjm837haq15mjh2prcf68lyrmn72nvgpz8qnf9vappw"; })
+  (fetchNuGet { name = "NETStandard.Library"; version = "2.0.3"; sha256 = "1fn9fxppfcg4jgypp2pmrpr6awl3qz1xmnri0cygpkwvyx27df1y"; })
+  (fetchNuGet { name = "Newtonsoft.Json"; version = "10.0.1"; sha256 = "15ncqic3p2rzs8q8ppi0irl2miq75kilw4lh8yfgjq96id0ds3hv"; })
+  (fetchNuGet { name = "Newtonsoft.Json"; version = "11.0.2"; sha256 = "1784xi44f4k8v1fr696hsccmwpy94bz7kixxqlri98zhcxn406b2"; })
+  (fetchNuGet { name = "Newtonsoft.Json"; version = "12.0.2"; sha256 = "0w2fbji1smd2y7x25qqibf1qrznmv4s6s0jvrbvr6alb7mfyqvh5"; })
+  (fetchNuGet { name = "Newtonsoft.Json"; version = "12.0.3"; sha256 = "17dzl305d835mzign8r15vkmav2hq8l6g7942dfjpnzr17wwl89x"; })
+  (fetchNuGet { name = "Newtonsoft.Json"; version = "9.0.1"; sha256 = "0mcy0i7pnfpqm4pcaiyzzji4g0c8i3a5gjz28rrr28110np8304r"; })
+  (fetchNuGet { name = "Newtonsoft.Json.Bson"; version = "1.0.1"; sha256 = "1r1hvj5gjl466bya2bfl5aaj8rbwyf5x1msg710wf3k2llbci1xa"; })
+  (fetchNuGet { name = "Newtonsoft.Json.Bson"; version = "1.0.2"; sha256 = "0c27bhy9x3c2n26inq32kmp6drpm71n6mqnmcr19wrlcaihglj35"; })
+  (fetchNuGet { name = "NLog"; version = "4.7.5"; sha256 = "0bx890dmwpx569982m532ibxlfh0n24hz1hkkxnxkpvximm4hsm5"; })
+  (fetchNuGet { name = "NLog.Extensions.Logging"; version = "1.6.4"; sha256 = "0yxx1mvz2d54kq00x38dgql8lssjxv5mk1yvx73v3qff1qxi7iyz"; })
+  (fetchNuGet { name = "NLog.Web.AspNetCore"; version = "4.9.3"; sha256 = "1mv5zaiyysp9j3h90i1v1rk0b6a4cv8ll6l8gj634y6ppshb8xkj"; })
+  (fetchNuGet { name = "Polly"; version = "7.2.1"; sha256 = "0cjmjkr2kq2q2cch30m95hms8mq73pzcqcirzvpzcl0rirvp3map"; })
+  (fetchNuGet { name = "SharpZipLib"; version = "1.2.0"; sha256 = "0ynhx1qkjm723bwjwsrdviw1d2s9azndpa12dagrjshhma3igqm5"; })
+  (fetchNuGet { name = "System.AppContext"; version = "4.3.0"; sha256 = "1649qvy3dar900z3g817h17nl8jp4ka5vcfmsr05kh0fshn7j3ya"; })
+  (fetchNuGet { name = "System.Buffers"; version = "4.4.0"; sha256 = "183f8063w8zqn99pv0ni0nnwh7fgx46qzxamwnans55hhs2l0g19"; })
+  (fetchNuGet { name = "System.Buffers"; version = "4.5.0"; sha256 = "1ywfqn4md6g3iilpxjn5dsr0f5lx6z0yvhqp4pgjcamygg73cz2c"; })
+  (fetchNuGet { name = "System.Buffers"; version = "4.5.1"; sha256 = "04kb1mdrlcixj9zh1xdi5as0k0qi8byr5mi3p3jcxx72qz93s2y3"; })
+  (fetchNuGet { name = "System.Collections"; version = "4.3.0"; sha256 = "19r4y64dqyrq6k4706dnyhhw7fs24kpp3awak7whzss39dakpxk9"; })
+  (fetchNuGet { name = "System.Collections.Concurrent"; version = "4.3.0"; sha256 = "0wi10md9aq33jrkh2c24wr2n9hrpyamsdhsxdcnf43b7y86kkii8"; })
+  (fetchNuGet { name = "System.Collections.Immutable"; version = "1.3.1"; sha256 = "17615br2x5riyx8ivf1dcqwj6q3ipq1bi5hqhw54yfyxmx38ddva"; })
+  (fetchNuGet { name = "System.Collections.Immutable"; version = "1.5.0"; sha256 = "1d5gjn5afnrf461jlxzawcvihz195gayqpcfbv6dd7pxa9ialn06"; })
+  (fetchNuGet { name = "System.ComponentModel.Annotations"; version = "4.5.0"; sha256 = "1jj6f6g87k0iwsgmg3xmnn67a14mq88np0l1ys5zkxhkvbc8976p"; })
+  (fetchNuGet { name = "System.Console"; version = "4.3.0"; sha256 = "1flr7a9x920mr5cjsqmsy9wgnv3lvd0h1g521pdr1lkb2qycy7ay"; })
+  (fetchNuGet { name = "System.Diagnostics.Debug"; version = "4.3.0"; sha256 = "00yjlf19wjydyr6cfviaph3vsjzg3d5nvnya26i2fvfg53sknh3y"; })
+  (fetchNuGet { name = "System.Diagnostics.DiagnosticSource"; version = "4.5.0"; sha256 = "1y8m0p3127nak5yspapfnz25qc9x53gqpvwr3hdpsvrcd2r1pgyj"; })
+  (fetchNuGet { name = "System.Diagnostics.EventLog"; version = "5.0.0"; sha256 = "0cii8iq25awhlc3bl8i863b9415qisnhd3fkdwf41v4bpli6i5fr"; })
+  (fetchNuGet { name = "System.Diagnostics.FileVersionInfo"; version = "4.3.0"; sha256 = "094hx249lb3vb336q7dg3v257hbxvz2jnalj695l7cg5kxzqwai7"; })
+  (fetchNuGet { name = "System.Diagnostics.StackTrace"; version = "4.3.0"; sha256 = "0ash4h9k0m7xsm0yl79r0ixrdz369h7y922wipp5gladmlbvpyjd"; })
+  (fetchNuGet { name = "System.Diagnostics.Tools"; version = "4.3.0"; sha256 = "0in3pic3s2ddyibi8cvgl102zmvp9r9mchh82ns9f0ms4basylw1"; })
+  (fetchNuGet { name = "System.Dynamic.Runtime"; version = "4.3.0"; sha256 = "1d951hrvrpndk7insiag80qxjbf2y0y39y8h5hnq9612ws661glk"; })
+  (fetchNuGet { name = "System.Globalization"; version = "4.3.0"; sha256 = "1cp68vv683n6ic2zqh2s1fn4c2sd87g5hpp6l4d4nj4536jz98ki"; })
+  (fetchNuGet { name = "System.IO"; version = "4.3.0"; sha256 = "05l9qdrzhm4s5dixmx68kxwif4l99ll5gqmh7rqgw554fx0agv5f"; })
+  (fetchNuGet { name = "System.IO.Compression"; version = "4.3.0"; sha256 = "084zc82yi6yllgda0zkgl2ys48sypiswbiwrv7irb3r0ai1fp4vz"; })
+  (fetchNuGet { name = "System.IO.FileSystem"; version = "4.3.0"; sha256 = "0z2dfrbra9i6y16mm9v1v6k47f0fm617vlb7s5iybjjsz6g1ilmw"; })
+  (fetchNuGet { name = "System.IO.FileSystem.AccessControl"; version = "5.0.0"; sha256 = "0ixl68plva0fsj3byv76bai7vkin86s6wyzr8vcav3szl862blvk"; })
+  (fetchNuGet { name = "System.IO.FileSystem.Primitives"; version = "4.3.0"; sha256 = "0j6ndgglcf4brg2lz4wzsh1av1gh8xrzdsn9f0yznskhqn1xzj9c"; })
+  (fetchNuGet { name = "System.IO.Pipelines"; version = "4.5.2"; sha256 = "045sn3vyk5xysjjm19q4dj5c1g1rf8l98n4qsl9pl9id4fn08yq1"; })
+  (fetchNuGet { name = "System.IO.Pipelines"; version = "4.6.0"; sha256 = "0r9ygjbxpyi6jgb67qnpbp42b7yvvhgmcjxnb50k3lb416claavh"; })
+  (fetchNuGet { name = "System.Linq"; version = "4.3.0"; sha256 = "1w0gmba695rbr80l1k2h4mrwzbzsyfl2z4klmpbsvsg5pm4a56s7"; })
+  (fetchNuGet { name = "System.Linq.Expressions"; version = "4.3.0"; sha256 = "0ky2nrcvh70rqq88m9a5yqabsl4fyd17bpr63iy2mbivjs2nyypv"; })
+  (fetchNuGet { name = "System.Memory"; version = "4.5.0"; sha256 = "1layqpcx1q4l805fdnj2dfqp6ncx2z42ca06rgsr6ikq4jjgbv30"; })
+  (fetchNuGet { name = "System.Memory"; version = "4.5.1"; sha256 = "0f07d7hny38lq9w69wx4lxkn4wszrqf9m9js6fh9is645csm167c"; })
+  (fetchNuGet { name = "System.Memory"; version = "4.5.2"; sha256 = "1g24dwqfcmf4gpbgbhaw1j49xmpsz389l6bw2xxbsmnzvsf860ld"; })
+  (fetchNuGet { name = "System.Memory"; version = "4.5.3"; sha256 = "0naqahm3wljxb5a911d37mwjqjdxv9l0b49p5dmfyijvni2ppy8a"; })
+  (fetchNuGet { name = "System.Memory"; version = "4.5.4"; sha256 = "14gbbs22mcxwggn0fcfs1b062521azb9fbb7c113x0mq6dzq9h6y"; })
+  (fetchNuGet { name = "System.Numerics.Vectors"; version = "4.4.0"; sha256 = "0rdvma399070b0i46c4qq1h2yvjj3k013sqzkilz4bz5cwmx1rba"; })
+  (fetchNuGet { name = "System.Numerics.Vectors"; version = "4.5.0"; sha256 = "1kzrj37yzawf1b19jq0253rcs8hsq1l2q8g69d7ipnhzb0h97m59"; })
+  (fetchNuGet { name = "System.Reflection"; version = "4.3.0"; sha256 = "0xl55k0mw8cd8ra6dxzh974nxif58s3k1rjv1vbd7gjbjr39j11m"; })
+  (fetchNuGet { name = "System.Reflection.Emit"; version = "4.3.0"; sha256 = "11f8y3qfysfcrscjpjym9msk7lsfxkk4fmz9qq95kn3jd0769f74"; })
+  (fetchNuGet { name = "System.Reflection.Emit.ILGeneration"; version = "4.3.0"; sha256 = "0w1n67glpv8241vnpz1kl14sy7zlnw414aqwj4hcx5nd86f6994q"; })
+  (fetchNuGet { name = "System.Reflection.Metadata"; version = "1.4.2"; sha256 = "08b7b43vczlliv8k7q43jinjfrxwpljsglw7sxmc6sd7d54pd1vi"; })
+  (fetchNuGet { name = "System.Reflection.Metadata"; version = "1.6.0"; sha256 = "1wdbavrrkajy7qbdblpbpbalbdl48q3h34cchz24gvdgyrlf15r4"; })
+  (fetchNuGet { name = "System.Reflection.Primitives"; version = "4.3.0"; sha256 = "04xqa33bld78yv5r93a8n76shvc8wwcdgr1qvvjh959g3rc31276"; })
+  (fetchNuGet { name = "System.Resources.ResourceManager"; version = "4.3.0"; sha256 = "0sjqlzsryb0mg4y4xzf35xi523s4is4hz9q4qgdvlvgivl7qxn49"; })
+  (fetchNuGet { name = "System.Runtime"; version = "4.3.0"; sha256 = "066ixvgbf2c929kgknshcxqj6539ax7b9m570cp8n179cpfkapz7"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.0"; sha256 = "17labczwqk3jng3kkky73m0jhi8wc21vbl7cz5c0hj2p1dswin43"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.1"; sha256 = "1xcrjx5fwg284qdnxyi2d0lzdm5q4frlpkp0nf6vvkx1kdz2prrf"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.2"; sha256 = "1vz4275fjij8inf31np78hw50al8nqkngk04p3xv5n4fcmf1grgi"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "4.5.3"; sha256 = "1afi6s2r1mh1kygbjmfba6l4f87pi5sg13p4a48idqafli94qxln"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "4.7.1"; sha256 = "119br3pd85lq8zcgh4f60jzmv1g976q1kdgi3hvqdlhfbw6siz2j"; })
+  (fetchNuGet { name = "System.Runtime.CompilerServices.Unsafe"; version = "5.0.0"; sha256 = "02k25ivn50dmqx5jn8hawwmz24yf0454fjd823qk6lygj9513q4x"; })
+  (fetchNuGet { name = "System.Runtime.Extensions"; version = "4.3.0"; sha256 = "1ykp3dnhwvm48nap8q23893hagf665k0kn3cbgsqpwzbijdcgc60"; })
+  (fetchNuGet { name = "System.Runtime.InteropServices"; version = "4.3.0"; sha256 = "00hywrn4g7hva1b2qri2s6rabzwgxnbpw9zfxmz28z09cpwwgh7j"; })
+  (fetchNuGet { name = "System.Runtime.InteropServices.RuntimeInformation"; version = "4.0.0"; sha256 = "0glmvarf3jz5xh22iy3w9v3wyragcm4hfdr17v90vs7vcrm7fgp6"; })
+  (fetchNuGet { name = "System.Runtime.InteropServices.RuntimeInformation"; version = "4.3.0"; sha256 = "0q18r1sh4vn7bvqgd6dmqlw5v28flbpj349mkdish2vjyvmnb2ii"; })
+  (fetchNuGet { name = "System.Runtime.Numerics"; version = "4.3.0"; sha256 = "19rav39sr5dky7afygh309qamqqmi9kcwvz3i0c5700v0c5cg61z"; })
+  (fetchNuGet { name = "System.Security.AccessControl"; version = "4.5.0"; sha256 = "1wvwanz33fzzbnd2jalar0p0z3x0ba53vzx1kazlskp7pwyhlnq0"; })
+  (fetchNuGet { name = "System.Security.AccessControl"; version = "5.0.0"; sha256 = "17n3lrrl6vahkqmhlpn3w20afgz09n7i6rv0r3qypngwi7wqdr5r"; })
+  (fetchNuGet { name = "System.Security.Cryptography.Algorithms"; version = "4.3.0"; sha256 = "03sq183pfl5kp7gkvq77myv7kbpdnq3y0xj7vi4q1kaw54sny0ml"; })
+  (fetchNuGet { name = "System.Security.Cryptography.Cng"; version = "4.5.0"; sha256 = "1pm4ykbcz48f1hdmwpia432ha6qbb9kbrxrrp7cg3m8q8xn52ngn"; })
+  (fetchNuGet { name = "System.Security.Cryptography.Encoding"; version = "4.3.0"; sha256 = "1jr6w70igqn07k5zs1ph6xja97hxnb3mqbspdrff6cvssgrixs32"; })
+  (fetchNuGet { name = "System.Security.Cryptography.Primitives"; version = "4.3.0"; sha256 = "0pyzncsv48zwly3lw4f2dayqswcfvdwq2nz0dgwmi7fj3pn64wby"; })
+  (fetchNuGet { name = "System.Security.Cryptography.ProtectedData"; version = "5.0.0"; sha256 = "0jq1rcj5af2ydswld8ga3dyw2yi4c63wvb986b5kqsvpkwwc8x1b"; })
+  (fetchNuGet { name = "System.Security.Cryptography.X509Certificates"; version = "4.3.0"; sha256 = "0valjcz5wksbvijylxijjxb1mp38mdhv03r533vnx1q3ikzdav9h"; })
+  (fetchNuGet { name = "System.Security.Cryptography.Xml"; version = "4.5.0"; sha256 = "1rk40x0msf9k7sxnjyizagjns1z25dh3cf22bx6hsx6vhf0sk08l"; })
+  (fetchNuGet { name = "System.Security.Permissions"; version = "4.5.0"; sha256 = "192ww5rm3c9mirxgl1nzyrwd18am3izqls0hzm0fvcdjl5grvbhm"; })
+  (fetchNuGet { name = "System.Security.Principal.Windows"; version = "4.5.0"; sha256 = "0rmj89wsl5yzwh0kqjgx45vzf694v9p92r4x4q6yxldk1cv1hi86"; })
+  (fetchNuGet { name = "System.Security.Principal.Windows"; version = "5.0.0"; sha256 = "1mpk7xj76lxgz97a5yg93wi8lj0l8p157a5d50mmjy3gbz1904q8"; })
+  (fetchNuGet { name = "System.ServiceProcess.ServiceController"; version = "5.0.0"; sha256 = "1annp5kwwif6vfqn1x7vv3izwznxzb8ifvw3g9q3v0rrll26i99h"; })
+  (fetchNuGet { name = "System.Text.Encoding"; version = "4.3.0"; sha256 = "1f04lkir4iladpp51sdgmis9dj4y8v08cka0mbmsy0frc9a4gjqr"; })
+  (fetchNuGet { name = "System.Text.Encoding.CodePages"; version = "4.5.0"; sha256 = "19x38911pawq4mrxrm04l2bnxwxxlzq8v8rj4cbxnfjj8pnd3vj3"; })
+  (fetchNuGet { name = "System.Text.Encoding.CodePages"; version = "5.0.0"; sha256 = "1bn2pzaaq4wx9ixirr8151vm5hynn3lmrljcgjx9yghmm4k677k0"; })
+  (fetchNuGet { name = "System.Text.Encoding.Extensions"; version = "4.3.0"; sha256 = "11q1y8hh5hrp5a3kw25cb6l00v5l5dvirkz8jr3sq00h1xgcgrxy"; })
+  (fetchNuGet { name = "System.Text.Encodings.Web"; version = "4.5.0"; sha256 = "0srd5bva52n92i90wd88pzrqjsxnfgka3ilybwh7s6sf469y5s53"; })
+  (fetchNuGet { name = "System.Threading"; version = "4.3.0"; sha256 = "0rw9wfamvhayp5zh3j7p1yfmx9b5khbf4q50d8k5rk993rskfd34"; })
+  (fetchNuGet { name = "System.Threading.Tasks"; version = "4.3.0"; sha256 = "134z3v9abw3a6jsw17xl3f6hqjpak5l682k2vz39spj4kmydg6k7"; })
+  (fetchNuGet { name = "System.Threading.Tasks.Extensions"; version = "4.5.1"; sha256 = "1ikrplvw4m6pzjbq3bfbpr572n4i9mni577zvmrkaygvx85q3myw"; })
+  (fetchNuGet { name = "System.Threading.Tasks.Extensions"; version = "4.5.2"; sha256 = "1sh63dz0dymqcwmprp0nadm77b83vmm7lyllpv578c397bslb8hj"; })
+  (fetchNuGet { name = "System.Threading.Tasks.Parallel"; version = "4.3.0"; sha256 = "1rr3qa4hxwyj531s4nb3bwrxnxxwz617i0n9gh6x7nr7dd3ayzgh"; })
+  (fetchNuGet { name = "System.Threading.Thread"; version = "4.3.0"; sha256 = "0y2xiwdfcph7znm2ysxanrhbqqss6a3shi1z3c779pj2s523mjx4"; })
+  (fetchNuGet { name = "System.ValueTuple"; version = "4.3.0"; sha256 = "1227k7fxbxapq7dms4lvwwjdf3pr1jcsmhy2nzzhj6g6hs530hxn"; })
+  (fetchNuGet { name = "System.ValueTuple"; version = "4.5.0"; sha256 = "00k8ja51d0f9wrq4vv5z2jhq8hy31kac2rg0rv06prylcybzl8cy"; })
+  (fetchNuGet { name = "System.Xml.ReaderWriter"; version = "4.3.0"; sha256 = "0c47yllxifzmh8gq6rq6l36zzvw4kjvlszkqa9wq3fr59n0hl3s1"; })
+  (fetchNuGet { name = "System.Xml.XDocument"; version = "4.3.0"; sha256 = "08h8fm4l77n0nd4i4fk2386y809bfbwqb7ih9d7564ifcxr5ssxd"; })
+  (fetchNuGet { name = "System.Xml.XmlDocument"; version = "4.3.0"; sha256 = "0bmz1l06dihx52jxjr22dyv5mxv6pj4852lx68grjm7bivhrbfwi"; })
+  (fetchNuGet { name = "System.Xml.XPath"; version = "4.3.0"; sha256 = "1cv2m0p70774a0sd1zxc8fm8jk3i5zk2bla3riqvi8gsm0r4kpci"; })
+  (fetchNuGet { name = "System.Xml.XPath.XDocument"; version = "4.3.0"; sha256 = "1wxckyb7n1pi433xzz0qcwcbl1swpra64065mbwwi8dhdc4kiabn"; })
+  (fetchNuGet { name = "YamlDotNet"; version = "8.1.2"; sha256 = "1lmi5mdw4067a8yk8gv9kilv1hljflkc45pr5vvz8n09af6gn78b"; })
+]

pkgs/servers/jackett/updater.sh

@@ -0,0 +1,34 @@
+#!/usr/bin/env nix-shell
+#!nix-shell -i bash -p curl jq common-updater-scripts nuget-to-nix dotnet-sdk_5
+set -eo pipefail
+cd "$(dirname "${BASH_SOURCE[0]}")"
+
+deps_file="$(realpath "./deps.nix")"
+
+new_version="$(curl -s "https://api.github.com/repos/jackett/jackett/releases?per_page=1" | jq -r '.[0].name')"
+old_version="$(sed -nE 's/\s*version = "(.*)".*/\1/p' ./default.nix)"
+
+if [[ "$new_version" == "$old_version" ]]; then
+  echo "Already up to date!"
+  exit 0
+fi
+
+cd ../../..
+update-source-version jackett "${new_version//v}"
+store_src="$(nix-build . -A jackett.src --no-out-link)"
+src="$(mktemp -d /tmp/jackett-src.XXX)"
+cp -rT "$store_src" "$src"
+chmod -R +w "$src"
+
+pushd "$src"
+
+export DOTNET_NOLOGO=1
+export DOTNET_CLI_TELEMETRY_OPTOUT=1
+
+mkdir ./nuget_pkgs
+dotnet restore src/Jackett.Server/Jackett.Server.csproj --packages ./nuget_pkgs
+
+nuget-to-nix ./nuget_pkgs > "$deps_file"
+
+popd
+rm -r "$src"

pkgs/servers/matrix-synapse/default.nix

@@ -11,11 +11,11 @@ in
 with python3.pkgs;
 buildPythonApplication rec {
   pname = "matrix-synapse";
-  version = "1.46.0";
+  version = "1.47.0";
 
   src = fetchPypi {
     inherit pname version;
-    sha256 = "sha256-RcB+RSb/LZE8Q+UunyrYh28S7c7VsTmqg4mJIDVCX5U=";
+    sha256 = "sha256-SS7ETkYQ3XBihOA6TQp+6f0PNhhlUvMBR6fEYmiLT3k=";
   };
 
   patches = [

pkgs/servers/monitoring/icinga2/default.nix

@@ -1,4 +1,4 @@
-{ stdenv, lib, fetchFromGitHub, cmake, flex, bison, systemd
+{ stdenv, lib, fetchFromGitHub, fetchpatch, cmake, flex, bison, systemd
 , boost, openssl, patchelf, mariadb-connector-c, postgresql, zlib
 # Databases
 , withMysql ? true, withPostgresql ? false
@@ -9,19 +9,24 @@
 
 stdenv.mkDerivation rec {
   pname = "icinga2${nameSuffix}";
-  version = "2.13.1";
+  version = "2.13.2";
 
   src = fetchFromGitHub {
     owner = "icinga";
     repo = "icinga2";
     rev = "v${version}";
-    sha256 = "sha256-cGVUNO3p00bkPd4tPbipevuixHz8ptk6W8y1rl3dge8=";
+    sha256 = "sha256:1ijvav2ymgq1i8jycrqbp2y4r54y0dkwjnwxc20bmcixxh877zdn";
   };
 
   patches = [
     ./etc-icinga2.patch # Makes /etc/icinga2 relative to / instead of the store path
     ./no-systemd-service.patch # Prevent systemd service from being written to /usr
     ./no-var-directories.patch # Prevent /var directories from being created
+    # Fix the non-unity build
+    (fetchpatch {
+      url = "https://github.com/Icinga/icinga2/commit/2ad0a4b8c3852ad937fec9fc85780230257c821e.patch";
+      sha256 = "sha256:06qn7x73zbccmd8ycj46a29x2rr6qjwg0rr831wc2gc6q2k9d2g0";
+    })
   ];
 
   cmakeFlags = let

pkgs/servers/mpd/default.nix

@@ -98,7 +98,7 @@ let
       # using libmad to decode mp3 files on darwin is causing a segfault -- there
       # is probably a solution, but I'm disabling it for now
       platformMask = lib.optionals stdenv.isDarwin [ "mad" "pulse" "jack" "nfs" "smbclient" ]
-                  ++ lib.optionals (!stdenv.isLinux) [ "alsa" "io_uring" "systemd" "syslog" ];
+                  ++ lib.optionals (!stdenv.isLinux) [ "alsa" "pipewire" "io_uring" "systemd" "syslog" ];
 
       knownFeatures = builtins.attrNames featureDependencies ++ builtins.attrNames nativeFeatureDependencies;
       platformFeatures = lib.subtractLists platformMask knownFeatures;
@@ -117,13 +117,13 @@ let
 
     in stdenv.mkDerivation rec {
       pname = "mpd";
-      version = "0.23.2";
+      version = "0.23.4";
 
       src = fetchFromGitHub {
         owner  = "MusicPlayerDaemon";
         repo   = "MPD";
         rev    = "v${version}";
-        sha256 = "sha256-gn06t8S0hh5xe5V1vnXVHSb0FwxY40onUV+Bt7oL9ic=";
+        sha256 = "sha256-siMFLV1fKdRt8To6AhLXmAAsgqZCA/bbvmlhbb6hLic=";
       };
 
       buildInputs = [

pkgs/servers/zoneminder/default.nix

@@ -78,13 +78,13 @@ let
 
 in stdenv.mkDerivation rec {
   pname = "zoneminder";
-  version = "1.36.8";
+  version = "1.36.10";
 
   src = fetchFromGitHub {
     owner  = "ZoneMinder";
     repo   = "zoneminder";
     rev    = version;
-    sha256 = "sha256-UUpq4CCZq+EwVNGsLCQuVWdY3yoGw977AaMk1iJ6a5U=";
+    sha256 = "sha256-MmBnbVDitKOctPe2dNe1sMNNs/qEYGVq3UMJxAkLlCc=";
     fetchSubmodules = true;
   };
 

pkgs/top-level/all-packages.nix

@@ -23130,6 +23130,16 @@ with pkgs;
 
   gruvbox-dark-gtk = callPackage ../data/themes/gruvbox-dark-gtk { };
 
+  palenight-theme = callPackage ../data/themes/gtk-theme-framework { theme = "palenight"; };
+
+  amarena-theme = callPackage ../data/themes/gtk-theme-framework { theme = "amarena"; };
+
+  gruvterial-theme = callPackage ../data/themes/gtk-theme-framework { theme = "gruvterial"; };
+
+  oceanic-theme = callPackage ../data/themes/gtk-theme-framework { theme = "oceanic"; };
+
+  spacx-gtk-theme = callPackage ../data/themes/gtk-theme-framework { theme = "spacx"; };
+
   gruvbox-dark-icons-gtk = callPackage ../data/icons/gruvbox-dark-icons-gtk {
     inherit (plasma5Packages) breeze-icons;
   };

pkgs/top-level/python-packages.nix

@@ -4872,6 +4872,8 @@ in {
 
   mortgage = callPackage ../development/python-modules/mortgage { };
 
+  motionblinds = callPackage ../development/python-modules/motionblinds { };
+
   motioneye-client = callPackage ../development/python-modules/motioneye-client { };
 
   moto = callPackage ../development/python-modules/moto { };
@@ -8929,6 +8931,8 @@ in {
 
   stack-data = callPackage ../development/python-modules/stack-data { };
 
+  stanza = callPackage ../development/python-modules/stanza { };
+
   starlette = callPackage ../development/python-modules/starlette {
     inherit (pkgs.darwin.apple_sdk.frameworks) ApplicationServices;
   };